Remove ENV vars for ZAP config file from DAST docs

It has been decided to not support the ZAP config file since it is
buggy. Functionality from it that is valuable to DAST will be added to
our Python scripts in the future.

https://gitlab.com/gitlab-org/gitlab/-/issues/218808

doc/user/application_security/dast/index.md

@@ -471,9 +471,6 @@ DAST can be [configured](#customizing-the-dast-settings) using environment varia
 | `DAST_INCLUDE_ALPHA_VULNERABILITIES` | no | Include alpha passive and active scan rules. Boolean. `true`, `True`, or `1` are considered as true value, otherwise false. Defaults to `false`. |
 | `DAST_USE_AJAX_SPIDER` | no | Use the AJAX spider in addition to the traditional spider, useful for crawling sites that require JavaScript. Boolean. `true`, `True`, or `1` are considered as true value, otherwise false. Defaults to `false`. |
 | `DAST_ZAP_CLI_OPTIONS` | no | ZAP server command-line options. For example, `-Xmx3072m` would set the Java maximum memory allocation pool size. |
-| `DAST_ZAP_GENERATE_CONFIG` | no | The file name of the generated sample ZAP configuration file for use with `DAST_ZAP_CONFIG_FILE`. |
-| `DAST_ZAP_CONFIG_FILE` | no | Name of configuration file used to determine thresholds of vulnerability rules. |
-| `DAST_ZAP_CONFIG_URL` | no | URL of configuration file used to determine thresholds of vulnerability rules. |
 | `DAST_ZAP_LOG_CONFIGURATION` | no | Set to a semicolon-separated list of additional log4j properties for the ZAP Server. For example, `log4j.logger.org.parosproxy.paros.network.HttpSender=DEBUG` |
 
 ### DAST command-line options