nixos/kubernetes: refactor feature gates to attrsOf bool, making it possible to disable featureGates

This is a breaking change, requiring users of `featureGates` to change
from a `listOf str` to `attrsOf bool`.

Before:
```nix
featureGates = [ "EphemeralContainers" ];
extraOpts = pkgs.lib.concatStringsSep " " (
[
  "--container-runtime=remote"
  ''--feature-gates="CSIMigration=false"''
});
```

After:
```nix
featureGates = {EphemeralContainers = true; CSIMigration=false;};
```

This is much nicer, and sets us up for later work of migrating to
configuration files for other services, like e.g. has been happening
with kubelet (see: #290119).

Signed-off-by: Christina Sørensen <christina@cafkafk.com>

nixos/tests/kubernetes/base.nix

@@ -59,6 +59,10 @@ let
                   securePort = 443;
                   advertiseAddress = master.ip;
                 };
+                # NOTE: what featureGates are useful for testing might change in
+                # the future, see link below to find new ones
+                # https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/
+                featureGates = {CPUManager = true; AppArmor= false;};
                 masterAddress = "${masterName}.${config.networking.domain}";
               };
             }