Implement Agent Functions to support secret lookups at catalog application time

Many modern infrastructures make use of key-value stores like Conjur by CyberArk, Consul and Vault by Hashicorp, or Apache Zookeeper. These services keep track of rapidly-changing information like the list of servers currently active in an application pool as well as provide a central, access-controlled distribution point for sensitive data like access tokens, login credentials, and encryption keys.

This epic tracks work towards a feature with the working title of "Agent Lookups", which provides a natural, intuitive interface to these services. Using the new Deferred type and a function, the agent consults the service as it applies the catalog, providing credentials if needed, and injects the result of the lookup into the appropriate place on the host.