Add `admin_runners` custom role permission

What does this MR do and why?

This change introduces a new custom permission to allow users the ability to manage runners for a group or project.

#442851 (closed)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Before	After
	After: Enable/Disable instance runners for Group

How to set up and validate locally

1. In rails console enable the experiment fully

   Feature.enable(:custom_ability_admin_runners)

2. Create a role with the Admin Runners permission enabled.
3. Assign the new role to a new user
4. Login with the new user
5. Visit any project page and ensure that the Settings menu item appears in the navigation.
6. Click on the Settings menu and ensure that the CI/CD menu item appears.
7. Click on the CI/CD menu.
8. Ensure that the Runners section appears.
9. Click on Expand
10. Ensure that the list of runners are displayed.

app/controllers/projects/settings/ci_cd_controller.rb

@@ -9,7 +9,7 @@ class CiCdController < Projects::ApplicationController
 
       layout 'project_settings'
       before_action :authorize_admin_pipeline!, except: :show
-      before_action :authorize_admin_cicd_variables!, only: :show
+      before_action :authorize_admin_cicd_settings!, only: :show
       before_action :check_builds_available!
       before_action :define_variables
 
@@ -75,6 +75,18 @@ def runner_setup_scripts
 
       private
 
+      def authorize_admin_cicd_settings!
+        return if can_any?(:admin_cicd_variables, :admin_runner, :admin_pipeline)
+
+        access_denied!
+      end
+
+      def can_any?(*permissions)
+        permissions.find do |permission|
+          can?(current_user, permission, project)
+        end
+      end
+
       def highlight_badge(name, content, language = nil)
         Gitlab::Highlight.highlight(name, content, language: language)
       end