credentials: Allow net.Pipe with credentials/local

[Ongy]

net.Pipe is a go standard library abstraction to create in-process an in-process connected pair of net.Conn.
Using a specialized net.Listener and WithContextDialer this allows to create an in-process grpc Server/Client pair without an OS based roundtrip.

This is mainly useful in testing setups, where it avoids using a global (albeit plentyful) resoure.
Additionally, this will allow using the testing/synctest functionality once it becomes stable, since it handles net.Pipe but cannot deal with real networked connections.

It also provides an efficient self-connection that preserves utility features with grpc like the opentelemetry integration for setups that can be both micro-service oriented or in self-contained monoliths.

RELEASE NOTES:

• credentials: Allow using net.Pipe based connections with credentials/local authorization.

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: Ongy / name: Markus Ongyerth (2062bcd, 97dd7f8, 58a2a60)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.12%. Comparing base (7235bb7) to head (58a2a60).
⚠️ Report is 35 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8603      +/-   ##
==========================================
+ Coverage   81.86%   82.12%   +0.25%     
==========================================
  Files         415      415              
  Lines       40694    40699       +5     
==========================================
+ Hits        33316    33423     +107     
+ Misses       5993     5893     -100     
+ Partials     1385     1383       -2     

Files with missing lines	Coverage Δ
credentials/local/local.go	82.92% <100.00%> (+6.00%)	⬆️

... and 26 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[easwars]

@matthewstevenson88 : Could you please help review this from the security team's pov. Thanks.

[matthewstevenson88]

Redirecting review to @gtcooke94.

[gtcooke94]

Can you add some description for an example use case? Also, maybe an integration test showing this usage?

[Ongy]

I added some description pointing out the 3 aspects that lead me down this route.

• silly purity
• reading about synctest
• We do have self-connecting services that currently use the loopback itnerface for both tests and production workloads that can avoid exposing themselves to everyone.

[Ongy]

I'll see if I can figure out how to cleanly add some integration test.

[github-actions]

This PR is labeled as requiring an update from the reporter, and no update has been received after 6 days. If no update is provided in the next 7 days, this issue will be automatically closed.

[github-actions]

This PR is labeled as requiring an update from the reporter, and no update has been received after 6 days. If no update is provided in the next 7 days, this issue will be automatically closed.

[github-actions]

This PR is labeled as requiring an update from the reporter, and no update has been received after 6 days. If no update is provided in the next 7 days, this issue will be automatically closed.

[github-actions]

This PR is labeled as requiring an update from the reporter, and no update has been received after 6 days. If no update is provided in the next 7 days, this issue will be automatically closed.