feat(OFF-54): add grants entry for tag:infisical-ci to tag:infisical (#355)

* feat(OFF-54): add Tailscale SSH ACL rules for tag:infisical and tag:infisical-ci

- Add SSH rule: noah@noahwhite.net -> tag:infisical (action: check, users: core)
- Add SSH rule: tag:infisical-ci -> tag:infisical (action: accept, users: core)
- Add tag:infisical-ci to tagOwners (owned by group:devs)

tag:infisical-ci is used by the infisical-stack provision-secrets CI workflow
to SCP secrets and start the compose service over Tailscale SSH.

* feat(OFF-54): add grants entry for tag:infisical-ci to tag:infisical

Author: noahwhite

opentofu/modules/tailscale/main.tofu

@@ -64,6 +64,11 @@ resource "tailscale_acl" "soc_tailnet_acl" {
           "udp:21119",
           "udp:43178",
         "tcp:21119"]
+      },
+      {
+        "src" : ["tag:infisical-ci"],
+        "dst" : ["tag:infisical"],
+        "ip" : ["*"]
       }
     ],
     "ssh" = [