fix: clusteraccess lib deletes and recreates (Cluster)RoleBinding resources if roleRef changed

[Diaphteiros]

What this PR does / why we need it:
The clusteraccess library has functions for creating and updating RoleBinding and ClusterRoleBinding resources. These did not consider the fact that the roleRef field of these resources is immutable, leading to a persistent error if the caller of the functions changes the role ref of an existing (Cluster)RoleBinding. This PR fixes that.

Which issue(s) this PR fixes:
Basically the fix for openmcp-project/cluster-provider-gardener#234.

Special notes for your reviewer:

Release note:

The `clusteraccess` library's `EnsureRoleBinding` and `EnsureClusterRoleBinding` functions now take into account that the `roleRef` field of a `RoleBinding`/`ClusterRoleBinding` is immutable. If a call would update this field on an existing resource, the resource is deleted and recreated instead. If the deletion does not immediately succeed (e.g. due to finalizers), the function returns an `WaitingForRecreationError`, indicating that it needs to be called again to finish updating the resource to the desired state.