https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26750 and https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26751 introduce support for `.gitlab-ci.yml`-defined pull policies. The Runner administrator should be able to limit which pull policies are allowed on a Runner. For this we could add an `allowed_pull_policies` configuration to the respective executor configuration section. For security reasons, a missing `allowed_pull_policies` element should default to the value in `pull_policies`.