Imported GitHub projects have auto-configured branch protection rules untracked in IaC

Bug/Issue

What was the problem?

Projects imported from GitHub are automatically configured with branch protection rules per https://docs.gitlab.com/user/project/import/github/#branch-protection-rules-and-project-settings

For the default branch, this is subsequently updated and managed by our IaC. For non-default branches the settings are not managed and can lead to problems like breaking mirroring.

Workaround

Branch protection rules can be manually updated to unblock replication as shown in the previously mentioned thread where we added "Maintainers" as allowed to push and merge.

Suggested Fix

This requires team discussion. Thoughts:

• We could have the ability to manage branch rules for more that the default branch
• We could have some sort of spot check for this for now
• We could think about having some sort of anthropomorphic three finger glove with a face that goes by the name "Import Helper" and makes a great MR to put imported repos under IaC control