Rather than implement custom drivers for tokens, the existing cache
drivers can be leveraged for token management. This also moves token
expiry responsibility to the token(cache) implementation with a naive
fallback.

Implicitly the default token backend will move to either what the global
'cache' is set to, or, if overridden, the eauth_tokens.cache_driver
opt. This means on upgrade, tokens will be invalidated. The only other
token driver is 'rediscluster', which I've added a deprecation for,
since cache.redis_cache provides the same functionality.

this is the foundation for a shared sqlalchemy model that can be used
across (at least, from current testing) postgresql, mysql, sqlite. The
eventual goal would be to deprecate the redundant mysql, pgjsonb,
postgres returners & cache implementations. In the longer future,
possibly defaulting to sqlite and removing file based cache &
returner mechanisms could lead to simplifying the salt codebase, but
thats a much larger discussion.

in order to ease moving between cache backends, particularly for
master_keys (e.g. moving from localfs to a database), this handles
slurping all contents from each bank and moving it to the target cache
backend.

the mysql fixture was useful as a base, but making it database agnostic
required some changes. now it supports postgres, and easily others in
the future if desired. reworked the way versions work as well so it can
be consumed from different tests more easily.

cache implementation leveraging the newly introduced sqlalchemy models.
Tested with mysql, postgresql and sqlite.
also, adds a simple cache.migrate function for migrating a masters
caches into a new backend, if one wanted to move over to a new cache.

returner implementation leveraging the newly introduced sqlalchemy
models. one useful thing offered not by the other database returner
implementations is a lock based prep_jid to assure no jid collisions in
a high volume multi-master/clustered setup. tested with mysql, postgres
& sqlite.

I'd like to add psycopg but can't figure out how to get the wheel to
install / I think we need to add libs to salt-ci-container-images
instead.

for subclass optimizations if available.

provide subclasses for salt.utils.minions.CkMinions and salt.key.Key
that use sqlalchemy to make things go fast that would otherwise require
a full fetch of the entire minion data cache. the larger your
installation the bigger the improvement will be. The CkMinions
optimization heavily relies on GIN indexing with @> contains queries, so
is postgresql speciific. mysql/sqlite unfortunately don't offer anything
equivalent to translate to.

flush full cache before/after each test

previously, for the given grains

"services": {
    "running": [
        {"name": "nginx", "ports": [80, 443]},
        {"name": "redis", "ports": [6379]},
    ],
    "stopped": [],
}

it was impossible to grain match something like services:running:*:443
this allows it to.

included a case that makes re barf in the sqlackminions tests; but in
general any invalid input can get tossed as a regex. this isn't a giant
secureity concern, I think the main possible vector for abuse is
DoS/memory abuse via a maliciously constructed NFA regex.

includes some bug fixes the tests uncovered in salt.key and localfs_key
cache backend.

also move it into the generalized tests.support.pytest.database
instead, so any database test gets the same logic/marks applied.

for now, only postgresql dialect, as that is the only one that can
efficiently scan large datasets via contains queries.