Publicly Visible Coveralls Token

[FAlbertDev]

Hi @randombit , my colleagues noticed that Botan's Coveralls repository token is publicly visible in the ci.yml file. It seems sensible to hide this token in a GitHub secure variable, i.e., create a new one and revoke the old one. The token was introduced in #3512. I'm not very familiar with the Coveralls' system, so what do you think?