🛠️ [TASK] : Add support for secrets

[jmgilman]

Currently, it's not possible for arbitrary secrets to be passed to a target. This is because it's impossible for the CI to distinguish when a target needs secrets, what those secrets are, and where to find them.

Luckily, secrets are always passed as a flag to the RUN command. This means it's possible to scan and extract the names of secrets being used in a given target. We can combine this with the assumption that all secrets must be defined as GitHub Action secrets (with the exact same name used in the target) to make it possible to arbitrarily pass the correct secrets.

The scanning will be implemented via the CLI and called before executing the target. The run action will have to be modified to use the GitHub API to fetch the secrets and dynamically set environment variables before running the earthly CLI.