Validate Consul Namespace in Operator Token when using Connect w/ ACLs

[shoenig]

As part of #6701, Nomad Server will need to be able to validate provided "operator" Consul tokens on job submissions for Connect jobs with Consul Namespaces (being released in Consul v1.7.2+ enterprise).

https://www.consul.io/docs/enterprise/namespaces/index.html

[shoenig]

Namespaces help reduce operational challenges by removing restrictions around uniqueness of resource names across distinct teams, and enable operators to provide self-service through delegation of administrative privileges.

As a point of clarification, Consul Namespaces enable the namespacing of Consul ACL objects - namely roles, policies, and tokens. Things like service definitions or the KV space aren't themselves "namespaced" - they're still managed through the ACL policy definitions as usual. I don't think there's anything special Nomad needs to do to work with Consul Namespaces, since we validate against the service ACL policy definitions associated with a given operator token on job submission / update. The namespace of the supplied token and the roles / policies backing it up aren't relevant.

[github-actions]

I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.