Add API Key Authentication Support for Elasticsearch Storage

[danish9039]

Which problem is this PR solving?

part of

• [Feature]: Elasticsearch support for API Keys #7225

Description of the changes

• Adds API key authentication support to Elasticsearch storage backend alongside existing basic and bearer token authentication.
• It is part of the planned work to add support for API authentication, as discussed in Elasticsearch support for API Keys #7230 (comment)

Changes

• Added new authentication method - APIKeyAuthentication struct to support API key-based auth alongside existing basic/bearer token methods

• Dual source support - API keys can be loaded from files OR extracted from request context

• Hot reloading - File-based API keys automatically reload at configurable intervals (default 10s, 0 disables)

• New command flags - Added --es.api-key-file, --es.api-key-allow-from-context, --es.api-key-reload-interval

• New context module - Created apikey-context.go withGetAPIKey()and ContextWithAPIKey() functions

• Conditional logic - Health check disabled when AllowFromContext=true AND FilePath="" for both bearer tokens and API keys

How was this change tested?

• make test-ci
• make lint

Checklist

• I have read https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md
• I have signed all commits
• I have added unit tests for the new functionality
• I have run lint and test steps successfully
  • for jaeger: make lint test
  • for jaeger-ui: npm run lint and npm run test

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.47%. Comparing base (c20bd92) to head (e8a3f26).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7402      +/-   ##
==========================================
+ Coverage   96.46%   96.47%   +0.01%     
==========================================
  Files         375      376       +1     
  Lines       22958    23025      +67     
==========================================
+ Hits        22147    22214      +67     
  Misses        613      613              
  Partials      198      198              

Flag	Coverage Δ
badger_v1	9.00% <0.00%> (-0.06%)	⬇️
badger_v2	1.70% <0.00%> (-0.01%)	⬇️
cassandra-4.x-v1-manual	11.69% <0.00%> (-0.07%)	⬇️
cassandra-4.x-v2-auto	1.69% <0.00%> (-0.01%)	⬇️
cassandra-4.x-v2-manual	1.69% <0.00%> (-0.01%)	⬇️
cassandra-5.x-v1-manual	11.69% <0.00%> (-0.07%)	⬇️
cassandra-5.x-v2-auto	1.69% <0.00%> (-0.01%)	⬇️
cassandra-5.x-v2-manual	1.69% <0.00%> (-0.01%)	⬇️
elasticsearch-6.x-v1	16.60% <1.05%> (-0.11%)	⬇️
elasticsearch-7.x-v1	16.64% <1.05%> (-0.11%)	⬇️
elasticsearch-8.x-v1	16.79% <1.05%> (-0.11%)	⬇️
elasticsearch-8.x-v2	1.70% <0.00%> (-0.01%)	⬇️
elasticsearch-9.x-v2	1.70% <0.00%> (-0.01%)	⬇️
grpc_v1	10.22% <0.00%> (-0.07%)	⬇️
grpc_v2	1.70% <0.00%> (-0.01%)	⬇️
kafka-3.x-v1	9.69% <0.00%> (-0.06%)	⬇️
kafka-3.x-v2	1.70% <0.00%> (-0.01%)	⬇️
memory_v2	1.70% <0.00%> (-0.01%)	⬇️
opensearch-1.x-v1	16.69% <1.05%> (-0.11%)	⬇️
opensearch-2.x-v1	16.69% <1.05%> (-0.11%)	⬇️
opensearch-2.x-v2	1.70% <0.00%> (-0.01%)	⬇️
opensearch-3.x-v2	1.70% <0.00%> (-0.01%)	⬇️
query	1.70% <0.00%> (-0.01%)	⬇️
tailsampling-processor	0.47% <0.00%> (-0.01%)	⬇️
unittests	95.46% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[danish9039]

@yurishkuro can you please review this ,This PR finalizes our effort to add API authentication support for the Elasticsearch storage backend. #7230 (comment)

[yurishkuro]

this struct is identical to the previous one. Please merge into one, e.g. TokenAuthentication. And consolidate init functions, there's no need to repeat so much boiler plate and tests

[danish9039]

@yurishkuro We can definitely merge BearerAuthAuthentication and APIKeyAuthentication structs, but doing so would remove the ability to use both bearer token and API key simultaneously , authentication framework was refactored to support multiple authentication methods together, allowing both API key and bearer token authentication to be used concurrently.
#7230 (comment)

If we're okay with limiting the system to use either bearer token or API key at a time (but not both), then we can go ahead with merging the two structs .

Let me know your take on this .

[yurishkuro]

You can still have two fields in the auth config for bearer and api tokens, but they can reuse the same struct type to represent their data

[danish9039]

You can still have two fields in the auth config for bearer and api tokens, but they can reuse the same struct type to represent their data

got it !

[yurishkuro]

you don't need the other two types, I would just get rid of them, keep the code simpler

[danish9039]

Simplified as per your suggestion.

[graphite-app]

There's an extra tab character at the end of this line that should be removed for consistent formatting.

Suggested change

	}
	}

Spotted by Diamond

Is this helpful? React 👍 or 👎 to let us know.

[danish9039]

Addressed .