feat: opencloud group provisioning via oidc

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>

roles/opencloud/templates/proxy.yaml.j2

@@ -0,0 +1,9 @@
+role_assignment:
+  driver: oidc
+  oidc_role_mapper:
+    role_claim: {{ opencloud_role_assignment_oidc_claim }}
+    role_mapping:
+{% for mapping in opencloud_role_mapping %}
+      - role_name: {{ mapping.role_name }}
+        claim_value: "{{ mapping.claim_value }}"
+{% endfor %}