image: Remove inline credentials from remote context URLs

GitLab CI includes temporary tokens as inline basic auth in the
CI_REPOSITORY_URL variable. When passing this value as the remote main
or configuration context to BuildKit, it can end up in provenance
metadata.

While this isn't a huge security concern since the temporary CI tokens
expire after each job completes, it does expose some surface to exploit
via a timing attack: The short window of time after an image is
published but before the job completes and is garbage collected. It also
makes consuming provenance metadata tricky since all Git remote URLs
contain either masked or unmasked credential values.

Unconditionally strip credentials from remote context URLs. If
authentication is needed for private repos, we can handle that by
passing --secret options to buildctl build and binding the necessary
tokens to corresponding environment variables. See
https://docs.docker.com/build/building/secrets/

Refactored the handling of config and main context by introducing a
buildkit.Context class which encapsulates parsing of context URLs,
stripping auth, and logic around buildctl options, etc.