feat: Add support for custom trust policy conditions on iam-github-oidc-role

[JBSchami]

Description

This adds support for custom trust policy conditions to the iam-github-oidc-role module.

Motivation and Context

The GitHub documentation on [security hardening with OpenID connect] (https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/about-security-hardening-with-openid-connect) specifies that:

You can define granular OIDC policies by using additional OIDC token claims, such as repository_id and repository_visibility. See Understanding the OIDC token.

However, this module currently only supports validation of iss, aud and sub. I have a use case where I also want to validate actor and workflow but without this change, the module doesn't support that.

Breaking Changes

I do not believe this breaks any backwards compatibility. The added variable defaults to an empty array of entries, much like in the iam-assumable-role-with-oidc modules and the dynamic configuration will not add anything if no values are provided.

How Has This Been Tested?

• I have updated at least one of the examples/* to demonstrate and validate my change(s)
• I have tested and validated these changes using one or more of the provided examples/* projects

caveat: I don't have a space where I can deploy the examples but I have successfully tested the updated module against corporate accounts where I am employed.

• I have executed pre-commit run -a on my pull request

caveat: terraform-docs also affected 8 other REAMDE files (for modules I have not touched in this PR) but I have not checked those changes in. I can if you'd like. All other pre-commmit checks passed. this was due to using an outdated version of TF (1.5.5, I updated to 1.10.5 and it resolved this)