Add support for `apw` to get iCloud Keychain secrets

[Baelson]

Is your feature request related to a problem? Please describe.

On macOS, chezmoi can currently get passwords from the login keyring and not from the iCloud keyring (as noted in #1137)

Describe the solution you'd like

https://github.com/bendews/apw enables read-only CLI access iCloud keyring. It would be great if it was integrated into chezmoi so we can pull API Keys and other text based secrets into our keyring and replace them with chezmoi templates which get the secrets at chezmoi apply time.

Enable the following scenarios:

• Test chezmoi integration with : chezmoi secret keyring get --service=icloud_keyring --user=chezmoi_icloud
• Get password from template file:
• {{- if .personal -}}
  {{- icloud "chezmoi_icloud" -}}
  {{- end -}}

Describe alternatives you've considered

Use supported age/gpg encryption of the files with secrets.

Additional context

Video demo from apw repo

apw.mov

[halostatue]

Unfortunately this no longer works with modern macOS unless you disable SIP. See bendews/apw#10.

Unless this changes, I cannot recommend its inclusion.

[Baelson]

Thank you for the quick triage and response!