Allow users to set confidential attribute on Epic

User should be able to set confidential attribute when creating or updating an epic - we should update our private API (ee/app/controllers/groups/epics_controller.rb), REST API and GraphQL API to accept this attribute.

It should be allowed to set this attribute only if confidential_epics feature flag is enabled for epic's group.

Frontend

On Epic List page, add Confidential checkbox to New Epic popover.

See design tab for latest mocks.

Related to #197339 (closed)