Enhanced GitHub webhooks: support for secrets and for more events

[W95Psp]

Hi,

This PR enhances the support for GitHub's webhooks:

• add support for create, delete and pull_request events in addition to the push events;
• add the (more general) endpoint /api/webhook-github;
• deprecate and redirect to /api/webhook-github the endpoint /api/push-github;
• add support for optional verification of signed payloads from GitHub using secrets (Enable securing webooks #333).

The create and delete events are sent by GitHub when a reference (a tag, a branch) is created or deleted. This PR triggers an evaluation of every jobset that has an input of type github_refs and value the GitHub repo in stake. On pull_request, it's the same thing expected the type of the input should be githubpulls.

For signed payloads, secrets should be added to hydra.conf (via Includes). Each secret should be of the form below, where the keys owner and repo are regular expressions that filters the repository for which the secret secret apply.

<github_webhook>
  owner = owner_regex
  repo = repo_regex
  secret = foo
</github_webhook>

Is this approach fine, or did you guys have another idea in mind for this?
If that looks fine, I can write more tests in t/Hydra/Controller/API/checks.t.