Tempo/Authservice Integration

Currently Tempo is able to deploy (and deploys by default) an instance of Jaeger UI for trace queries. The UI is currently not protected by Authservice.

Goal of this issue is to provide the necessary values and toggles to put Tempo's UI behind Authservice. This will include (at minimum):

• network policies for Authservice communication
• sso values including enabled, client_id, client_secret
• proper templating to add authservice protection labels when sso is enabled
• proper templating to configure authservice chains for Tempo
• dev SSO values for deploying Tempo with SSO protection from login.dso.mil
• may want to change the dev Keycloak values to rename the client to tracing instead of jaeger

Note that the majority of this can be copied/modified from how Jaeger is configured to interact with Authservice. Since both are deployed onto the same tracing.<domain> URL by default we should be able to re-use the same dev client and copy a lot of the templating. Make sure to provide a separate chain entry for Tempo though, since we do allow for both tempo and jaeger to be deployed together currently.