Backport of WI: ensure Consul hook and WID manager interpolate services into release/1.7.x

[hc-github-team-nomad-core]

Backport

This PR is auto-generated from #20344 to be assessed for backporting due to the inclusion of the label backport/1.7.x.

The below text is copied from the body of the original PR.

---

Services can have some of their string fields interpolated. The new Workload Identity flow doesn't interpolate the services before requesting signed identities or using those identities to get Consul tokens.

Add support for interpolation to the WID manager and the Consul tokens hook by providing both with a taskenv builder. Add an "interpolate workload" field to the WI handle to allow passing the original workload name to the server so the server can find the correct service to sign.

This changeset also makes two related test improvements:

• Remove the mock WID manager, which was only used in the Consul hook tests and isn't necessary so long as we provide the real WID manager with the mock signer and never call Run on it. It wasn't feasible to exercise the correct behavior without this refactor, as the mocks were bypassing the new code.
• Fixed swapped expect-vs-actual assertions on the consul_hook tests.

Fixes: #20025

---

Smoke tested with the following jobspec:

jobspec

job "example" {

  group "web" {

    network {
      mode = "bridge"
      port "metrics" {
        to = 9000
      }
      port "www" {
        to = 8001
      }
    }

    service {
      name = "${NOMAD_GROUP_NAME}"
      port = "metrics"
    }

    task "http" {

      driver = "docker"

      service {
        name = "${NOMAD_TASK_NAME}"
        port = "www"
      }

      config {
        image   = "busybox:1"
        command = "httpd"
        args    = ["-vv", "-f", "-p", "8001", "-h", "/local"]
        ports   = ["www"]
      }

      resources {
        cpu    = 100
        memory = 100
      }

    }
  }
}

---

Overview of commits

• d56e8ad