[Security] Allow disabling service account token mount for Loki gateway

[marioasabella]

trafficstars

What this PR does / why we need it:

Adds the ability to disable service account token automounting for the Loki gateway component. Since the gateway functions primarily as a reverse proxy/authentication layer and does not require access to the Kubernetes API for its core functionality, this enhancement allows users to follow security best practices by reducing unnecessary access.

Which issue(s) this PR fixes:

N/A

Special notes for your reviewer:

• Maintains backward compatibility by defaulting automountServiceAccountToken to true
• Only affects the gateway component which doesn't need Kubernetes API access
• Follows the principle of least privilege by allowing users to disable unnecessary API access

Changes:

• Added gateway.serviceAccount.automountServiceAccountToken configuration option
• Modified gateway deployment template to respect this setting

Checklist:

• [x] Follows security best practices
• [x] Maintains backward compatibility

Example configuration:

gateway:
  serviceAccount:
    automountServiceAccountToken: false

[CLAassistant]

All committers have signed the CLA.