Protected packages: REST API POST package protection rule

• Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA

What does this MR do and why?

Protected packages: REST API POST package protection rules

Adds a POST route to the REST API to create package protection rules for a project.

This is part of #457512 (closed) and still behind a feature flag.

🛠 with ❤ at Siemens

MR acceptance checklist

MR Checklist ( @nwittstruck)

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the javascript style guides
• Conforms to the database guides

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

1. Enable feature flag via rails c

Feature.enable(:packages_protected_packages)

2. You should be able to create a list of package protection rules with the REST api:

curl -k \
  --request POST \
  --url https://gdk.test:3443/api/v4/projects/7/packages/protection/rules \
  --header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA' \
  --header 'Content-Type: application/json' \
  --data '{
       "package_name_pattern": "package-name-pattern-*",
       "package_type": "npm",
       "minimum_access_level_for_push": "maintainer"
    }'