Add delivery processors for security sync

What does this MR do and why?

In delivery we are interested in a better automation for merging the security changes on master from the security mirror into the canonical mirror at the end of each security release.

Here we are introducing two processors, one that automatically approves merge requests from the master branch of the security mirrors, targeting the default branch on the canonical mirror. And another one that verifies that bot approvals are only applied to the intended use cases.

Recorded demos

📼 bot approval and merge demo

📼 abuse prevention and remediation

Expected impact & dry-runs

These are strongly recommended to assist reviewers and reduce the time to merge your change.

See https://gitlab.com/gitlab-org/quality/triage-ops/-/tree/master/doc/scheduled#testing-policies-with-a-dry-run on how to perform dry-runs for new policies.

See https://gitlab.com/gitlab-org/quality/triage-ops/-/blob/master/doc/reactive/best_practices.md#use-the-sandbox-to-test-new-processors on how to make sure a new processor can be tested.

Action items

• If adding environment variables for reactive processors, update config/triage-web.yaml and .gitlab/ci/triage-web.yml
• (If applicable) Add documentation to the handbook pages for Triage Operations =>
• (If applicable) Identify the affected groups and how to communicate to them:
  • /cc @person_or_group =>
  • Relevant Slack channels =>
  • Engineering week-in-review