Backend: Set and use fields for sudo access

MR: Set and use fields for workspace sudo access (!163888 - merged)

Description

As per the plan described here, set the agent config fields and use them while creating the workspace to support sudo access.

Details about the validations of each field at model/database level are described in DB: Add database fields for sudo access (#474966 - closed) .

Acceptance Criteria

While setting/updating fields in the agent config

• If allow_privilege_escalation(default false), use_kubernetes_user_namespaces(default false), default_runtime_class(default ""), annotations(default {}), labels(default {}) are provided in the agent config, store them in their corresponding DB values. Else, store their defaults.

The generated resources of the workspace during reconciliation should have the following satisfied

• Set Deployment's spec.template.spec.containers[*].securityContext.allowPrivilegeEscalation to the associated agent's allow_privilege_escalation.
• Set Deployment's spec.template.spec.hostUsers to the associated agent's use_kubernetes_user_namespaces if true.
• Set Deployment's spec.template.spec.runtimeClassName to the associated agent's default_runtime_class if present.
• Set all resources metadata.annotations to the associated agent's annotations. The GitLab
• Set all resources metadata.labels to the associated agent's labels.

E2E verification

• Test end-to-end for all the 3 methods described in &13983 (comment 1982715109) . Setup the necessary infrastructure for each of the scenario.