Scrub tracked secrets and switch ATVM docs to local credential references

- remove hardcoded credentials, tokens, registration codes, and similar secret values from tracked ATVM and CDS MCP docs
- replace those values with references to /home/aw/code/cds/.env.credentials.local and the corresponding environment variable names
- update current operator guides to instruct sourcing .env.credentials.local before credential-dependent setup and automation workflows
- update the ATVM setup scripts to consume ATVM_TARGET_PASSWORD from the environment instead of hardcoding the Ubuntu root SSH password
- scrub the remaining tracked artifact log entry that still included the old CMC registration code
- keep the local-only credential inventory in .env.credentials.local while leaving that file untracked

atvm/docs/automation/guide.md

@@ -12,12 +12,12 @@ Run ATVM CMC automation tests on the designated automation VM without unintended
 ## ATVM Cypress Automation Controller Client
 - Hostname: `atvm-cypres-vm-1`
 - IP: `192.168.3.190`
-- Credentials: `root / atvmcdsi2012`
+- Credentials: source `/home/aw/code/cds/.env.credentials.local` and use `ATVM_CONTROLLER_USER` plus `ATVM_CONTROLLER_PASSWORD`
 
 ## ATVM Target Host Default
 - Treat `192.168.3.191` as the default ATVM target host reference.
 - For SSH to `192.168.3.191`, ignore host key mismatch by default with `-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null`.
-- For SSH to `192.168.3.191`, use default credentials `root / cdsi2012` unless the operator explicitly overrides them.
+- For SSH to `192.168.3.191`, source `/home/aw/code/cds/.env.credentials.local` and use `ATVM_TARGET_USER` plus `ATVM_TARGET_PASSWORD` unless the operator explicitly overrides them.
 
 ## Operating Constraints
 - Run only scripts/commands explicitly requested.