Feature/persistent api keys

[andreybavt]

Save API keys in DB so that they don't expire

I also extracted ml-worker-connect from /api/v2 into /public-api to start distinguishing API authenticated requests from regular internal api requests. In case we add some entry points specifically for public API access it should be under /public-api to enforce API Key authentication

[Inokinoki]

Will we change auth for internal worker later or also here?

[andreybavt]

yes, internal worker will use persistent API key too

[andreybavt]

I think we should generate a "system" api key upon first Giskard boot or take it from env variable and use it by internal worker. The benefits compared to current jwt mechanism:

• system api key will remain the same between restarts
• depending on how we generate it it can be known by backend and ml worker at boot time (in case it's set in the env variable). This makes the auth mechanism easier as there's no need to wait for backend to boot to generate a jwt token

[Inokinoki]

No problem, it will be an internal change.
I created GSK-1663 and we can do it later, apart from this PR.

[Inokinoki]

LGTM, the tests also passed.

I'll update #1277 after merge accordingly, if any

[Googleton]

Great feature!!

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
1 Code Smell

17.9% Coverage
0.0% Duplication