Cleaned code for Option3 (consistent selector); added validation.

[bwplotka]

Some decision rationales:

• Only ClusterSecretKeySelector for consistency and explicitness. We could rename it to SecretKeySelector I guess.
• Credentials and others etc are optional for compatibiltiy AND name is similar to e.g. secretKeyRef in https://pkg.go.dev/k8s.io/api/core/v1#EnvVarSource It feels cleaner this way and allows extensions if needed (e.g. credentials from some different secret provider). It could be SecretKeyRef or Ref or *SecretRef suffix but chosen something that reflects it's not a string, but also not too verbose.
• Flattened the structure, make it a pointer, for simplicity.
• Detached low level types from scrape in comments (it's generic HTTP)
• One method for accessing things (and adding used secrets) for smaller boilerplate

Verification

• Unit && e2e tests
• Manually running e2e against cluster and trying to access metric from authorized endpoint

1. Added time.Sleep in podmon success test case
2. Run:GMP_CLUSTER=bwplotka-test NO_DOCKER=1 TEST_RUN=TestBasicAuth/full make e2e
3. Checked PodMonitoring target status is OK

Config:

4. Prometheus UI:

5. Metric from secure endpoint visible

6. Verified the endpoint is secure