update roles and scopes information

[khorne3]

This PR:

• updates GitLab docs to include roles and token scopes information
• updates the Network Broker doc to link out to tokens info (except for GitHub, since most use the app)

Please ensure

• A subject matter expert (SME) reviews the content

[netlify]

✅ Don't forget to add /docs at the end of the deploy preview site URL!

Name	Link
🔨 Latest commit	0e90820
🔍 Latest deploy log	https://app.netlify.com/projects/semgrep-docs-prod/deploys/686288fc02d414000885d047
😎 Deploy Preview	https://deploy-preview-2216--semgrep-docs-prod.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[armchairlinguist]

This pretty much looks good to me, so I'm going to approve.

I do have one suggestion, though: since we're calling a bit more attention to the use of tokens, I think we should also have a comment that we recommend having the token in the SCM config in the platform unless there's a specific reason that it's better to provide it via the broker.

As far as I understand this aligns with our usual recommendations (although @zyannes can correct me if I'm wrong, as well). Totally viable to consider that in a follow-up PR too since it can be done separately.

[zyannes]

Yes I agree with @armchairlinguist. The preferred method is to store the created token in the SCM config instead of the broker.