SPIFFE scrape support

[kfox1111]

The SPIFFE Workload API can be used to get a tls client key/certificate and keep it up to date (they typically rotate hourly). Exporters can then verify that only the spiffe id associated with Prometheus is able to fetch data from them.

I'm thinking there should be two new options added,
in scrape_config.tls_config, an option added for saying to use spiffe for this target

and an option up at the global section to specify where the spiffeSocketPath