Add settings for allow-listing integrations through instance admin

About

This issue is part of Ability to disable integrations through admin s... (&15666) see that epic for more context.

In this iteration we will allow instance-admins to allow-list integrations for the entire instance.

The feature will be a GitLab Ultimate global feature, so in addition to checking the settings we must always check the license before allowing the settings to have effect.

Technical proposal

backend

Add the migrations.
- Name the settings allow_all_integrations and allowed_integrations !169687 (comment 2168200639).
Filter available integrations based on the new settings.
- Always check the license before applying the allowlist.
FE will present the options as checkboxes per integration, but backend will be saving the data as array the application settings, so the data may need to be adapted between the backend and frontend. Communicate with the FE developer on this.

frontend

The feature will be a GitLab Ultimate licenced global feature, so we should only present the form.

documentation

Should mention:

If the instance had a certain kind of integration configured that was active, and then it becomes blocked by their allow-list, those integrations will no longer trigger. However, if they are ever allow-listed in future, they will immediately be triggerable again.
If you set allow_all_integrations to false and specify no allowed integrations ([]) no integrations will be allowed.

Edited Nov 17, 2024 by Luke Duncalfe