Describe the bug

#7619 removed limitations from passing both tenantID and authentication methods to continuous-test, but in practice, continuous-test will still only use one or the other methods.

The offending code appears to be in https://github.com/grafana/mimir/blob/main/pkg/continuoustest/client.go#L268-L274

if rt.bearerToken != "" {
    req.Header.Set("Authorization", "Bearer "+rt.bearerToken)
} else if rt.basicAuthUser != "" && rt.basicAuthPassword != "" {
    req.SetBasicAuth(rt.basicAuthUser, rt.basicAuthPassword)
} else {
    req.Header.Set("X-Scope-OrgID", rt.tenantID)
}

When passing both username/password AND tenantId to the latest pre-release binary, I am receiving
status_code=401 err="server returned HTTP status 401 Unauthorized and body "no org id\n" response in the mimir-continous-test output

To Reproduce

Steps to reproduce the behavior:

1. Start mimir with anonymous access disabled
2. Run mimir-continous-test -tests.write-endpoint http://mimir -tests.read http://mimir -tests.basic-auth-user foo -tests.basic-auth-password bar -tests.tenant-id test

Expected behavior

continuous-test sends both tenantID and auth headers to mimir.

Environment

• Infrastructure: K8s
• Deployment tool: [e.g., helm, jsonnet]

Additional Context

Mimir OSS running behind an authenticating reverse-proxy, this proxy just handles basic authentication and does not add/alter the X-Scope-ID header based on user.