Add visual review toolbar script to public directory

What does this MR do?

This MR adds a script to the public directory of the Rails app. That's pretty weird, right? It's part of gitlab-ee#10761, and it is the script users will include on their review apps in order to inject the toolbar that allows them to post comments directly from their review apps.

That means that it is entirely vanilla Javascript, contained entirely within one file, to fit within the constraints of the project. Someday, if the toolbar gets much larger this may change, but for the MVC, we are doing the stripped down version.

This MR covers the un-styled toolbar and will be followed by MRs adding the script to the MR widget for easy copying and another styling the toolbar in accordance with the documents posted at gitlab-ee#10761.

To see it in action, you can generate yourself a personal token and then can go to the tester app. The review app posts to sarahghp/review-app-tester#1 (closed).

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation created/updated or follow-up review issue created
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• Separation of EE specific content

Performance and testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• Tested in all supported browsers

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• Label as security and @ mention @gitlab-com/gl-security/appsec
• The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• Security reports checked/validated by a reviewer from the AppSec team