Support token-based authentication in osc

[matwey]

Is your feature request related to a problem? Please describe.

When running osc commands in our CI environment, we're currently required to store and provide full openSUSE credentials (username and password). This presents two significant challenges:

• Security Risk: Even with secret storage solutions, exposing primary credentials in CI workflows creates potential vulnerability points.
• Maintenance Burden: Password changes require manual CI reconfiguration, creating unnecessary overhead and potential service disruptions.

Describe the solution you'd like
I'd like to propose adding support for OBS authentication tokens in the oscrc configuration. The implementation could offer two flexible options:

• Direct token specification in the config file (plaintext)
• External token reading via /run/secrets/osc_token (Docker secrets compatible)

Additional context
Reference to the initial mail-list discussion:
https://lists.opensuse.org/archives/list/buildservice@lists.opensuse.org/thread/WLXHNBY2RGR7UZPVXMKEURMCMQV2J4ZE/

[dcermak]

Note that the primary blocker is that OBS only supports tokens for release and remote service run API routes. So even if you could include tokens in oscrc, it would be pointless for 99% of the use cases

[hennevogel]

@matwey may I ask, what are you doing in your CI?