Provide federated identity management and new types of workload attestation through the integration with SPIRE. This does not include productisation of SPIRE yet, we're only adding necessary config options, code changes and documentation.

Upstream enhancements to SDS

ACs:

• Workload certificates are provided by SPIRE through SDS
• When establishing a federation, root certificates have to be exchanged
• No hostPath mounts are being used by workload pods
• All unit, integration and acceptance tests pass