Kubernetes: add automount_service_account_token option

What does this MR do?

This merge request adds a new config option to the Kubernetes executor to be able to configure the AutomountServiceAccountToken feature of Kubernetes.

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting

Why was this MR needed?

This helps to improve security of Kubernetes environments since normally no build pods needs access to the ServiceAccount.

The helm chart deployment already added the feature to disable the ServiceAccount mount for the GitlabRunner pods itself but this doesn't prevent the mount for build/helper and service pods.

gitlab-org/charts/gitlab-runner!428 (merged)

What's the best way to test this MR?

Path to test: /var/run/secrets/kubernetes.io/serviceaccount

Default-Config: Path exists or doesn't exist depending on the ServiceAccount config

See: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting

Config automount_service_account_token = true: Path exists

Config automount_service_account_token = false: Path doesn't exist

What are the relevant issue numbers?

#4786 (closed)

Closes #4786 (closed)