Use webhooks for container updates instead of relying on polling

[hrideshmg]

Currently, Watchtower polls the GitHub Container Registry (GHCR) every 10 seconds to check for updates. However, Watchtower supports an HTTP-API mode that allows it to act as a webhook server to trigger updates. This approach would be ideal as it eliminates the need for polling. Additionally, GHCR supports webhooks, making this integration possible.

The main challenge is that Watchtower expects a secret in the Authorization HTTP header, but GitHub does not allow custom headers and instead sends the (hashed) secret in a X-Hub-Signature-256 header, see: validating webhook deliveries.

One possible solution is to write a lightweight middleware that intercepts this request, validates it, and sends the correct request to Watchtower to trigger the update.