Restart Gitaly when updating Gitlab-Shell token

What does this MR do?

Originally Gitaly would shell out to Gitlab-Shell to make internal API calls. This had no retained state regarding the secret token, so no service restarts were required in this scenario.

However, for several years the main Gitaly process has been responsible for calling the internal API. This will only read the Gitlab-Shell secret file during its startup process, and subsequent changes to that will not be detected by Gitaly, leading to spurious 401 errors.

To resolve this, restart the Gitaly service when updating gitlab_shell['secret_token'].

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

• MR title and description are up to date, accurate, and descriptive.
• MR targeting the appropriate branch.
• Latest Merge Result pipeline is green.
• When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow.

For GitLab team members

If you don't have access to this, the reviewer should trigger these jobs for you during the review process.

• The manual Trigger:ee-package jobs have a green pipeline running against latest commit.

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes.
• Tests added.
• Integration tests added to GitLab QA.
• Equivalent MR/issue for the GitLab Chart opened.