fix(argocd-image-updater): Add ServiceMonitor TLS and authorization options

[ystkfujii]

Summary

This PR adds optional ServiceMonitor settings for Argo CD Image Updater metrics scraping:

• metrics.serviceMonitor.scheme
• metrics.serviceMonitor.tlsConfig
• metrics.serviceMonitor.authorization

This is related to #3815, where the metrics endpoint is served over HTTPS on port 8443, but the generated ServiceMonitor currently does not allow configuring the scrape scheme or TLS settings.

With this change, users can configure HTTPS metrics scraping, for example:

metrics:
  enabled: true
  serviceMonitor:
    enabled: true
    scheme: https
    tlsConfig:
      insecureSkipVerify: true

This PR intentionally does not change the default ServiceMonitor behavior. If scheme is not specified, Prometheus Operator defaults to HTTP. Changing the chart default to HTTPS would be a behavior change for existing users, and making insecureSkipVerify: true the default would not be a safe default.

This PR also uses authorization instead of bearerTokenFile, since bearerTokenFile is deprecated in the Prometheus Operator API.

Checklist:

• I have bumped the chart version according to versioning
• I have updated the documentation according to documentation
• I have updated the chart changelog with all the changes that come with this pull request according to changelog.
• Any new values are backwards compatible and/or have sensible default.
• I have signed off all my commits as required by DCO.
• I have created a separate pull request for each chart according to pull requests
• My build is green (troubleshooting builds).