Ensure security policy bot for scheduled pipeline policies

What does this MR do and why?

Projects with scheduled pipeline execution policies should always have a security policy bot user. The bot is typically created when a security policy is first applied to the project, but may be missing in some cases.

This MR adds a safeguard to create the security policy bot on-demand during scheduled pipeline execution if it doesn't already exist, similar to the approach used for scheduled scan execution policies introduced in MR !132112 (merged).

Steps to to test locally

1. Create a new group.
2. Create a new project on the group.
3. Add a simple CI config file policy-ci.yml:

   pipeline execution policy job:
     stage: .pipeline-policy-pre
     script:
       - echo "Enforce your policy here"

4. Add a .gitlab/security-policies/policy.yml file to the project with content (Replace path/to/project with the path to your project):

   ---
   experiments:
     pipeline_execution_schedule_policy:
       enabled: true
   pipeline_execution_policy: []
   approval_policy: []
   pipeline_execution_schedule_policy:
     - name: test
       description: ''
       enabled: true
       pipeline_config_strategy: schedule
       content:
         include:
           - project: path/to/project
             file: policy-ci.yml
       schedules:
         - type: daily
           start_time: '10:00'
           time_window:
             value: 600
             distribution: random

5. Go back to the group page and on the left sidebar, select Security & Compliance and Policies.
6. Select Edit policy project and select your project. Then select Save.
7. Copy the ID of your project
8. Open a rails console
9. Find your project and delete the security policy bot (Replace YOUR_PROJECT_ID with the id of your project):

   project = Project.find(YOUR_PROJECT_ID)
   Users::DestroyService.new(User.first).execute(project.security_policy_bot, hard_delete: false, skip_authorization: true)

10. On your project left sidebar, select Manage and Members and make sure there is no GitLab Security Policy Bot.
11. Start the schedule worker manually to trigger the schedule (Replace YOUR_PROJECT_ID with the id of your project):

    Security::PipelineExecutionPolicies::RunScheduleWorker.new.perform(Security::PipelineExecutionProjectSchedule.find_by_project_id(YOUR_PROJECT_ID)

12. Refresh the members page. There should now be a GitLab Security Policy Bot

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.