Document how to use the GitLab dependency proxy for Docker images

There is a "gotcha" when using the dependency proxy for Docker images in that using CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX will fail unless the user triggering the pipeline has at least Guest permissions on the top-level uis group. (upstream issue)

This caused development of https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/infrastructure/-/merge_requests/325 to be complicated since whether a given pipeline would work depended on who triggered it.

Add a how-to guide which documents a mechanism to use the dependency proxy safely. This will probably consist of a before_script on the CI job, e.g:

some-job:
  before_script:
    - |-
      echo "Using docker login to authenticate to $CI_DEPENDENCY_PROXY_SERVER"
      echo "$CI_DEPENDENCY_PROXY_PASSWORD" | docker login $CI_DEPENDENCY_PROXY_SERVER -u $CI_DEPENDENCY_PROXY_USER --password-stdin

We also need to document to always use CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX when pulling the image.