feat: add gke auth command to argocd-k8s-auth (#5958)

[toVersus]

This PR adds support for GKE authentication to argocd-k8s-auth CLI introduced by #8032.

AWS (EKS) has first-class support for managing external clusters with IAM authentication since #588 but other cloud providers don't have such an easy configuration option.

Previously, with regard to GKE, we had to build custom image following the instruction described in BYOI (Build Your Own Image) and manually install gke-gcloud-auth-plugin (currently not open sourced? gke-gcloud-auth-plugin) or third party tools like sl1pm4t/gcp-exec-creds. Then register cluster using execProviderConfig to specify the command for thoese auth plugins.

Recently, #8032 introduced the mechanism to extend support for more cloud providers to add their own auth methods, so I added built-in support for GKE clusters. This PR requires neither extra dependencies nor complicated logic so I think it's easy to maintain like aws auth feature.

❯ CGO_ENABLED=0 go build -v -o $(pwd)/dist/argocd-k8s-auth ./cmd
❯ ./dist/argocd-k8s-auth gcp | jq
{
  "kind": "ExecCredential",
  "apiVersion": "client.authentication.k8s.io/v1beta1",
  "spec": {
    "interactive": false
  },
  "status": {
    "expirationTimestamp": "2022-04-24T03:30:58Z",
    "token": "**redacted**"
  }
}

Use this feature to manage external clusters with Workload Identity:

1. Create GKE cluster and enable Workload Identity

2. Create GCP service account for ArgoCD

3. Add appropriate role to GCP service account and optionally restrict access to the K8s resources using K8s RBAC. See Authenticating services.

4. Bind GCP service account to K8s service account and set annotation to K8s service account for argocd-application-controller and argocd-server. See Configure applications to use Workload Identity.

5. Edit cluster config field on existing Secret and replace execProviderConfig to use built-in argocd-k8s-auth binary described in updated doc. Don't forget to Base64 encode value in case of using data with Secret.

   apiVersion: v1
   kind: Secret
   metadata:
     name: mycluster-secret
     labels:
       argocd.argoproj.io/secret-type: cluster
   type: Opaque
   data:
     name: bXljbHVzdGVyLmNvbQ==
     server: aHR0cHM6Ly9teWNsdXN0ZXIuY29t
     config: ewogICJleGVjUHJvdmlkZXJDb25maWciOiB7CiAgICAiY29tbWFuZCI6ICJhcmdvY2QtazhzLWF1dGgiLAogICAgImFyZ3MiOiBbImdjcCJdLAogICAgImFwaVZlcnNpb24iOiAiY2xpZW50LmF1dGhlbnRpY2F0aW9uLms4cy5pby92MWJldGExIgogIH0sCiAgInRsc0NsaWVudENvbmZpZyI6IHsKICAgICJpbnNlY3VyZSI6IGZhbHNlLAogICAgImNhRGF0YSI6ICI8YmFzZTY0IGVuY29kZWQgY2VydGlmaWNhdGU+IgogIH0KfQ==

Closes #5958

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
  * [ ] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
  * [ ] Optional. My organization is added to USERS.md.
• I have signed off all my commits as required by DCO
  * [ ] I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).

[codecov]

Codecov Report

Merging #9190 (d40bd60) into master (185e580) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #9190      +/-   ##
==========================================
- Coverage   45.53%   45.51%   -0.02%     
==========================================
  Files         219      219              
  Lines       25897    25897              
==========================================
- Hits        11792    11787       -5     
- Misses      12463    12467       +4     
- Partials     1642     1643       +1     

Impacted Files	Coverage Δ
applicationset/services/scm_provider/github.go	75.29% <0.00%> (-5.89%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 185e580...d40bd60. Read the comment docs.

[alexmt]

This is awesome. Thanks a lot @toVersus !

LGTM.