CI tunnel with the agent's identity
## Release notes
How can you connect your Kubernetes cluster to GitLab for deployments securely and run your deployments from GitLab CI? This was a hard question to answer until lately. Users required to open their clusters up towards GitLab or move away from well-known CI-based patterns. GitLab now ships with a CI tunnel that connects GitLab runners with your Kubernetes cluster using the GitLab Kubernetes Agent.
The CI tunnel enables users to easily run CI jobs against their cluster without opening up the cluster to the Internet. For each Kubernetes Agent configured GitLab injects a configured `kubecontext` into the CI that can be selected by users for their deployment commands.
## Scope
* [x] \[Ruby\] API to get allowed agents by CI_JOB_TOKEN https://gitlab.com/gitlab-org/gitlab/-/issues/324269
* [x] \[Go\] Authn and authz using CI_JOB_TOKEN lookup https://gitlab.com/gitlab-org/gitlab/-/issues/324268
* [x] \[YAML\] Update Chart for Kubernetes CI proxying https://gitlab.com/gitlab-org/gitlab/-/issues/324271
* [x] \[?\] Update Omnibus for Kubernetes CI proxying https://gitlab.com/gitlab-org/gitlab/-/issues/324272
* [x] \[YAML, Infra\] Expose the port for Kubernetes API proxying in GitLab.com deployment (using the Chart changes) https://gitlab.com/gitlab-org/gitlab/-/issues/325235
* [x] \[YAML, Infra\] Configure GCP load balancer and Cloudflare to expose Kubernetes API https://gitlab.com/gitlab-org/gitlab/-/issues/325236
* [x] \[Ruby\] Inject `kubectl`-compatible config file into the CI job https://gitlab.com/gitlab-org/gitlab/-/issues/324275
* [x] \[Go + Ruby + Dashboards\] [Metric and usage ping on the number of served requests](https://gitlab.com/gitlab-org/gitlab/-/issues/327414)
* [x] \[Docs\] [User-facing documentation for the feature](https://gitlab.com/gitlab-org/gitlab/-/issues/327409)
epic