crossplane v2: generate namespaced MRs

[erhancagirici]

Description of your changes

• Introduce namespaced MRs for crossplane v2 support.
• crossplane-runtime is bumped to v2
• upjet is bumped to v2
• TF provider is bumped to 6.39.0

notable API updates

• New namespaced MR APIs are under gcp-beta.m.crossplane.io group
• All new apis are version v1beta1
• ProviderConfig.gcp-beta.m.crossplane.io is now a namespaced API.
• Introduced the cluster-scoped ClusterProviderConfig.gcp-beta.m.crossplane.io for new APIs to refer to a cluster-scoped provider config.
• spec.providerConfigRef is now accepts kind parameter, ProviderConfig or ClusterProviderConfig for new MRs.
• spec.providerConfigRef now defaults to ClusterProviderConfig with name default when omitted.
• spec.writeConnectionSecretToRef and sensitive input parameters (e.g. spec.forProvider.fooSecretRef) for namespaced MRs are now local secret references, i.e. no namespace is supplied and same namespace with MR is assumed.
• cross-resource references in specs are now namespaced, and defaults to same namespace with the referring MR. Cross-namespace cross-resources are allowed.
• Legacy cluster-scoped MRs does NOT implement the above changes and they stay the same regarding above changes.
• Provider will serve both new namespaced and legacy cluster-scoped APIs.
• ⚠️ External Secret Store support is removed from ALL MRs (spec.publishConnectionDetailsTo is removed). This feature was alpha and it was decided to be removed from crossplane.
• This provider now has SafeStart capability (crossplane v2-only), which start controllers as their CRD appears.

repo structure changes:

• apis, controllers and examples now have scoped subdirectories as cluster and namespaced
• ⚠️ resource configurations are also now have scoped directories. Any configuration update should be done to both scopes if relevant.
• Added examples for namespaced MRs.

Backward-compatibility with crossplane v1 environments:

provider v2 version can be installed into crossplane v1 environments, with following notes:

• Along with cluster-scoped MRs, namespace-scoped MR CRDs will still be installed and they cannot be composed.
• SafeStart capability will be disabled.
• ⚠️ if you are upgrading from v1 providers, treat this as a regular version upgrade and check the release notes for breaking changes in the resource APIs. The package itself is v1 compatible, but there can be resources that had API changes.

I have:

• Read and followed Crossplane's contribution process.
• Run make reviewable to ensure this PR is ready for review.
• Added backport release-x.y labels to auto-backport this PR if necessary.

How has this code been tested

manually using all examples

NAMESPACE           NAME                                                               SYNCED   READY   EXTERNAL-NAME                                                           AGE
crossplane-system   projectserviceidentity.cloudplatform.gcp-beta.m.upbound.io/hc-sa   True     True    projects/official-provider-testing/services/healthcare.googleapis.com   3h51m

NAMESPACE           NAME                                                                 SYNCED   READY   EXTERNAL-NAME     AGE
crossplane-system   serviceaccount.cloudplatform.gcp-beta.m.upbound.io/nodepool          True     True    nodepool          3h51m
crossplane-system   serviceaccount.cloudplatform.gcp-beta.m.upbound.io/service-account   True     True    service-account   3h51m

NAMESPACE           NAME                                                         SYNCED   READY   EXTERNAL-NAME      AGE
crossplane-system   healthcheck.compute.gcp-beta.m.upbound.io/default            True     True    default            3h51m
crossplane-system   healthcheck.compute.gcp-beta.m.upbound.io/tcp-health-check   True     True    tcp-health-check   3h51m

NAMESPACE           NAME                                                         SYNCED   READY   EXTERNAL-NAME   AGE
crossplane-system   regionbackendservice.compute.gcp-beta.m.upbound.io/default   True     True    default         3h51m

NAMESPACE           NAME                                                                         SYNCED   READY   EXTERNAL-NAME             AGE
crossplane-system   regionsecuritypolicy.compute.gcp-beta.m.upbound.io/region-sec-policy-basic   True     True    region-sec-policy-basic   3h51m

NAMESPACE           NAME                                               SYNCED   READY   EXTERNAL-NAME   AGE
crossplane-system   cluster.container.gcp-beta.m.upbound.io/nodepool   True     True    nodepool        3h51m
crossplane-system   cluster.container.gcp-beta.m.upbound.io/primary2   True     True    primary2        3h51m

NAMESPACE           NAME                                                SYNCED   READY   EXTERNAL-NAME   AGE
crossplane-system   nodepool.container.gcp-beta.m.upbound.io/nodepool   True     True    nodepool        3h51m

NAMESPACE           NAME                                                            SYNCED   READY   EXTERNAL-NAME   AGE
crossplane-system   servertlspolicy.networksecurity.gcp-beta.m.upbound.io/default   True     True    default         3h51m