Only require secrets when mutating

Rename `with_lock` to more generic `mutating` and move the env_args
check to that point. This allows read-only actions to be run without
requiring secrets.

lib/mrsk/configuration.rb

@@ -170,7 +170,7 @@ class Mrsk::Configuration
   end
 
   def valid?
-    ensure_required_keys_present && ensure_env_available && ensure_valid_mrsk_version
+    ensure_required_keys_present && ensure_valid_mrsk_version
   end
 
 
@@ -205,6 +205,14 @@ class Mrsk::Configuration
     Mrsk::Configuration::Builder.new(config: self)
   end
 
+  # Will raise KeyError if any secret ENVs are missing
+  def ensure_env_available
+    env_args
+    roles.each(&:env_args)
+
+    true
+  end
+
   private
     # Will raise ArgumentError if any required config keys are missing
     def ensure_required_keys_present
@@ -229,14 +237,6 @@ class Mrsk::Configuration
       true
     end
 
-    # Will raise KeyError if any secret ENVs are missing
-    def ensure_env_available
-      env_args
-      roles.each(&:env_args)
-
-      true
-    end
-
     def ensure_valid_mrsk_version
       if minimum_version && Gem::Version.new(minimum_version) > Gem::Version.new(Mrsk::VERSION)
         raise ArgumentError, "Current version is #{Mrsk::VERSION}, minimum required is #{minimum_version}"