Add CI_JOB_TOKEN in SAST ci-templates

Problem to solve

Currently, ci-templates is used to build analyzer images. However, its build_image.sh script does not pass CI_JOB_TOKEN to the docker build command.
The CI_JOB_TOKEN is sometimes required — for example, when accessing or downloading private Go modules.
The current workaround is to overwrite the ci-templates job scripts, which easily leads to inconsistencies and maintenance errors.

Another issue is that both GLAS and GLAS-CPP already use a custom variable name, READ_REPO_CREDENTIALS, to pass CI_JOB_TOKEN. This creates unnecessary coupling that must be considered in the long-term solution.

Implementation plan

In GLAS-CPP, temporarily overwrite the job script to test and validate the required patch for build_image.sh without modifying the shared script itself.
Update build_image.sh in ci-templates to include the necessary patch, keeping the use of READ_REPO_CREDENTIALS for now. Then remove the overwritten job scripts from both GLAS and GLAS-CPP to align them with the upstream fix.
Once validated, replace READ_REPO_CREDENTIALS with CI_JOB_TOKEN across GLAS, GLAS-CPP, and ci-templates to standardize the implementation and remove the custom coupling.

/cc @adamcohen