feat(gatewayapi): add gateways.kuma.io/cross-mesh annotation for GatewayAPI Gateways

[michaelbeaumont]

This proposes using the gateways.kuma.io/cross-mesh annotation to set all listeners to be cross-mesh for Gateway API Gateways. This presumably covers most use cases. Users wanting to mix cross-mesh/non cross-mesh listeners can fall back on MeshGateway.

Closes #4397

Checklist prior to review

• Link to docs PR or issue --
• Link to UI issue or PR --
• Is the issue worked on linked? --
• The PR does not hardcode values that might break projects that depend on kuma (e.g. "kumahq" as a image registry) --
• The PR will work for both Linux and Windows, system specific functions like syscall.Mkfifo have equivalent implementation on the other OS --
• Unit Tests --
• E2E Tests --
• Manual Universal Tests -- none
• Manual Kubernetes Tests --
• Do you need to update UPGRADE.md? --
• Does it need to be backported according to the backporting policy? --
• Do you need to explicitly set a > Changelog: entry here?

[codecov-commenter]

Codecov Report

Merging #4911 (ca08fb3) into master (22c157d) will increase coverage by 0.05%.
The diff coverage is 42.85%.

@@            Coverage Diff             @@
##           master    #4911      +/-   ##
==========================================
+ Coverage   46.68%   46.73%   +0.05%     
==========================================
  Files         687      687              
  Lines       46656    46668      +12     
==========================================
+ Hits        21781    21812      +31     
+ Misses      22966    22950      -16     
+ Partials     1909     1906       -3     

Impacted Files	Coverage Δ
...e/k8s/controllers/gatewayapi/gateway_controller.go	0.00% <0.00%> (ø)
...e/k8s/controllers/gatewayapi/gateway_conversion.go	41.30% <64.28%> (+10.36%)	⬆️
pkg/core/resources/manager/cache.go	88.31% <0.00%> (+2.59%)	⬆️
pkg/plugins/leader/postgres/leader_elector.go	89.36% <0.00%> (+6.38%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[jakubdyszkiewicz]

Have you considered

kind: Gateway
spec:
  listeners:
  - tls:
      mode: Terminate
      options:
        cross-mesh: true

?

This way you can have listeners that are both cross-mesh and non-cross-mesh.

[michaelbeaumont]

Yeah. But it's the same as for MeshGateway, any service that can contact this Gateway will see an HTTP connection, not HTTPS. The fact that it's TLS is due to the underlying mesh. To me it feels off to have TLS/HTTPS as the protocol

[jakubdyszkiewicz]

please remember about docs

[michaelbeaumont]

@lahabana @johnharris85 WDYT? Any strong opinions?

[johnharris85]

No strong opinions.

[lahabana]

I get your point @michaelbeaumont sounds like we should go the way you've implemented atm

[lukidzi]

@michaelbeaumont Are we fine to merge it?

[michaelbeaumont]

@lukidzi Not yet, I want to try out another way using MeshGatewayConfig.

[michaelbeaumont]

Closing this for now for the more Gateway API-like MeshGatewayConfig.crossMesh