[Backport 5.2] Sync GitHub internal repos during user perms sync

[sourcegraph-release-bot]

Closes #56648

Sourcegraph now explicitly fetches internal repositories for organizations a user belongs to. This used to be only done when groups caching is enabled, but it leads to a lot of confusion for customers.

This may increase the number of requests made by user permission syncs. If that is the case, groups caching should be enabled.

As part of this work I decided the refactor the GitHub user permissions fetching code, which was very contrived. It's a lot easier to reason about what should be happening now.

Test plan

VCR tests updated to account for extra API calls. Local validations done as well.

Backport d271395 from #56677

Preview 🤩

Preview Link

[sourcegraph-bot]

Codenotify: Notifying subscribers in CODENOTIFY files for diff 5775b5e...bb4ab41.

Notify	File(s)
@eseliger	internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_existing_changeset_and_existing_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_existing_changeset_and_new_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_new_changeset_and_existing_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_new_changeset_and_new_fork internal/extsvc/github/common.go internal/extsvc/github/testdata/golden/ListRepositoriesForSearch internal/extsvc/github/testdata/golden/SearchRepos-Enterprise-narrow-query-enterprise internal/extsvc/github/testdata/golden/TestGetRepository/cached-response/first_run internal/extsvc/github/testdata/golden/TestGetRepository/cached-response/second_run internal/extsvc/github/testdata/golden/TestGetRepository/forked_repo internal/extsvc/github/testdata/golden/TestV3Client_Fork_success_sourcegraph-testing internal/extsvc/github/testdata/golden/TestV3Client_Fork_success_user internal/extsvc/github/v3.go internal/extsvc/github/v3_test.go internal/extsvc/github/v4.go internal/repos/github.go internal/repos/github_test.go
@sourcegraph/delivery	doc/admin/external_service/github.md
@unknwon	cmd/frontend/internal/auth/githuboauth/session.go cmd/repo-updater/internal/authz/BUILD.bazel cmd/repo-updater/internal/authz/integration_test.go cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubInternalRepositories.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/repo-centric/groups-enabled.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/repo-centric/no-groups.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/user-centric/groups-enabled.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/user-centric/no-groups.yaml internal/authz/providers/github/BUILD.bazel internal/authz/providers/github/BUILD.bazel internal/authz/providers/github/authz.go internal/authz/providers/github/authz.go internal/authz/providers/github/client.go internal/authz/providers/github/client.go internal/authz/providers/github/github.go internal/authz/providers/github/github.go internal/authz/providers/github/github_test.go internal/authz/providers/github/github_test.go internal/authz/providers/github/mocks_test.go internal/authz/providers/github/mocks_test.go

[sourcegraph-bot]

📖 Storybook live preview

[keegancsmith]

@pjlast your changelog entry is not going under 5.2.1. Are you sure this was meant to be backported?