Proto validation of gRPC runtime credentials

[htuch]

In some places, e.g.

envoy/source/extensions/grpc_credentials/file_based_metadata/config.cc

Line 31 in 7267542

// TODO(htuch): This should probably follow the standard metadata validation pattern, but

,

envoy/source/extensions/grpc_credentials/aws_iam/config.cc

Line 39 in 7267542

credential.from_plugin(), ProtobufMessage::getNullValidationVisitor(),

, we're explicitly plumbing in a null proto validation visitor, rather than using something derived from server settings. We also, more generally, lack handling of proto validation failure.

In some sense, this is totally fine today, since these are not control plane API and don't use PGV. In principle, it might be useful to have unknown field validation here and PGV support, so opening this issue to track future work here.