Add RBAC rules for infrastructure and bootstrap resources

[vincepri]

Signed-off-by: Vince Prignano [email protected]

What this PR does / why we need it:
This PR adds RBAC rules for the Cluster API manager to access and have permissions on all resources under infrastructure.cluster.sigs.k8s.io and boostrap.cluster.sigs.k8s.io.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Related to #1036

Special notes for your reviewer:

Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

Release note:

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [vincepri]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[vincepri]

/assign @ncdc @detiber

[detiber]

/lgtm

[vincepri]

@detiber ptal :)

[ncdc]

/hold

[ncdc]

Are you thinking all bootstrap & infra providers will share the same API groups?

[vincepri]

I think so? If they don't that's also fine, but they will need to add RBAC permissions to the Cluster API manager

[ncdc]

If they don't that's also fine, but they will need to add RBAC permissions to the Cluster API manager

Right. Let's make sure we document this somewhere. Is there a good place now?

[detiber]

I believe the assumption should be fine for kubernetes-sigs hosted projects. For externally hosted projects we'll likely need to document the RBAC requirements.

[ncdc]

/hold cancel