Allow expose section to use gateways other than admin, tenant, passthrough

[docandrew]

Is your feature request related to a problem? Please describe.

Currently the UDS Package CR only allows the selection of admin, tenant and passthrough for gateway choice. As the variety of UDS packages expand, and additional gateways are added by developers, it would be nice to be able to have Expose create the virtual service for custom gateways instead of having to provide both.

Describe the solution you'd like

Given the expose key with gateway: <custom> this should be supported.

[mjnagel]

Definitely makes sense to do imo. Changes to support this:

• Change our current schema to allow any string for gateway, but continue to default to tenant
• To simplify things we may need to make some assumptions, for example gateway: tenant = tenant-gateway in the istio-tenant-gateway today, so gateway: foobar might assume foobar-gateway in the istio-foobar-gateway namespace
• To provide some validation/safeguarding around this, we can add a watch for Gateway resources being created/deleted and use that to build a list of valid gateways. When an invalid gateway is specified we can either (1) fail the Package CR reconciliation (2) use our validator to deny it, which would require running the watch in the admission pods as well or (3) just reconcile with a best effort strategy and toss a warning event on the package CR