feat: move constraints to gatekeeper

Package Owner Merge Request

Package Changes

Releases:

• https://repo1.dso.mil/platform-one/big-bang/apps/core/cluster-auditor/-/releases/0.3.0-bb.0
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/releases/3.4.0-bb.4
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/releases/3.4.0-bb.3
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/releases/3.4.0-bb.2
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/releases/3.4.0-bb.1

Moving OPA Constraints from cluster-auditor to OPA Gatekeeper package:

• https://repo1.dso.mil/platform-one/big-bang/apps/core/cluster-auditor/-/merge_requests/43
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/merge_requests/50
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/merge_requests/49
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/merge_requests/48
• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/merge_requests/46

Documentation only:

• https://repo1.dso.mil/platform-one/big-bang/apps/core/policy/-/merge_requests/47

Additional Details

Constraints are now called as post-install hooks inside OPA Gatekeeper. Flux handles this appropriately with the Helm Release.

Known issues or expected conflicts?

It is unclear what happens to CRDs already created with cluster-auditor when OPA gatekeeper upgrades.

Closes https://repo1.dso.mil/platform-one/big-bang/bigbang/-/issues/490