[BUG] `service_account_mapping` test does not fail if the CNF includes an auto-mounted service account.

[HashNuke]

Describe the bug

service_account_mapping should fail if the CNF includes an auto-mounted service account.

Possible cause

When the resources for the CNF are collected, the Service Accounts are not collected.

• CNFManager in the testsuite uses this helper function - Helm.all_workload_resources
  • https://github.com/cnf-testsuite/helm/blob/46b0c7f75a4bb6aac8318dc2c37daa875903ee2f/helm.cr#L160
• The above function in turns uses KubectlClient::WORKLOAD_RESOURCES, which does not have Service Accounts listed.
  • https://github.com/cnf-testsuite/kubectl_client/blob/8d68ba21aec7a74058a3cd8c829e7dab36b79e1b/kubectl_client.cr#L10

KubectlClient::WORKLOAD_RESOURCES needs to be updated to include service accounts.

To reproduce

./cnf-testsuite cnf_setup cnf-config=./sample-cnfs/sample-service-accounts/cnf-testsuite.yml
./cnf-testsuite service_account_mapping

The test should fail, but it instead passes.

This output was from upgraded kubescape version from another branch. But that shouldn't matter, it looks like the bug should be present in the main branch too.

[HashNuke]

This is fixed in #2004 to help the build pass.

[HashNuke]

The dependency kubectl_client had to be fixed. Will open a PR for that soon.