Refactor the QA framework to make `Runtime::Env` read-only

The following discussion from !29937 (merged) should be addressed:

• @mlapierre started a discussion: (+4 comments)

  I don't think we should change the value of anything in Runtime::Env -- it's supposed to represent environment variables, so it should be read-only.

This caused problems previously because we assume Runtime::Env will always contain the values set in the environment, so when a test changed Runtime::Env.personal_access_token subsequent tests failed.