add router_groups.read to tcp router client

[ameowlia]

WHAT is this change about?

• this is needed for an upcoming tcp_router bug fix
• it will help fix this bug with overlapping router group ports and system component ports: TCP router fails to configure routes when there is a port conflict with a local process routing-release#184

What customer problem is being addressed? Use customer persona to define the problem e.g. Alana is unable to...

As an operator, Alana wants to know if there are any misconfigured router_groups that can cause a catastrophic bug at any time

Please provide any contextual information.

• Issue that this will help fix: TCP router fails to configure routes when there is a port conflict with a local process routing-release#184
• The actual fix will be included in a upcoming routing-release

Has a cf-deployment including this change passed cf-acceptance-tests?

• YES
• NO

Does this PR introduce a breaking change? Please take a moment to read through the examples before answering the question.

• YES - please choose the category from below. Feel free to provide additional details.
• NO

How should this change be described in cf-deployment release notes?

Add router_groups.read to tcp_router uaa client for upcoming tcp router fix

Does this PR introduce a new BOSH release into the base cf-deployment.yml manifest or any ops-files?

• YES - please specify
• NO

Does this PR make a change to an experimental or GA'd feature/component?

• experimental feature/component
• GA'd feature/component

Please provide Acceptance Criteria for this change?

1. Get the bearer token for the tcp_router client
2. See that you can read router_groups

curl -vvv -H "Authorization: bearer [uaa token]" http://api.system-domain.com/routing/v1/router_groups

What is the level of urgency for publishing this change?

• Urgent - unblocks current or future work
• Slightly Less than Urgent

Tag your pair, your PM, and/or team!

Team: @cloudfoundry/runtime

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/178013282

The labels on this github issue will be updated when the story is started.

[tcdowney]

Validation Steps

1. Deployed CF using the ameowlia-patch-1 branch
2. Initially targeted UAA using the cf-uaac gem and the CAPI team target_uaa script
3. Fetched the tcp_router's UAA token by looking up the uaa_clients_tcp_router_secret secret from CredHub and running:

uaac token client get tcp_router -s $uaa_clients_tcp_router_secret

4. Viewed my token using uaac context and confirmed it had the appropriate scopes.
5. Confirmed I could fetch router groups from the routing-api with it using the curl from the PR description. Got the following back as a response:

[{"guid":"29ce34dc-2879-4c9c-59db-d70ea016c642","name":"default-tcp","type":"tcp","reservable_ports":"1024-1033"}]

[tcdowney]

Looks good to me, thanks @ameowlia !