[Story] Stored credentials should be able to match multiple targets

[andrewazores]

Currently, stored credentials are essentially a conceptual mapping like <targetId, <jmx_user, jmx_pass>>. This works well enough, but it doesn't work well for larger-scale application deployments, or in particular for deployments with varying numbers of application container replicas that run the same actual code and have the same configuration for JMX credentials. For example, defining a JMX credential for a specific target application replica enables Automated Rules actions on that replica, but scaling the deployment to add a second replica will result in the existing Automated Rule failing to connect to the new replica because the existing credentials will not be associated with the new replica's different targetId (different Endpoint IP, assuming this is OpenShift for simplicity).

We already have two kinds of similar mechanism that could be repurposed and reused here: the Automated Rules matchExpression, or the GraphQL query filter. The matchExpression seems more natural and more powerful and would be easy to repurpose. Stored credentials would then simply be a conceptual mapping like <matchExpression, <jmx_user, jmx_pass>>. The next question that arises is which stored credential to use if there are multiple stored credentials where the expression evaluates to true for a given target application.

Tasks:

• [x] ~~Determine which stored credential to use if there are multiple stored credentials where the expression evaluates to true for a given target application. Pick the first? Pick a random one? Try each? Do we record the result of what happened? Where?~~The first matching credential is picked. It is up to the user to ensure they do not create overlapping credentials.
• [ ] Implement better storage, ie in a document database. Related to cryostatio/cryostat#937, probably the same database but a different table/collection
• [ ] cryostatio/cryostat-web#465