Add CSI Volume Sentinel Policy scaffolding

[allisonlarson]

Description

Adds in the scaffolding for enabling Sentinel policies for CSI Volumes in enterprise. The additions are a hook for policy enforcement, and adding an override field to the csi create & register requests and a warnings response field. I've also updated the editor in the UI (with tests), and updated the CSI Volume documentation for the new Sentinel policy options. This work is modeled on the Sentinel policy work done for host volumes, so the documentation uses host volumes as the blueprint for the updates.

Testing & Reproduction steps

Some tests have been added that should protect against any issues with the added override and warning fields in the request/responses, but the CSI tests are currently lacking due to the requirement of the running plugin in order to successfully create/register a volume. The tests for the csi volume create and volume register commands don't succeed, and instead test that the error returned is expected (missing plugin). I figured that this is somewhat useful for testing that the new inputs/outputs don't blow up, as opposed to having no test at all, but open to any feedback about how to write a useful test.

Links

Contributor Checklist

• Changelog Entry If this PR changes user-facing behavior, please generate and add a
  changelog entry using the make cl command.
• Testing Please add tests to cover any new functionality or to demonstrate bug fixes and
  ensure regressions will be caught.
• Documentation If the change impacts user-facing functionality such as the CLI, API, UI,
  and job configuration, please update the Nomad website documentation to reflect this. Refer to
  the website README for docs guidelines. Please also consider whether the
  change requires notes within the upgrade guide.

Reviewer Checklist

• Backport Labels Please add the correct backport labels as described by the internal
  backporting document.
• Commit Type Ensure the correct merge method is selected which should be "squash and merge"
  in the majority of situations. The main exceptions are long-lived feature branches or merges where
  history should be preserved.
• Enterprise PRs If this is an enterprise only PR, please add any required changelog entry
  within the public repository.

[aimeeu]

Docs deploy previews

• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/docs/reference/sentinel-policy#submit-csi-volume-scope
• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/docs/reference/sentinel-policy#sentinel-csi-volume-objects
• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/api-docs/volumes#register-csi-volume
• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/commands/sentinel/apply#options
• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/commands/volume/create#options
• https://nomad-git-f-add-csi-policy-hooks-hashicorp.vercel.app/nomad/commands/volume/register#options

[tgross]

LGTM!

[aimeeu]

Thanks for creating/updating the docs. I left some style guide and presentation suggestions. Feel free to contact me if you have questions.

[tgross]

LGTM 👍

[aimeeu]

Awesome!

[github-actions]

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.