Add CI against Tahoe-LAFS master@HEAD

ZKAPAuthorizer is tightly integrated with Tahoe-LAFS. More than that, Tahoe-LAFS promises no stable Python API but ZKAPAuthorizer consumes one anyway. This makes ZKAPAuthorizer above-averagely sensitive to Tahoe-LAFS changes.

Rather than waiting for a Tahoe-LAFS release and then reacting to it, we can be more proactive and monitor the state of compatibility master@HEAD revisions of Tahoe-LAFS between releases. This gives us a better chance of being ready when a release does happen and gives us a chance guide changes in Tahoe-LAFS along a path that's more favorable for ZKAPAuthorizer compatibility before those changes are included in a published release.