feat(kuma-cp) initial connection policy support for Gateway

[jpeach]

Summary

Gateway resources create connections from the gateway (source) to
services running in the mesh (destination). Add support for matching
connection policies based on these sources and destinations.

The sources for connection policies are gateway listeners, but the
destinations aren't known until we process the relevant gateway route
types. So, we cache the policies that matched on the source (along with
their match rank) on each virtual host, and complete the match once the
final route table has been built.

Note that some Kuma connection policies are implemented by configuring
both the Envoy HTTP connection manager and the relevant upstream
cluster. These connection policies cannot be implemented in Gateway,
since they cannot configure the HTTP connection manager with different
setting for each destination.

Full changelog

N/A

Issues resolved

N/A

Documentation

N/A

Testing

• Unit tests
• E2E tests
• Manual testing on Universal
• Manual testing on Kubernetes

Backwards compatibility

• Add backport-to-stable label if the code is backwards compatible. Otherwise, list breaking changes.

[codecov-commenter]

Codecov Report

Merging #2933 (6f5aa97) into master (96217b5) will increase coverage by 0.11%.
The diff coverage is 86.40%.

@@            Coverage Diff             @@
##           master    #2933      +/-   ##
==========================================
+ Coverage   52.28%   52.40%   +0.11%     
==========================================
  Files         909      912       +3     
  Lines       52431    52515      +84     
==========================================
+ Hits        27413    27519     +106     
+ Misses      22825    22799      -26     
- Partials     2193     2197       +4     

Impacted Files	Coverage Δ
...plugins/runtime/gateway/gateway_route_generator.go	100.00% <ø> (+1.59%)	⬆️
pkg/plugins/runtime/gateway/route/table.go	100.00% <ø> (ø)
pkg/plugins/runtime/gateway/match/routes.go	66.66% <50.00%> (-5.56%)	⬇️
pkg/plugins/runtime/gateway/generator.go	79.71% <69.56%> (-1.96%)	⬇️
...ins/runtime/gateway/connection_policy_generator.go	86.11% <86.11%> (ø)
...g/plugins/runtime/gateway/route_table_generator.go	85.82% <95.65%> (+4.00%)	⬆️
pkg/core/policy/match.go	100.00% <100.00%> (ø)
pkg/plugins/runtime/gateway/match/policy.go	100.00% <100.00%> (ø)
pkg/plugins/runtime/gateway/plugin.go	100.00% <100.00%> (ø)
...kg/core/resources/apis/mesh/generated_resources.go	81.02% <0.00%> (+0.41%)	⬆️
... and 8 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 96217b5...6f5aa97. Read the comment docs.