[test_operator] Add RBAC for test pod exec

[mnietoji]

Test plugins like nfv-tempest-plugin use the Kubernetes Python client to exec into other pods (e.g. openstackclient) via connect_get_namespaced_pod_exec. The default service account in the test namespace lacks pods/exec permissions, causing 403 Forbidden errors during test execution.

Create a Role and RoleBinding granting get/create on pods/exec and get/list on pods to the default service account before starting the test CR.

Assisted-By: Claude Code (Anthropic)

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sdatko for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• roles/test_operator/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[centosinfra-prod-github-app]

Build failed (check pipeline). Post recheck (without leading slash)
to rerun all jobs. Make sure the failure cause has been resolved before
you rerun jobs.

https://gateway-cloud-softwarefactory.apps.ocp.cloud.ci.centos.org/zuul/t/rdoproject.org/buildset/02153fce755f40029daa863628fee369

✔️ openstack-k8s-operators-content-provider SUCCESS in 2h 21m 08s
✔️ podified-multinode-edpm-deployment-crc SUCCESS in 1h 27m 00s
✔️ cifmw-crc-podified-edpm-baremetal SUCCESS in 1h 39m 37s
✔️ cifmw-crc-podified-edpm-baremetal-minor-update SUCCESS in 2h 06m 09s
❌ cifmw-multinode-tempest FAILURE in 1h 44m 05s
✔️ cifmw-pod-zuul-files SUCCESS in 5m 19s
✔️ noop SUCCESS in 0s
✔️ cifmw-pod-ansible-test SUCCESS in 9m 19s
✔️ cifmw-pod-pre-commit SUCCESS in 9m 16s
✔️ cifmw-molecule-test_operator SUCCESS in 4m 33s