Intents operator creates separate network policies for ingress and egress

[orishoshan]

Is your feature request related to a problem? Please describe.
The intents operator by default creates only ingress network policies. An experimental flag also allows to add egress network policies.
Ingress network policies are created to allow access TO a pod, so they apply to the destination.
Egress network policies are created to allow access FROM a pod, so they apply to the source.
This means that, when this experimental feature is enabled, one ClientIntent will result in two network policies being created: one on the server and one on the client.

In some cases this is fine, such as when the client is not also a server, which results in the minimal amount of network policies.
However, in some cases a client is also a server, so it is possible to create a single network policy to handle both ingress and egress for this pod.

This is in-line with what the intents-operator currently does for ingress, where it will create just 1 network policy for all clients. Keeping a small number of network policies aids debuggability.

Describe the solution you'd like
When possible, the intents operator should create a single network policy per pod, for both ingress and egress.

[amitlicht]

This was since implemented and available. The intents-operator will, by default, create a single network policy for pod, for both ingress and egress. This is controllable using configuration.