Add support for org and repo level secret scanning and push protection

[roryscarson]

Prerequisites:

Is the functionality available in the GitHub UI? If so, please provide a link to information about the feature.

• Org Level Secret Scanning Push Protection
• Repo Level Secret Scanning Push Protection

Is the functionality available through the GitHub API? If the functionality is available, please provide links to the
API documentation (https://developer.github.com/v3/) as well as the Octokit documentation (https://octokit.github.io/).

• Under security_and_analysis

Specify which security and analysis features to enable or disable for the repository.
To use this parameter, you must have admin permissions for the repository or be an owner or security manager for the organization that owns the repository. For more information, see "Managing security managers in your organization."
For example, to enable GitHub Advanced Security, use this data in the body of the PATCH request: { "security_and_analysis": {"advanced_security": { "status": "enabled" } } }.
You can check which security and analysis features are currently enabled by using a GET /repos/{owner}/{repo} request.

New Feature

Github supports secrets scanning and blocking push commits. It's possible to enable this org wide at https://github.com/organizations/$ORG/settings/security_analysis with the following flags

• secret_scanning_new_repos: enabled
• secret_scanning_push_protection_new_repos: enabled

adding these to safe-settings would prevent drift from repo admins disabling it in individual repos.