graphql: Introduce GraphQL Gateway

Created by: tsenart

This change set proposes the introduction of a GraphQL gateway as an implementation of schema federation, which we'd be able to leverage by building an automation-service separate from the frontend.

Schema federation is an approach for consolidating many GraphQL services into one. This is helpful for us to be able to contribute different portions of the full Sourcegraph GraphQL API with separate services.

The defining characteristic of schema federation (when compared to other techniques like schema delegation) is that we are allowed to spread the definition of a particular type across service boundaries where it makes sense. Allowing types to be defined this way not only gives us more flexibility, it also provides the gateway enough information to handle queries that span between multiple services without forcing us to write a bunch of logic by hand.

To this end, we're using https://gateway.nautilus.dev/intro

Open question

This change makes the internal frontend HTTP handler accept a X-User-ID header, trusting that the caller has authenticated the original request. In the normal request path, the external handler authenticates the request and forwards this header to the internal one. Since we don't have inter service authentication, the only protective measure against abuse is the network perimeter setup by admins. This hasn't changed.

I believe this is in line with our current threat model of the internal handler. Future additional internal GraphQL services would also use this header to authenticate the request.

Are there any outstanding concerns?