Secure the VMR synchronization using the `darc vmr push` command

[premun]

Context

As part of #11981, we have identified security hot spots in the VMR synchronization process and proposed what to do about them.

The last step is incorporating the darc vmr push command introduced as part of #12082 into the official installer CI pipeline that synchronizes the VMR.

Goals

• Create PAT that we use for the commit verification and store it in some KeyVault. Set up the secret manager (in arcade probably) to watch over this secret.
• Wire up the command with the PAT and the pipeline so that public branch pushes are verified and internal ones are not.

Test scenarious

• Pushing to a public branch where all commits are available publicly - should be successful
• Pushing to a public branch with a commit that is not available publicly - should not be executed
• Pushing to a internal branch - should be executed without querying for commits

[premun]

After some experimentation, we will do even a stronger split and have 2 separate pipelines for synchronization - public and internal. This is due to some AzDO limitations around Access Policies.

We will have this setup:

• dotnet-installer-official-ci - will be its own single-purpose build that just builds installer and nothing else
• dotnet-dotnet-synchronization - will trigger on AzDO's mirror of installer - the main/release branches only - and sync that (verifying commits etc)
• dotnet-dotnet-synchronization-internal - will sync internal/release of the internal installer into the internal VMR