Incorporate FAC Egress Proxy into Shared Modules

[asteel-gsa]

As discussed with Ryan, we at the FAC would like to incorporate our Egress Proxy that references the cg-egress-proxy to create the necessary https proxy in a cloud.gov space.

The purpose of this module is to:

• Creates an egress proxy in the designated space
• Adds network-policies so that clients can reach the proxy
• Creates a user-provided service instance in the client space with credentials

Ticket is subject to change as this is a temporary placeholder to give a brief overview.

[rahearn]

@asteel-gsa I'm going to take this on soon. Is everything in the description still up-to-date? Any major changes to your implementation that I should know (and that wouldn't be obvious from just reading the implementation)

[asteel-gsa]

Everything is up to date @rahearn

There is one consideration we can discuss, and that is in relation to the proxy handling the client routing. I am working on a POC that moves our cloud.gov application deployment out of manifest.yml and into terraform, and one notable thing I changed was Moving the routing out of the proxy and into its own routes.tf file. This was done to now support the application deployments, and terraform managing it, rather than it being persistent and outside terraform's knowledge. We are probably a good few months away from consumption of this new deployment methodology, however, it is worth mentioning.