Implement bypass actors for rulesets based on allowed_merge_teams and merge_bots

[amustaque97]

Summary

When creating rulesets from branch protection configurations, we need to add bypass actors based on allowed_merge_teams and merge_bots to allow specific teams and bots to bypass the ruleset restrictions.

Current Behavior

The construct_ruleset function creates rulesets with merge queue enabled but doesn't populate the bypass_actors field. This means that teams and bots that were previously allowed to push directly via branch protections won't have equivalent bypass permissions in rulesets.

Expected Behavior

Rulesets should include bypass actors that match the behavior of branch protections:

• Teams listed in allowed_merge_teams should be added as bypass actors
• Bots listed in merge_bots (e.g., Homu, rust-timer) should be added as bypass actors

Technical Details

Location: sync-team/src/github/mod.rs, function construct_ruleset (around line 951-952)

The challenge is that bypass actors require:

1. Team IDs (not just team names) - requires fetching team information from GitHub API
2. User IDs for bots - requires resolving bot usernames to GitHub user IDs

Implementation Notes

• Need to add API calls to fetch team IDs from team names
• Need to map bot names to their GitHub user IDs
• May need to pass SyncGitHub context to construct_ruleset to access the GitHub API client

Related Code

The branch protection equivalent uses PushAllowanceActor:

let mut push_allowances: Vec<PushAllowanceActor> = branch_protection
    .allowed_merge_teams
    .iter()
    .map(|team| api::PushAllowanceActor::Team(...))
    .collect();

[amustaque97]

I will pick this now :)

[marcoieni]

Closed by #2304
We will implement missing features if some repos need them.