ARROW-16708: [Dev] Replace basic auth with token auth for JIRA

[assignUser]

No description provided.

[github-actions]

https://issues.apache.org/jira/browse/ARROW-16708

[kou]

@github-actions autotune

[kou]

I confirmed this with #13136 and this worked.

Could you also update dev/merge.conf.sample?

[pitrou]

+1, assuming it works :-)

[kou]

I confirmed this.

• For merging: +1
• For archery release changelog add: It works with invalid token. It seems that it works with anonymous access. How about removing the authentication feature?

diff --git a/dev/archery/archery/release.py b/dev/archery/archery/release.py
index 91dd129fdd..4b01716dad 100644
--- a/dev/archery/archery/release.py
+++ b/dev/archery/archery/release.py
@@ -85,11 +85,8 @@ class Issue:
 
 class Jira(JIRA):
 
-    def __init__(self, token=None,
-                 url='https://issues.apache.org/jira'):
-
-        token = token or os.environ.get('APACHE_JIRA_TOKEN')
-        super().__init__(url, token_auth=token)
+    def __init__(self, url='https://issues.apache.org/jira'):
+        super().__init__(url)
 
     def project_version(self, version_string, project='ARROW'):
         # query version from jira to populated with additional metadata

[assignUser]

@kou I was under the impression that archery release curate requires the auth but I tested it and it also works without it (makes sense, it is just reading issues not writing like the merge script). I think removing it makes sense in this case unless there are other functions that require auth that I am missing @kszucs @raulcd ?

[raulcd]

I've removed it and it seems not to be required for the cherry-pick command either:
archery release --jira-cache /tmp/jiracache cherry-pick 9.0.0
Unless we find a specific place where is required I am ok removing it.

[kou]

+1