Use local auth before keystone for s3

This change is to have RGW use local authentication before Keystone
when both are enabled. This can improve performance:

https://cloudblog.switch.ch/2020/02/10/radosgw-keystone-integration-performance-issues-finally-solved/

Given that we do not duplicate local users in keystone with different
passwords this should be a safe change.

Change-Id: I976a47a5d68884ffb54a0ddd8ab802d69cecbf44

ceph-rgw/Chart.yaml

@@ -15,6 +15,6 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Ceph RadosGW
 name: ceph-rgw
-version: 0.1.10
+version: 0.1.11
 home: https://github.com/ceph/ceph
 ...

ceph-rgw/values.yaml

@@ -430,6 +430,7 @@ conf:
       rgw_keystone_implicit_tenants: true
       rgw_keystone_make_new_tenants: true
       rgw_s3_auth_use_keystone: true
+      rgw_s3_auth_order: "local, external, sts"
       rgw_swift_account_in_url: true
       rgw_swift_url: null
   rgw_s3:

releasenotes/notes/ceph-rgw.yaml

@@ -11,4 +11,5 @@ ceph-rgw:
   - 0.1.8 Add placement target delete support to RGW
   - 0.1.9 Use full image ref for docker official images
   - 0.1.10 Fix a bug in placement target deletion for new targets
+  - 0.1.11 Change s3 auth order to use local before external
 ...