feat: New environment variable obfuscation functionality - CLI arguments

[matglas]

What this PR does / why we need it

This is the CLI part to https://github.com/in-toto/go-witness/pull/355 which add all the functionality.

Which issue(s) this PR fixes (optional)

Depends on:

• https://github.com/in-toto/go-witness/pull/355

Fixes:

• https://github.com/in-toto/go-witness/issues/275

Acceptance Criteria Met

• [ ] Docs changes if needed
• [ ] Testing changes if needed
• [ ] All workflow checks passing (automatically enforced)
• [ ] All review conversations resolved (automatically enforced)
• [ ] DCO Sign-off

Special notes for your reviewer:

[netlify[bot]]

✅ Deploy Preview for witness-project ready!

Name	Link
🔨 Latest commit	9a9c340c8feaf1702221a11115e7b53a32bbc672
🔍 Latest deploy log	https://app.netlify.com/sites/witness-project/deploys/673749f27ac2cf0008c994a4
😎 Deploy Preview	https://deploy-preview-522--witness-project.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.