Add a profile field to the authz.Rotate RPC. (openconfig#200)

* Add a `profile` field to the `authz.Rotate` RPC.

 * (M) authz/authz.proto
  - Where a gNSI server supporting the authz service is running on
    a target that supports multiple downstream gRPC services, it is
    currently required that the same authz policy is applied to all
    of them. Particularly, if the downstream gRPC servers MAY expose
    the same service, it is not possible to have different policies
    for each server. This PR adds a `profile` field that allows
    such endpoints to be disambiguated, similarly to the `profile`
    that is provided by certz.

* Fix lint errors.

* Fix typo.

* Add clarifications.

* Update generated files.

authz/authz.proto

@@ -148,6 +148,22 @@ message RotateAuthzRequest {
   // version` is already in use (is not unique).
   // It is a no-op for the `finalize_rotation` request.
   bool force_overwrite = 3;
+
+  // The profile for which the authz policy is being rotated. In the case that
+  // this field is not specified, the default authz policy which applies to all
+  // gRPC endpoints run by the target is assumed. Where non-default policies
+  // are to supported by an endpoint, the value of the profile determines which
+  // set of policies are to be rotated.
+  //
+  // It is not permitted to rotate multiple profiles' policies at the same time
+  // - if a `Rotate` RPC is in progress for profile "foo" (i.e.,
+  // `upload_request` has been supplied, but the rotation has not been
+  // finalised), and a second `RotateAuthzRequest` with `upload_request` is sent
+  // from the client for profile "bar" this is considered an error.
+  //
+  // Note that the authz profile is considered independent from a SSL profile
+  // ID (as referenced by gnsi.Certz).
+  string authz_profile_id = 4;
 }
 
 // Response messages from the target.