Follow up tasks for Protected Merge Request Pipelines Feature

• In this Epic we implemented a feature enhancement wherein we let MR pipelines between protected branches can access protected variables.

• In this comment - !196304 (comment 2611964312) @allison.browne raised some pending tasks that needs to be completed to make the feature more well rounded. This issue is to tackle these follow up tasks

• Apart from 2 doc changes, the main task is to handle the scenario for protected MR pipelines that run against source branch and NOT merge request ref in Ci::Pipeline#protected_for_merge_request?

• Currently, we DO NOT have any bug as this scenario is already handled in the validation phase when a pipeline is created but handling this scenario in Ci::Pipeline#protected_for_merge_request? is important because relying on existing check seems a bit brittle

Things to do

• Apply this only to merge request refs and NOT for merge request pipelines that run against the source branch rather than the merge request ref.

• Update Protected branches CI/CD documentation - https://docs.gitlab.com/user/project/repository/branches/protected/#cicd-on-protected-branches

• Update Pipeline security documentation - https://docs.gitlab.com/ci/pipelines/#pipeline-security-on-protected-branches

• More details here