Gitops: support Github's new Fine-grained personal access tokens

[dejarikra]

What would you like to be added:

Github has added support for Fine-grained personal access tokens for over a year now. It would be great if EKS Anywhere would support using them alongside (or perhaps even instead of) classic PATs.

Why is this needed:

In contrast to classic Personal Access Tokens, the new Fine-grained personal access tokens have the following advantages:

• They can be configured to only allow access to a single repository
• They must have an expiration date (current maximum is 1 calendar year)

Allowing operators to use fine-grained access tokens (that only have access to the single repo Flux needs) will allow EKS Anywhere to be more widely used, especially in environments where security best practices regarding secret rotation and limited access is enforced.

Extra context:

I tried using a Fine-grained personal access token, which I gave all permissions possible (to only the correct repo, of course). Yet, eks anywhere gave the "not enough permissions error"

Error: failed to upgrade cluster: validating provider: github access token does not have repo permissions

Although I didn't confirm this, I suspect the above scenario and error message mean that the checks done by eksctl anywhere just need to be updated to accommodate Fine-grained personal access tokens.