Integrate Rucio with SRC IAM for auth provision

The Rucio instance has been integrated with the ESCAPE IAM service historically. Since the SRC IAM service is now up and running and ESCAPE is drawing to a close, it would be good to migrate to using the SRC IAM in order to prevent accruing of further technical debt. If more storage sites are added to the datalake before this migration is done, we would be adding to the collective technical debt across the ART.

Update: This is becoming especially critical now we're working on APIs. At the moment the data-management IAM client is managed by the ESCAPE IAM instance as some endpoints require token exchanges against the Rucio "auth" client (which has always lived on the ESCAPE IAM instance) to do work within the Rucio ecosystem. As such, the data-management API cannot be integrated with any other API (e.g. permissions) with clients utilising the SKA IAM.

AC: Rucio functional tests running (at all deployed sites) with an SRC IAM use, verified via the Grafana dashboard, and token based CLI flow verified for a user registered with SRC IAM

AC: Rucio functional tests running (at all deployed sites) with an SRC FTS use, verified via the Grafana dashboard

After much discussion with the FO and PT, we have descoped this feature. Recommended by Rob Perry that we clone the feature to capture remaining work (https://jira.skatelescope.org/browse/SP-4591) and modify this one to capture the switch over to SRC FTS.

Since Weds 14 Aug, the tests have been running: https://monit.srcdev.skao.int/grafana/d/BfW0IQQVk/rucio-events?orgId=1&from=1723590000000&to=now&var-src=All&var-dst=All&var-protocol=All&var-scopes=testing&var-filename=%2A&var-bin=$__auto_interval_bin&var-throughput_min_filesize_bytes=1000000.