Refactor ftl secret --op so that it manages writes as well

[alecthomas]

Currently (by design) the 1Password secret provider requires references to existing password entries. This was by design to allow use of existing passwords, but it turns out that in practice this is both tedious and not used much. Let's change how this works such that 1Password works like all the other providers, managing setting the secrets directly as well. It might be easiest to just convert the existing

type OnePasswordProvider struct {
	OnePassword bool `name:"op" help:"Write 1Password secret references - does not write to 1Password." group:"Provider:" xor:"configwriter"`
}

To:

type OnePasswordProvider struct {
	OnePassword string `name:"op" help:"Manage secrets in this 1Password vault." group:"Provider:" xor:"configwriter" placeholder:"VAULT"`
}

Usage would then be something like this:

echo myPassword | ftl secret set --op myVault module.secretName

It would continue to prompt for the password if reading from stdin.

This would internally use the op reference op://myVault/module.secretName/secret or similar. The reference in ftl-project.toml is now in the format of op://vault with no reference to 1password items or fields.

Similarly, get will now assume the secret location based on the module name:

ftl secret get module.secretName
"hunter1"

This will look in the "myVault" vault for an entry called "module.secretName".