[RS-1431] Allow UI admin user to create and patch webhooks-secret

[gantony]

Description

In our UI, we allow admin users to easily create/update/delete webhooks. When creating a Jira webhook, we store the Jira credentials they provide (email + token) into a secret. When we delete a webhook through the UI, it also cleans up the information in the secret.

In the initial poc, we allowed admin users to view and edit those credentials through the UI, which would require adding create/view/update/delete permissions for secrets in tigera-netwok-admin cluster role. This felt like too much permissions (even for admin users) so we decided to:

• Only specify Jira credentials when creating a webhook, no way to view them ("UI" does not read secrets). If creds need to change, delete webhook and create a new one.
• Have 1 secret that contains Jira credentials for all the webhooks of a managedcluster created through the UI, with key in secret data using format <webhok-name>.username
• Let the UI create the required secret when needed and patch the secret when creating/adding a jira webhook (update/remove secret key accordingly).

For PR author

• Tests for change.
• If changing pkg/apis/, run make gen-files
• If changing versions, run make gen-versions

For PR reviewers

A note for code reviewers - all pull requests must have the following:

• Milestone set according to targeted release.
• Appropriate labels:
  • kind/bug if this is a bugfix.
  • kind/enhancement if this is a a new feature.
  • enterprise if this PR applies to Calico Enterprise only.