fix(): updateDashboardCreds uses deprecated ServiceAccount.Secrets field removed in K8s 1.24+

[mdryaan]

Description

updateDashboardCreds in pkg/hub/controllers/cluster/reconciler.go was fetching the dashboard token secret via sa.Secrets[0].Name. Before Kubernetes 1.24, the API server auto-created a kubernetes.io/service-account-token Secret for every ServiceAccount and populated ServiceAccount.Secrets with its name. Since 1.24 that auto-creation was removed
sa.Secrets is always empty on modern clusters unless a legacy token secret is manually created.

On any K8s 1.24+ cluster this causes updateDashboardCreds to return "ServiceAccount has no secret" on every single reconcile. Because the error short-circuitsReconcile() before updateClusterHealthStatus and updateClusterMetrics are reached, cluster health status never updates as long as the dashboard SA has no manually-created legacy secret.

Fix: remove the ServiceAccount fetch and replace it with r.MeshClient.List over secrets in the control plane namespace, filtering by Type == kubernetes.io/service-account-token and Annotations["kubernetes.io/service-account.name"] == KubeSliceDashboardSA. This is the correct approach for K8s 1.24+ where token secrets must be created manually and discovered by annotation.

Fixes #489

How Has This Been Tested?

• Test_updateDashboardCreds/no_token_secret_found — empty list returns correct error
• Test_updateDashboardCreds/token_secret_found_via_annotation — annotated token secret found, full success path confirmed
• make fmt — no formatting changes
• make vet — no issues
• make build — builds cleanly
• make test — all suites pass; 6 pre-existing spoke timeout failures confirmed identical on master (require live cluster)

Checklist:

• The title of the PR states what changed and the related issues number (used for the release note).
• Does this PR requires documentation updates?
• I've updated documentation as required by this PR.
• I have ran go fmt
• I have updated the helm chart as required by this PR.
• I have performed a self-review of my own code.
• I have commented my code, particularly in hard-to-understand areas.
• I have tested it for all user roles.
• I have added all the required unit test cases.
• I have verified the E2E test cases with new code changes.
• I have added all the required E2E test cases.

Does this PR introduce a breaking change?

action-required: On Kubernetes 1.24+, the dashboard ServiceAccount token secret is no
longer auto-created. Create it manually before upgrading if the KubeSlice dashboard is
enabled:

kubectl create secret generic kubeslice-kubernetes-dashboard-token \
  --type=kubernetes.io/service-account-token \
  --namespace=kubeslice-system \
  --annotations kubernetes.io/service-account.name=kubeslice-kubernetes-dashboard

[mdryaan]

Hey @gourishkb @Rahul-D78, Could you please have a look at this PR whenever you have time? Thanks!