feat: use allow list for rclone (#1202)

Update rclone validation to use an allow list system:
* All storage types are listed and are explicitly allowed or blocked
* For all allowed storage types, all options are marked as allowed or blocked

This update also blocks potentially unsafe options (referring to a local file or a potential arbitrary command).

Tests in `test/components/renku_data_services/storage/test_rclone.py` are designed to help maintain the configuration of allowed storage types and storage options.

Author: leafty

components/renku_data_services/data_connectors/doi/schema_org.py

@@ -36,8 +36,8 @@ def get_rclone_config(dataset: SchemaOrgDataset, provider: DatasetProvider) -> S
         case DatasetProvider.envidat:
             return __get_rclone_s3_config_envidat(dataset)
         # TODO: Add scicat here
-        case x:
-            raise errors.ValidationError(message=f"Got an unknown dataset provider {x}")
+        case _:
+            raise errors.ValidationError(message=f"Got an unknown dataset provider {provider}")
 
 
 def __get_rclone_s3_config_envidat(dataset: SchemaOrgDataset) -> S3Config: