Broken tls setup for kas due to ignored kas.ingress.tls.secretName

Summary

gitlab kas secretName kas.ingress.tls.secretName is only used when global.ingress.configureCertmanager is truthy.

When using an external (official) certmanager setup, that requires configureCertmanager set to false,

You end up with a broken non generating tls cert as secretName default to the selfsigned wildcard one (gitlab-wildcard-tls)

External cert-manager setups should be supported (just like the registry where it works OK).

Steps to reproduce

Deploy configuration

Configuration used

global:
  edition: ce
  ingress:
    class: nginx
    configureCertmanager: false
    annotations:
      kubernetes.io/tls-acme: 'true'
      cert-manager.io/cluster-issuer: letsencrypt
kas:
  ingress:
    tls:
      secretName: 'gitlab-kas-tls'

Current behavior

Fallback to gitlab-wildcard-tls that is self-signed

Expected behavior

Properly use the given kas.ingress.tls.secretName without checking the value of configureCertmanager

Versions

CHART_VERSION:="6.3.1" APP_VERSION:="15.3.1"