Enable templating / default annotations for Ingress to Route mapping

[EBNull]

Is your feature request related to a problem? Please describe.

I would like to apply the ingress.pomerium.io/preserve_host_header annotation to all Ingress objects by default to make Pomerium act more consistently like other proxies instead of editing every Ingress object in the cluster.

Describe the solution you'd like

I would like the Pomerium CRD to grow a spec for DefaultIngressAnnotations which would serve as default annotation values. This could be added just after https://github.com/pomerium/ingress-controller/blob/7d860721a9db9ce69b580ccb6be4087d9d859ae5/pomerium/ingress_to_route.go#L26

Describe alternatives you've considered

• Editing every Ingress object in the cluster.
• Forking the ingress controller and adding https://github.com/pomerium/ingress-controller/blob/7d860721a9db9ce69b580ccb6be4087d9d859ae5/pomerium/ingress_to_route.go#L31 outside the if statement.
• Sticking with Traefik and somehow using Pomerium as a ForwardAuth entry for authn and authz

Explain any additional use-cases

Other configuration would be handled in the same manner.

Additional context

I'm evaluating switching from Traefik + Custom ForwardAuth to Pomerium, and this is one of the only two blockers I see.

[wasaga]

Ingress annotations are plaintext, so if we move some to CRD as default values we would definitely want them be strongly typed. like preserveHostHeader: true

this is one of the only two blockers I see

could you please make a ticket for another blocker?