Authorization support for fetching includes

Description

When including external files in your pipeline definition using include keyword, these are fetched using HTTP/HTTPS requests. If you want to access files on another project with no public access (e.g., a private project on GitLab.com) you cannot because we still don't support basic auth schemas in URL, nor variables in the include value.

Proposal

Support inclusion from private projects, and potentially even other similar cases.

Steps:

1. support project variables: include: https://gitlab.com/api/.../include.yml&private_token=$MY_PAT
2. support basic HTTP auth schema: http(s)://user:password@example.com/path/to/include.yml

Variable expansion within these would be required to be supported so that access tokens/passwords would not have to be stored in cleartext in the ci.yml.