* ui: add namespace handling

* refact:  add logical OR operator to handle unstructured  object.

* ui:  add logic for create permission computed property

* ui:  update token factory and variable ability to simulate create permissions for dev env

* Did-insert modifier to add an extra row when editing

* Defensive logic on model existing

* Defensive pattern on copy keyValues

* Error thrown if you have no KVs on save

* Acceptance tests for flash messages and no-key-value adds

* Post-hoc accounting for new variable path routing

* Trim on key before validating it as existing

Extend the GC job to support periodic key rotation.

Update the GC process to safely support signed workload identity. We
can't GC any key used to sign a workload identity. Finding which key
was used to sign every allocation will be expensive, but there are not
that many keys. This lets us take a conservative approach: find the
oldest live allocation and ensure that we don't GC any key older than
that key.

Move all the gossip keyring and key generation commands under
`operator gossip keyring` subcommands to align with the new `operator
secure-variables keyring` subcommands. Deprecate the `operator keyring`
and `operator keygen` commands.

* Add modified times and namespaces to layout

* Undo typing change

* Post-hoc accounting for new variable path routing

The blocking query for `Keyring.List` appended the keys for each pass
through the blocking query to the response. This results in mulitple
copies of keys in the response. Overwrite the `reply.Keys` field on
each pass through the blocking query to ensure we only get the
expected page of responses.

Adds a new policy block inside namespaces to control access to secure
variables on the basis of path, with support for globbing.

Splits out VerifyClaim from ResolveClaim.
The ServiceRegistration RPC only needs to be able to verify that a
claim is valid for some allocation in the store; it doesn't care about
implicit policies or capabilities. Split this out to its own method on
the server so that the SecureVariables RPC can reuse it as a separate
step from resolving policies (see next commit).

Support implicit policies based on workload identity

The `Encrypt` method generates an appropriately-sized nonce and uses
that buffer as the prefix for the ciphertext. This keeps the
ciphertext and nonce together for decryption, and reuses the buffer as
much as possible without presenting the temptation to reuse the
cleartext buffer owned by the caller.

We include the key ID as the "additional data" field that's used as an
extra input to the authentication signature, to provide additional
protection that a ciphertext originated with that key.

Refactors the locking for the keyring so that the public methods are
generally (with one commented exception) responsible for taking the
lock and then inner methods are assumed locked.

* Add Path only index for SecureVariables
* Add GetSecureVariablesByPrefix; refactor tests
* Add search for SecureVariables
* Add prefix search for secure variables

* chore:  update tests to handle invidual toggle responsibility

* chore:  prettify secure-variable-form template

* ui:  extract input group markup into seperate component

* ui:  update  component api to accept callback fns to be fired on cancel/prompt

* refact:  cancel callback should fire with outside click handler not on idle

* refact:  rename action to be more specific

* toast style notification init

* Notificatino styles and messaging for variable save

* pre-PR cleanup

* Typo fix and 5sec timeout

* Prevent text from overlapping the close button

* Bones of a just-in-time compaction pathTree

* wooo got compaction going in sub-ms times

* PR cleanup

* Path compaction tests

* lint fix to equal instead of .ok()

* Name prop specifically being equality checked

This PR splits SecureVariable into SecureVariableDecrypted and
SecureVariableEncrypted in order to use the type system to help
verify that cleartext secret material is not committed to file.

* Make Encrypt function return KeyID
* Split SecureVariable
Co-authored-by: Tim Gross <tgross@hashicorp.com>

Split the flag options for the `secure-variables keyring` into their
own subcommands. The gossip keyring CLI will be similarly refactored
and the old version will be deprecated.

* Validation tests for secure variables form: duplicate path error

* Validation for dot in key name

* Defensive pattern on copy keyValues

* variable index header and deletion hook

* Some visual improvements to edit header and back button

* Mirage fixtures for variables

* Deletion flow test

* Account for disabled state of add-more button

* Transition destination changes after design chat

* Simplified parent folder path by adding to variable model

* Lint cleanup

* test update to reflect path redirect on delete

* No longer have to re-traverse to a deleted var folder after deletion, tests updated

In order to support implicit ACL policies for tasks to get their own
secrets, each task would need to have its own ACL token. This would
add extra raft overhead as well as new garbage collection jobs for
cleaning up task-specific ACL tokens. Instead, Nomad will create a
workload Identity Claim for each task.

An Identity Claim is a JSON Web Token (JWT) signed by the server’s
private key and attached to an Allocation at the time a plan is
applied. The encoded JWT can be submitted as the X-Nomad-Token header
to replace ACL token secret IDs for the RPCs that support identity
claims.

Whenever a key is is added to a server’s keyring, it will use the key
as the seed for a Ed25519 public-private private keypair. That keypair
will be used for signing the JWT and for verifying the JWT.

This implementation is a ruthlessly minimal approach to support the
secure variables feature. When a JWT is verified, the allocation ID
will be checked against the Nomad state store...

* Notify a user if they try to make a variable with an existing path

* Stylize error fade

* Bugfix: if you click the dupe link to a variable you havent previously loaded, you lack its keyvalues

* rename and typefix for duplicate path warning

* Disable path input when model is not new

* isDisabled tests for secure variables path

Co-authored-by: Charlie Voiselle <464492+angrycub@users.noreply.github.com>

Replication for the secure variables keyring. Because only key
metadata is stored in raft, we need to distribute key material
out-of-band from raft replication. A goroutine runs on each server and
watches for changes to the `RootKeyMeta`. When a new key is received,
attempt to fetch the key from the leader. If the leader doesn't have
the key (which may happen if a key is rotated right before a leader
transition), try to get the key from any peer.

* Recursive trie-building with variable paths

* tree structure applied to new path routes and a new util class

* Breadcrumbs for SV paths and prompt when nothing exists at a path

* Lint and test cleanup

* Pre-review cleanup

* lintfix

* Abstracted pathtree each-ins into a new component class

* Path tree component styles

* Types added and PR feedback addressed

* Path tree to variable paths

* Slightly simpler path QP mods

* More pr feedback handling

* Trim moved into a function on variable model

* Traversal and compaction tests for PathTree

* Trim Path tests

* Variable-paths component tests

* Lint fixup for tests