k8s: forge-dev: setup oauth2-proxy for pgadmin and kafka-console

TODO:

• Create a CRI OIDC Client with the following settings
  • restricted mode enabled
  • labo-labsi-devs mapping to roles kafka-console-dev pgadmin-dev
  • labo-labsi-roots mapping to roles kafka-console-dev pgadmin-dev
  • client type : confidential
• create the config secret in vault with path k8s-prod-1/forge-dev-oauth2-proxy/config with the following keys
  • client-id the client id of the created oidc client
  • client-secret the client secret of the created oidc client
  • cookie-secret a random secret generated with : python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'