Least-privilege: Updates to the GitLab Integration

This one is quick, but important! 

Several of our larger customers were able to set up Compass and build out the catalog for their teams/department, but ran into friction when they tried to import Components from other parts of the org. 

Until now, our GitLab integration required an Owner token which many security + ops team were weary of sharing an Owner token with access to the root group. 

We listened, re-worked some of the internals, and realized we were asking for permissions we did not actually need. 

If you provided us with an Owner token already, you don't have to change anything -- it will keep working! But if you'd like to change to a Maintainer token you can without breaking your integration. 

If you have not set up the GitLab integration you will also now have the choice between Maintainer and Owner tokens. 

We hope this change helps your team get more Components into the catalog and feel better your security posture at the same time.