Add argument to GQL Query.ciConfig to skip sha verification

What does this MR do and why?

In https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3540, we introduced a project sha verification process to fix a security vulnerability (#417275 (closed)). It effectively prevents YamlProcessor from running on commit shas that are not associated with a project Tag or Branch (detached commits). The process was applied to the Ci::Lint class which affects the Query.ciConfig endpoint.

In https://gitlab.com/gitlab-com/ops-sub-department/section-ops-request-for-help/-/issues/215#note_1597562585, we learned that there is a customer use case to use Query.ciConfig with detached commits.

This MR introduces the argument skip_verify_project_sha to Query.ciConfig, which gives the user the choice to opt out of the sha verification process.

We discussed that adding this argument does not re-introduce the security vulnerability from #417275 (closed) as it does not affect how GitLab UI processes detached shas.

How to reproduce locally

1. In your project, create a commit on a new branch and open a merge request to main.

2. Leave the MR open and unmerged. Copy the merge request commit sha (there's probably a better way to obtain it, but I usually just view a file under the Changes tab and get the sha from the URL). Go to http://gdk.test:3000/-/graphql-explorer. Test the following query:

query getCiConfigData($projectPath: ID!, $sha: String, $content: String!) {
  ciConfig(projectPath: $projectPath, sha: $sha, content: $content) {
    errors
    mergedYaml
    status
  }
}

Variables:

{ "projectPath": "<YOUR_PROJECT_PATH>", "sha": "<MERGE_REQUEST_SHA>", "content": "---\n:build:\n  :script: echo\n" }

3. Observe that the output shows a validation error.

How to set up and validate locally

1. Checkout this branch and follow steps 1-3 in the previous section.
2. Re-execute the query with the new skip_verify_project_sha argument set to true:

query getCiConfigData($projectPath: ID!, $sha: String, $content: String!) {
  ciConfig(projectPath: $projectPath, sha: $sha, content: $content, skipVerifyProjectSha: true) {
    errors
    mergedYaml
    status
  }
}

3. Observe that the validation error does not appear and the data is returned as expected.

4. (Optional) You can verify that this change does not affect the fix for the original security vulnerability by following the steps in https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3540#how-to-reproduce-the-issue-locally.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.