Spike + POC Security policies - publish vs usage ci components

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

SPIKE INSTRUCTIONS

1. Create new Instance Setting: security_policy_project_id
2. Create new singleton Model: Security::InstanceOrchestrationPolicyConfiguration.
3. When value for security_policy_project_id is provided, we can fetch policies using Security::InstanceOrchestrationPolicyConfiguration
4. Use these policies to enforce ci_component_usage_policy on instance level. 🤔

From #441102 (comment 2011566573)

POC

TBA