chore: Add script to allow audit of operator-created Roles/RoleBindings

[jgwest]

What type of PR is this?
/kind enhancement

What does this PR do / why we need it:

• This PR introduces a utility script that can be used to audit the Roles/RoleBindings created by operator on cluster.
• This is beneficial for end users to verify that that gitops operator roles/rolebindings have the expected access

[openshift-ci]

@jgwest: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/v4.14-kuttl-parallel	ae0680c	link	true	/test v4.14-kuttl-parallel

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[varshab1210]

If we'd like to include a safe scan example

$ ./audit-operator-roles.sh
=========================================================
SEARCH CRITERIA (Must match ALL):
  1. API/Resource: argoproj.io / applications
  2. Label:        app.kubernetes.io/part-of=argocd
  3. Scope:        Cross-namespace only
=========================================================

Scanning Cluster (this may take a moment)...

Roles with cross-namespace access:
  • No cross-namespace bindings found for the candidate roles.
Scan Complete.

[svghadi]

/lgtm

[svghadi]

/retest
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: svghadi

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [svghadi]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment