refactor: optimize GitHub token configuration for per-repository usage

[amine7536]

Overview

This PR refactors the GitHub token configuration mechanism to operate on a per-repository basis.

🔧 Per-Repository Token Configuration

• Before: GitHub tokens were configured globally for all providers at the beginning of each tick.
• After: Tokens are now configured only when actually needed, right before cloning/pulling GitHub repositories
• Only configures GitHub tokens when working with GitHub-hosted repositories
• This ensures fresh, valid tokens are used for each repository operation

♻️ Transport Reuse

• Reuses existing GitHub client transport instead of creating new transport instances
• Leverages the built-in token refresh mechanism of ghinstallation.Transport (the transport already has token expiration check)

ArgoCD Compatibility Benefits

This refactoring specifically addresses ArgoCD provider repository cloning issues when the repoURL is hosted on github.com. On the first "tick" cloning will fail because the Github token is not set properly.

• Token Freshness: Ensures tokens are checked and renewed before each repository operation
• Per-Repo Authentication: Each repository clone/pull gets a fresh, validated token
• Reduced Authentication Failures: Eliminates stale token issues that could cause ArgoCD sync failures

Files Changed:

• internal/providers/github/root.go: token management with github client transport reuse
• pkg/daemon/daemon.go: moved token configuration to per-repository basis

Key Changes:

• Moved GitHub token configuration from global tick() method to per-repository cloneOrPull()
• Added GitHub repository detection

[amine7536]

#sre