add template for PolicyExceptions

[mcharriere]

What does this PR do?

Add policyexception templating command based on PolicyExceptionDraft

What is the effect of this change to users?

User is able to generate a PolicyException based on an existing PolicyExceptionDraft.

What does it look like?

Given the following PolicyExceptionDraft

$ k get policyexceptiondrafts.policy.giantswarm.io happa -n policy-exceptions -o yaml
apiVersion: policy.giantswarm.io/v1alpha1
kind: PolicyExceptionDraft
metadata:
  creationTimestamp: "2023-10-05T18:24:00Z"
  generation: 8
  labels:
    app.kubernetes.io/managed-by: exception-recommender
  name: happa
  namespace: policy-exceptions
  resourceVersion: "1346023412"
  uid: 0792f4ab-5333-4379-905c-f6bbdbade468
spec:
  policies:
  - require-run-as-nonroot
  - disallow-privilege-escalation
  - restrict-seccomp-strict
  - disallow-capabilities-strict
  targets:
  - kind: Deployment
    names:
    - happa*
    namespaces:
    - giantswarm

the new template command can generate:

$ kubectl gs template policyexception --draft happa 
apiVersion: policy.giantswarm.io/v1alpha1
kind: PolicyException
metadata:
  creationTimestamp: null
  name: happa
spec:
  policies:
  - require-run-as-nonroot
  - disallow-privilege-escalation
  - restrict-seccomp-strict
  - disallow-capabilities-strict
  targets:
  - kind: Deployment
    names:
    - happa*
    namespaces:
    - giantswarm

Any background context you can provide?

https://github.com/giantswarm/rfc/tree/main/policy-orchestration#policyexception

What is needed from the reviewers?

Do the docs need to be updated?

Should this change be mentioned in the release notes?

• CHANGELOG.md has been updated

Is this a breaking change?

(Breaking changes are, for example, removal of commnds/flags or substantial changes in the meaning of a flag. If yes, please add the breaking-change label to the PR.)

[fhielpos]

I like this idea, will pick this up this week.