fix: add nolint:gosec annotations for new gosec rules

[chris-rock]

Summary

• golangci-lint v2.10.1 introduced stricter gosec rules (G117, G702, G704) that flag existing code, causing CI lint failures on all PRs (e.g. Bump the gomodupdates group with 2 updates #1395).
• Added //nolint:gosec annotations to 6 locations:
  • pkg/client/common/http.go:159 — G704 (SSRF false positive on client.Do)
  • pkg/client/mondooclient/types.go:51 — G117 (PrivateKey field name matches secret pattern)
  • pkg/imagecache/imagecache.go:151 — G117 (Password field in Docker config struct)
  • pkg/utils/k8s/private_registries.go:37 — G117 (Password field in Docker auth struct)
  • tests/framework/utils/executor.go:142,183 — G702 (command injection in test executor)

Test plan

• make lint passes locally with 0 issues

🤖 Generated with Claude Code

[github-actions]

Test Results

  5 files  ±0   42 suites  ±0   1h 5m 51s ⏱️ + 4m 25s
393 tests ±0  393 ✅ ±0  0 💤 ±0  0 ❌ ±0 
433 runs  ±0  431 ✅ ±0  2 💤 ±0  0 ❌ ±0 

Results for commit 776d096. ± Comparison against base commit b761aeb.