feat: egress gw

[meganwolf0]

Description

Adds egress gateway and relevant Istio resources to UDS Core.

This PR contains:

• Addition of egressgateway component in the Istio zarf package (default is not included)
• Package CR update - extension of network.allow parameters to support a defined remoteHost and remoteProtocol for workloads to send traffic
• Controller updates to create needed egress resources to route traffic to the egress gateway workload
• Tests and docs

Notes to reviewers

• The addition of shared resources that multiple Package CRs are updating seemed to be a fairly uncommon pattern in the uds-operator (the exception probably being the authservice secret) - the reconciliation of these values lives in an in-memory map, so if there are multiple processes that will be reconciling, this will become invalidated (to my understanding this is not a current operation)
• This is the design for sidecar only, assuming that at some point an ambient design will accompany or entirely replace this
• The purpose of the shared-egress-resources task in ./src/test/tasks.yaml` was to try and provide some validation that the reconciliation shared egress resources was successful. It was unclear to me if this testing would be more appropriate elsewhere.
• The grafana playwright test needed to be updated because for some reason with the addition of two namespaces, the grafana namespace fell out of the "visible" portion of the namespace dropdown that was being selected from

Related Issue

Fixes #776

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Other (security config, docs update, etc)

Steps to Validate

• Create a new Package CR with the appropriate network.allow specification to allow egress to only a particular host. See ./src/test/app-egress.yaml for examples.

Checklist before merging

• Test, docs, adr added or updated as needed
• Contributor Guide followed

[meganwolf0]

I guess I'm going to have to fix the unsigned commits 🙃

[mjnagel]

Did some local validation and it appears to work as expected for the most part. I want to spend a bit more time looking at the share resources and testing some things there as well but wanted to get this first batch of feedback submitted.

[chance-coleman]

I'm happy with this as is, would like to get approvals from rest of team before merge though.

[mjnagel]

Overall this is looking pretty good. My main concern at this point is with concurrency and race conditions, otherwise all the logic and resources seem sound.