feat: Add agent authentication based on instance ID

[kylecarbs]

Each cloud has it's own unique instance identity signatures, which
can be used for zero-token authentication. This change adds support
for tracking by "instance_id", and automatically authenticating
with Google Cloud.

[codecov]

Codecov Report

Merging #336 (648f40a) into main (67613da) will increase coverage by 0.13%.
The diff coverage is 64.75%.

@@            Coverage Diff             @@
##             main     #336      +/-   ##
==========================================
+ Coverage   67.39%   67.52%   +0.13%     
==========================================
  Files         143      145       +2     
  Lines        7806     7918     +112     
  Branches       77       77              
==========================================
+ Hits         5261     5347      +86     
- Misses       2008     2026      +18     
- Partials      537      545       +8     

Flag	Coverage Δ
unittest-go-macos-latest	66.49% <66.37%> (+0.21%)	⬆️
unittest-go-ubuntu-latest	67.41% <64.75%> (+0.24%)	⬆️
unittest-go-windows-2022	65.89% <66.37%> (+0.06%)	⬆️
unittest-js	63.61% <ø> (ø)

Impacted Files	Coverage Δ
provisioner/terraform/provision.go	70.17% <44.44%> (-1.45%)	⬇️
coderd/workspaceagent.go	52.63% <52.63%> (ø)
codersdk/workspaceagent.go	54.16% <54.16%> (ø)
coderd/coderd.go	95.37% <100.00%> (+0.17%)	⬆️
coderd/coderdtest/coderdtest.go	100.00% <100.00%> (ø)
coderd/provisionerdaemons.go	60.20% <100.00%> (+2.53%)	⬆️
provisionerd/provisionerd.go	69.72% <0.00%> (+0.39%)	⬆️
peer/channel.go	82.45% <0.00%> (+0.58%)	⬆️
... and 2 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 67613da...648f40a. Read the comment docs.

[bryphe-coder]

Ah, interesting - so we'll have to add token validation for all the cloud instances we support?

[jawnsy]

seems like longer term we might want to refactor these into some common interface or something

[bryphe-coder]

That sounds like a great idea @jawnsy ! @misskniss - I'm also thinking we'll need to track the work for adding additional validators for stuff we want to have in Alpha (EC2, Azure?)

[kylecarbs]

I tried to abstract it, but didn't think it was worth it. It'll make more intricate testing harder, because we want to mock the metadata server n' such.

Maybe eventually we can, but I wanted to keep the handlers in coderd.

[bryphe-coder]

Thanks for calling this out, didn't think about this case until reading through the code 👍

[bryphe-coder]

Neato, nice helper function 👍

[bryphe-coder]

Looks good to me! 👍