Replication for the secure variables keyring. Because only key
metadata is stored in raft, we need to distribute key material
out-of-band from raft replication. A goroutine runs on each server and
watches for changes to the `RootKeyMeta`. When a new key is received,
attempt to fetch the key from the leader. If the leader doesn't have
the key (which may happen if a key is rotated right before a leader
transition), try to get the key from any peer.

* Recursive trie-building with variable paths

* tree structure applied to new path routes and a new util class

* Breadcrumbs for SV paths and prompt when nothing exists at a path

* Lint and test cleanup

* Pre-review cleanup

* lintfix

* Abstracted pathtree each-ins into a new component class

* Path tree component styles

* Types added and PR feedback addressed

* Path tree to variable paths

* Slightly simpler path QP mods

* More pr feedback handling

* Trim moved into a function on variable model

* Traversal and compaction tests for PathTree

* Trim Path tests

* Variable-paths component tests

* Lint fixup for tests

Inactive and unused keys older than a threshold will be periodically
garbage collected.

After internal design review, we decided to remove exposing algorithm
choice to the end-user for the initial release. We'll solve nonce
rotation by forcing rotations automatically on key GC (in a core job,
not included in this changeset). Default to AES-256 GCM for the
following criteria:

* faster implementation when hardware acceleration is available
* FIPS compliant
* implementation in pure go
* post-quantum resistance

Also fixed a bug in the decoding from keystore and switched to a 
harder-to-misuse encoding method.

The core jobs to garbage collect unused keys and perform full key
rotations will need to be able to query secure variables by key ID for
efficiency. Add an index to the state store and associated query
function and test.

When a server becomes leader, it will check if there are any keys in
the state store, and create one if there is not. The key metadata will
be replicated via raft to all followers, who will then get the key
material via key replication (not implemented in this changeset).

* variables.new initialized

* Hacky but savey

* Variable wildcard route and multiple creatable at a time

* multiple KVs per variable

* PR Prep cleanup and lintfix

* Delog

* Data mocking in mirage for variables

* Linting fixes

* Re-implement absent params

* Adapter and model tests

* Moves the path-as-id logic to a serializer instead of adapter

* Classic to serializer and lint cleanup

* Pluralized save button (#13140)

* Autofocus modifier and better Add More button UX (#13145)

* Secure Variables: show/hide functionality when adding new values (#13137)

* Flight Icons added and show hide functionality

* PR cleanup

* Linting cleanup

* Position of icon moved to the right of input

* PR feedback addressed

* Delete button and stylistic changes to show hide

* Hmm, eslint doesnt like jsdoc-usage as only reason for import

* More closely match the button styles and delete test

* Simplified new.js model

* Secure Variables: /variables/*path/edit route and functionality (#13170)

* Variable edit page init

* Significant change to where we house model methods

* Lintfix

* Edit a variable tests

* Remove redundant tests

* Asserts expected

* Mirage factory updated to reflect model state

* Secure Variables: State Store
* Secure Variables: FSM
* Secure Variables: RPC
* Secure Variables: HTTP API
Co-authored-by: Tim Gross <tgross@hashicorp.com>

This changeset implements the keystore serialization/deserialization:

* Adds a JSON serialization extension for the `RootKey` struct, along with a metadata stub. When we serialize RootKey to the on-disk keystore, we want to base64 encode the key material but also exclude any frequently-changing fields which are stored in raft.
* Implements methods for loading/saving keys to the keystore.
* Implements methods for restoring the whole keystore from disk.
* Wires it all up with the `Keyring` RPC handlers and fixes up any fallout on tests.

Implement the upsert, list, delete, and rotate RPC handlers for the
secure variables keyring. Operations on the keyring itself are still
stubbed out.

Implement the basic upsert, list, and delete operations for
`RootKeyMeta` needed by the Keyring RPCs.

This changeset also implements two convenience methods
`RootKeyMetaByID` and `GetActiveRootKeyMeta` which are useful for
testing but also will be needed to implement the rest of the RPCs.

* Route init

* Bones of a mirage-mocked secure variables policy

* Functinoing policy for list vars

* Delog and transition on route

* Basic guard test

* Page guard tests for secure variables

* Cleanup and unit tests for variables ability

* Linter cleanup

* Set expectations for test assertions

* PR feedback addressed

* Read label changed to View per suggestion

* Add SecureVariable mock
* Add SecureVariableStub
* Add SecureVariable Copy and Stub funcs

Implement the core SecureVariable and RootKey structs in memdb,
provide the minimal skeleton for FSM, and a dummy storage and keyring
RPC endpoint.

Almost all GC jobs check the index of the objects being GC'd to see if
they're older than a configured threshold. This code was repeated six
times in `CoreScheduler` with only logging changes, so it seems safe
to extract it as its own method.

build: update golangci-lint to v1.46.2

build: git ignore go.work.sum files

This version of golangci-lint improves support for generics, but also
is more strict in copy vs. loop for slice copying.

connect: enable setting connect upstream destination namespace

Update service.check.task definition to match code