What is the problem this feature would solve? Please describe.

This feature would solve the following problems & issues:

• No ability to run the following command in "offline" mode. For example:

  doctl app spec validate .do/app.yml --schema-only
  Error: Unable to initialize DigitalOcean API client: access token is required. (hint: run 'doctl auth init')
  

  • Setup without token for offline commands such as app spec validation action-doctl#67
  • Fix doctl app spec validate LyraPhase/docker-phasik.tv#5

• Security Risk: GitHub Actions using digitalocean/action-doctl for App Schema validation always requires an API token

  • The current action & implementation for doctl app schema validate --schema-only ... makes it impossible to follow the principle of least priviledge
  • This prevents a proposed no_auth feature for digitalocean/action-doctl from being currently possible.

Describe the solution you'd like

Some way to validate a DigitalOcean App Spec in offline mode should be provided. A separate command (e.g. validate-offline) should be decoupled from the godo API client & auth initialization to support this use case.

Additional context

Currently, the doctl app spec validate command is tightly coupled to require godo init and doctl auth. The validateCommand is defined using CmdBuilder(), which calls cmdBuilderWithInit(..., true, options...) with initCmd set to true always (This is passed to NewCmdConfig() as the initGodo parameter which runs cmdConfig.initServices()).

As such, the --schema-only flag still requires doctl auth and a godo client is initialized. Unfortunately due to the way Cobra commands appear to be set up, the --schema-only flag is not available in the context where the command creation happens. Therefore, it seems that we must implement a new sub-command for this feature (e.g. doctl app spec validate-offline). The usage of cmdBuilderWithInit similar to this command PR seems to be the proper method to setup this new command.