feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.

1 files changed, 0 insertions, 19 deletions

diff --git a/vendor/getrandom/src/backends/solid.rs b/vendor/getrandom/src/backends/solid.rs
deleted file mode 100644
index caa773f8..00000000
--- a/vendor/getrandom/src/backends/solid.rs
+++ /dev/null
@@ -1,19 +0,0 @@
-//! Implementation for SOLID
-use crate::Error;
-use core::mem::MaybeUninit;
-
-pub use crate::util::{inner_u32, inner_u64};
-
-extern "C" {
-    pub fn SOLID_RNG_SampleRandomBytes(buffer: *mut u8, length: usize) -> i32;
-}
-
-#[inline]
-pub fn fill_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    let ret = unsafe { SOLID_RNG_SampleRandomBytes(dest.as_mut_ptr().cast::<u8>(), dest.len()) };
-    if ret >= 0 {
-        Ok(())
-    } else {
-        Err(Error::from_neg_error_code(ret))
-    }
-}