✨ checks: add GitHub Webhook check

[cpanato]

• Please check if the PR fulfills these requirements

• Tests for the changes have been added (for bug fixes / features)
• PR title follows the guidelines defined in https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md#pr-process

• What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
  This adds a new check to validate the GitHub repositories Webhooks if the webhook has a secret configured.
  Tested with a token with public_repo permission only and worked.

Fixes #1655

TODO:

• create a repo with webhooks configured to set up the e2e tests (@laurentsimon this is something that you can help with?)

• What is the current behavior? (You can also link to an open issue here)
  NONE

• What is the new behavior (if this is a feature change)?
  Add a new check to validate GitHub Webhook

• Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
  No

• Other information:

[codecov]

Codecov Report

Merging #1675 (77236bf) into main (d10ac0d) will increase coverage by 2.91%.
The diff coverage is 44.91%.

❗ Current head 77236bf differs from pull request most recent head 36076d8. Consider uploading reports for the commit 36076d8 to get more accurate results

@@            Coverage Diff             @@
##             main    #1675      +/-   ##
==========================================
+ Coverage   54.71%   57.62%   +2.91%     
==========================================
  Files          67       71       +4     
  Lines        6521     6639     +118     
==========================================
+ Hits         3568     3826     +258     
+ Misses       2713     2563     -150     
- Partials      240      250      +10     

[github-actions]

Integration tests success for
[bfd93e7]
(https://github.com/ossf/scorecard/actions/runs/1892072247)

[github-actions]

Integration tests success for
[4ac8dc5]
(https://github.com/ossf/scorecard/actions/runs/1892110248)

[github-actions]

Integration tests success for
[c1d955c]
(https://github.com/ossf/scorecard/actions/runs/1897677836)

[github-actions]

Integration tests success for
[6ec2f92]
(https://github.com/ossf/scorecard/actions/runs/1897682442)

[azeemshaikh38]

Looks good to me overall. Thanks for the awesome PR and for adding tests! Left some comments, please take a look.

[laurentsimon]

see comments inline

[laurentsimon]

UsesAuthSecret (as suggested by @azeemshaikh38) sounds good: it disambiguate the use case. HasSecret may be interpreted as a secret is stored and should be removed

[laurentsimon]

any update you'd like me to review?

[github-actions]

Integration tests success for
[ae28356]
(https://github.com/ossf/scorecard/actions/runs/2064721141)

[github-actions]

Integration tests success for
[54e0f3c]
(https://github.com/ossf/scorecard/actions/runs/2064756999)

[azeemshaikh38]

LG to submit.

[laurentsimon]

protobuf compilation error, not your fault. Re-launching

[github-actions]

Integration tests success for
[77236bf]
(https://github.com/ossf/scorecard/actions/runs/2067935123)

[cpanato]

i will rebase

[github-actions]

Integration tests success for
[5be197f]
(https://github.com/ossf/scorecard/actions/runs/2069688157)

[github-actions]

Integration tests success for
[2885c3f]
(https://github.com/ossf/scorecard/actions/runs/2070405159)

[github-actions]

Integration tests success for
[36076d8]
(https://github.com/ossf/scorecard/actions/runs/2071176374)

[cpanato]

all green now :)

[laurentsimon]

Thank you, fantastic work!

[cpanato]

thanks for all the reviews and feedback