feature: Allow managing of service account roles

[Tuhis]

Currently the provider doesn't seem to support managing client Service Account's roles. Same capability is provided on Terraform side via openid_client_service_account_realm_role and openid_client_service_account_role.

This feature would make it possible to configure Client that relies on Client Credentials Grant with roles.

[Breee]

Can you test please?
Provider: https://marketplace.upbound.io/providers/crossplane-contrib/provider-keycloak/v0.8.0
Release: https://github.com/crossplane-contrib/provider-keycloak/releases/tag/v0.8.0
New CRDs:

• https://marketplace.upbound.io/providers/crossplane-contrib/provider-keycloak/v0.8.0/resources/openidclient.keycloak.crossplane.io/ClientServiceAccountRealmRole/v1alpha1
• https://marketplace.upbound.io/providers/crossplane-contrib/provider-keycloak/v0.8.0/resources/openidclient.keycloak.crossplane.io/ClientServiceAccountRole/v1alpha1

[Tuhis]

Thank you for fast implementation! I will test those and report back here today/tomorrow.

[Tuhis]

I can confirm both resources to work.

It took me a while to realize, that in ClientServiceAccountRole the .spec.forProvider.clientId is not the configured client id of a client, but actually the Keycloak's internal uuid for that client.