Keycloak: confirm if protect=keycloak is still a valid label

Confirm if protect=keycloak is still a valid label as described in benefits of using bigbang

To enable SSO for a workload, ensure the pods have these two labels:

• istio-injection=enabled: transparently injects mTLS service mesh protection into their application's Kubernetes YAML manifest
• protect=keycloak: makes an EnvoyFilter to auto inject an SSO Authentication Proxy in front of the data path to get to the application