Improve handling of cherry-picking in security MRs

Problem statement

Currently, the pick into auto-deploy label does nothing for security MRs. Security MRs need to be manually picked into the latest auto deploy branch by the RM (https://gitlab.com/gitlab-org/release/docs/-/blob/master/runbooks/how_to_speed_up_auto_deploy_process_for_urgent_merge_requests.md#for-security-merge-requests). This is very manual and error prone. It also makes it easy for cherry-picked MRs to be accidentally rolled back by future deployments.

I've added this issue to the decoupling epic since the decoupling work adds a few more manual steps to the procedure to cherry-pick a security MR (gitlab-org/release/docs!802 (merged)). The procedure was already cumbersome, and is now even worse. We need to automate this process, so that it removes the mental load from RMs at a time when they are probably handling a high severity incident.

Proposal

• Update the automation to automatically cherry-pick any MRs in security projects (GitLab, Omnibus and CNG) with the pick into auto-deploy label. The changes required will mostly be in cherry_pick/auto_deploy_service.rb#L208.
• Submit a follow-up MR updating the CherryPick::AutoDeployService spec to use factories instead of doubles. (Ref)
• Update docs to reflect that the procedure is now automated - https://gitlab.com/gitlab-org/release/docs/-/blob/master/runbooks/how_to_speed_up_auto_deploy_process_for_urgent_merge_requests.md#for-security-merge-requests.
• Cleanup unused scripts related to cherry-picking security MRs: #20810 (comment 2305964294)