Add support for optional runner authentication token prefix

Much like Personal Access Tokens with the glpat- prefix, adding a prefix to runner auth tokens would make it easier for secret detection and incident response to be effective.

This token is still used in the new registration workflow and actually plays an even bigger role so it would be interesting to have the prefix added.

NOTE: We need to adapt the logic that rotates runner tokens to make sure that it preserves the glrt- prefix if the previous token had the prefix. The Ci::Runners::CreateRunnerService service will need to ensure that the created runner has a prefixed runner token (created by the TokenAuthenticatable module), potentially by using token_generator: -> { ... } to add_authentication_token_field. The challenge is to have 2 different behaviors from token_generator being determined by the caller.