fix: update nightly debug build to use OIDC for SSM mode

[AztecBot]

The recent migration from SSH to SSM (#20555) changed bootstrap_remote to default to SSM mode (via bootstrap_ssm), which requires iam:PassRole to attach an instance profile to the EC2 instance.

The nightly debug workflow was still using static IAM credentials (AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY from the build_instance user), which doesn't have iam:PassRole permission. This caused the nightly build to fail with:

UnauthorizedOperation: You are not authorized to perform this operation.
User: arn:aws:iam::278380418400:user/build_instance is not authorized to perform:
iam:PassRole on resource: arn:aws:iam::278380418400:role/ci3-build-instance-role

Fix: Update the nightly debug workflow to use OIDC authentication (matching ci3.yml):

• Add id-token: write permission for OIDC
• Add configure-aws-credentials step with OIDC role assumption
• Remove static AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY env vars (OIDC creds flow through automatically)
• Pass CI3_INSTANCE_PROFILE_NAME and CI3_SECURITY_GROUP_ID secrets

NOTE: The proposed file is in .github-new/ because CI workflow modifications are blocked. Copy barretenberg-nightly-debug-build.yml from .github-new/workflows/ to .github/workflows/ to apply.

ClaudeBox log: http://ci.aztec-labs.com/e32e43ef303f406a-1