Testing: Test user for services requiring authentication

[bsipocz]

While it would probably need slightly different approaches for the different archives, I think it would be extremely beneficial to figure out ways to test services that require authentication. At least we should come up with a protocol that enables a few maintainers to be able to run the tests that are otherwise defaulted to be skipped due to the missing authentication.

The possible solutions as I see (please suggest additional ones):

• set up test user that has limited access to the archive data holding, its defails then can be shipped in the library, enabling anyone to run all the tests (but would limit access to data). This potentially needs the most support from the archive sides, and not much effort from the maintainers'.
• use secrets stored in the repo either as repo secrets, or deploy key, or webhook, or etc. This info would be visible only to admins to the repo, and integrated services, e.g. github action runs that run the CI. This may or may not require some work from the archives, and some from the maintainers' side.
• requiring maintainers to set up personal user accounts and run the remote tests regularly on their computers to check on the remote tests. This would require the most non-automatable work, almost only from the maintainers' side.

[keflavich]

Wherever we can have the first option, I strongly favor it. I'm not super inclined to use personal accounts for anything here, especially because proprietary rights change often by design and therefore tests go out of date frequently.

[bsipocz]

Oh, I wasnt even thinking about proprietary data access, only had in mind the services that requires some auth for access (casda cutouts, or astrometry.net, or Besancon). You're absolutely right that adding proprietary testing is another complication.

(I feel my order of preference is the current list, would prefer a solution that can be part of the automated CI rather than relying on personal configs).