Add more rest remediations

[jhrozek]

Adds several more REST remediations. The only remaining ones are branch
protection which still need some work due to the way they work (you need to
PUT the whole request body, so we need to figure out a way to merge the
existing request)

To test them, you can either click the button in the UI to disable the secret
scanning or call:

curl -L -X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $TOKEN" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/jakubtestorg/testrepo \
-d '{ "security_and_analysis": {"secret_scanning": { "status": "disabled" } } }'

To test the selected actions:

curl -L -X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $TOKEN" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/jakubtestorg/testrepo/actions/permissions \
-d '{ "enabled": true, "allowed_actions": "all" }'

You should see your actions being reverted by mediator - note that for some reason
GH doesn't send a webhook back once you set the allowed_actions, so you might want
to trigger reconcile via another way..