[v14] Add bot field to certificates and various usage events (#35881)

[timothyb89]

Backport of #35881 for branch/v14

changelog: Added new certificate extensions and usage reporting flags to explicitly identify Machine ID bots and their cluster activity

---

• Add bot field to certificates and various usage events

This adds a new certificate extension field, teleport-bot, to certificates issued to Machine ID bot users that can definitively identify certificates as having been issued to a bot user.

Additionally, this uses the new Bot identity flag to mark certain usage events as originating from bot users. As such, it includes a protobuf update from Cloud [1], which pulled in some small additional (mostly comment) changes.

[1] https://github.com/gravitational/cloud/pull/7060

• Small bot flag plumbing fixes

• Convert bot flag to BotName and UserKind enum

This makes a few changes to the bot tagging approach:

• The bot name is embedded in the cert rather than just true/false

• UserKind is included in events rather than just a bot flag, to allow for an unspecified value for older client nodes.

• Add a quick unit test for bot cert extensions

• Fix outdated grpc

• Include bot flag on initial certs

• Log a warning and override user kind for usage records if they differ

• Fix several unit tests; add a bot metadata test case

• Fix unit tests with UserKind zero value

• Rename SSH cert extension to use standard format

Renames the teleport-bot extension to bot-name@goteleport.com, to better follow SSH cert extension naming conventions.

• Attempt to improve unspecified userkind aggregating logic

[github-actions]

The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with changelog: followed by the changelog entries for the PR.