feat: credential graphs

[jakobmoellerdev]

What this PR does / why we need it

This adds a credential graph that can ingest OCM style credential configurations from sources such as .ocmconfig and recursively resolve them based on plugins resolved dynamically.

direct credentials are resolved statically are at O(1) lookup time for equal identities, and O(N) for dynamically matched credentials due to the dynamic match nature of path attributes. (N = amount of stored credentials in the graph).

The credential graph allows for recursive lookups of dependent credentials.

Additionally, the graph allows for repository plugins to get their own credentials from direct credentials specified in the graph.

Note that it is explicitly forbidden right now to get credentials for one repository from another repository. while technically possible, it would require dynamic stack tracing of the credentials while they are being looked up to avoid a cycle. (this might change later based on requirements)

Which issue(s) this PR fixes

This is a prerequisite to implementing our first CLI plugins based on OCI. We want OCI credentials to be looked up based on ocmconfig, so we need a configuration resolver that is able to look up credentials based on a DAG.

This PR is still heavily wip and depends on #21

eventually resolves open-component-model/ocm-project#459

[gitguardian]

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

---

^{_{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}}

[jakobmoellerdev]

@fabianburth please review

[fabianburth]

Impressive work!

I'm not done with the review yet, but so far, I have mostly nits.
Still, I have to admit, the complexity is significant. I'm also still thinking whether the graph traversal logic could be separated even further from the business logic here.