Multiregion deployments use the `NomadTokenID` to allow the deploymentwatcher
to send RPCs between regions with the original submitter's ACL token. This ID
should be filtered from diffs so that it doesn't cause a difference for
purposes of job plans.

The api calls were reordered, the new order omits the
`agent-host.json` result by fetching it before the directory is
created.

This closes #8727, thanks to @jfcantu for the suggestion.
The CLI implementation of exec already has a 10-second
heartbeat so this mirrors that:
https://github.com/hashicorp/nomad/blob/v0.12.3/api/allocations.go#L161-L173

UI: Clean up erroneous and redundant mirage things

Everything else in the docs sidebars is alphabetized, so do it here too.

csi: plugins track jobs in addition to allocations, and use job information to set expected counts (#8699)

* nomad/structs/csi: add explicit job support
* nomad/state/state_store: capture job updates directly
* api/nodes: CSIInfo needs the AllocID
* command/agent/csi_endpoint: AllocID was missing
Co-authored-by: Tim Gross <tgross@hashicorp.com>

consul/connect: make use of task kind to determine service name in consul token checks

This changeset is the OSS hooks for what will be implemented in ENT.

When consul.allow_unauthenticated is set to false, the job_endpoint hook validates
that a `-consul-token` is provided and validates the token against the privileges
inherent to a Consul Service Identity policy for all the Connect enabled services
defined in the job.

Before, the check was assuming the service was of type sidecar-proxy. This fixes the
check to use the type of the task so we can distinguish between the different connect
types.

fix changelog entry placement

resolve prefix bugs around job scaling policies

consul/connect: add initial support for ingress gateways

Respect alloc job version for lost/failed allocs

Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>

`(alloc.DeploymentStatus == nil || !alloc.DeploymentStatus.IsCanary())`
and `!alloc.DeploymentStatus.IsCanary()` are equivalent.

To address review comments

Assorted small fixes

Fix Broken Learn Guide Links in Security Model

remove preemption, add cross-namespace queries

This continues #8455 by adding accessibility audits to component integration
tests and fixing associated errors. It adds audits to existing tests rather than
adding separate ones to facilitate auditing the various permutations a
component’s rendering can go through.

It also adds linting to ensure audits happen in component tests. This
necessitated consolidating test files that were scattered.

changelog entry for enterprise bug