Add confidential to graphQL for notes creation

What does this MR do?

It adds confidential attribute to the graohQL for notes creation.

Note update and public API changes have been/will be submitted as separate MRs.

Related MRs

• !36793 (merged)

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation (if required)
• Code review guidelines
• [-] Merge request performance guidelines
• Style guides
• [-] Database guides
• [-] Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.

Related to #207473 (closed)