Token based authentication for TracePipeline

[a-thaler]

Description

Additionally to plain header support, a more convenient way of specifying token based authentication will be good and fitting well to the already support basic auth approach.

Proposed API:

kind: TracePipeline
apiVersion: telemetry.kyma-project.io/v1alpha1
metadata:
  name: myPipeline
spec:
 otlp:
      protocol: grpc #grpc | http
      endpoint: 
          value: "myserver.local:55690"
          valueFrom:
            secretKeyRef:
                name: my-config
                namespace: default
                key: "endpoint"
      authentication:
        basic:
          user: {}
          password: {}
        token:
          type: "Bearer" # mandatory
          value: "my-token"
          valueFrom:
            secretKeyRef:
                name: my-config
                namespace: default
                key: "token"

Criterias

• Enable configuration of token based secrets for OTLP outputs in a TracePipeline so that it will work with a Dynatrace setup
• Secrets should stay secret via secrets, so plain text values and references to secrets needs to be supported as input for user and password
• OTLP endpoints are usually co-located with the credentials in the same secret, so it must be possible to reference the OTLP endpoint from the same secret
• Have unit tests assuring that the otel-collector config is generated proper
• Assure that the CRD has proper in-line documentation and potential constraints defined

Reasons
More convinient way for token based authentication

Attachments

[a-thaler]

The additional convenience is questionable and people are most likely happy with plain header support already: #16554

Will close the ticket till actual users are requesting it