set default algorithm suite when other auth pref fields are set

[nklaassen]

For new clusters in master and v17 we currently try to set a default cluster_auth_preference.spec.signature_algorithm_suite so that new clusters will use the new signature algorithms. However, we currently only set this default if the teleport.dev/origin label of the cluster_auth_preference is defaults. If the user sets any other field in the teleport.yaml config that ends up being stored in the cluster_auth_preference, the origin label ends up being config-file and the cluster doesn't get the new default signature_algorithm_suite.

This can cause unexpected behaviour - for example, if you don't set up webauthn in teleport.yaml your cluster gets the new algorithms, if you do set up webauthn you are stuck with RSA.

This PR updates the logic to set the default signature_algorithm_suite for new clusters whether or not any other field in the cluster_auth_preference is set in the config file.

[aws-amplify-us-west-2]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-47820.d3pp5qlev8mo18.amplifyapp.com