User or Developer story

As a WMCO developer, I want to enforce node-scoped access for WICD so that unauthorized WICD access is restricted.  

Description

Implement an admission webhook to enforce node-scoped RBAC permissions for WICD (Windows Instance Config Daemon), ensuring that WICD instances can only access resources for their specific node.
Currently, WICD uses certificate-based RBAC with broad cluster permissions. While the CSR approval process validates WICD certificates, there's no runtime enforcement preventing a WICD instance from accessing resources outside its designated node scope.
 - Prerequisite: WICD certificate-based RBAC implementation (In-progress)

Acceptance Criteria

• Create admission webhook that intercepts WICD requests to node-scoped resources
   - Extract node identity from WICD client certificate (CN: system:wicd-node:nodeName)
   - Validate that requested resource operations are scoped to the correct node
   - Webhook should deny requests when WICD tries to access resources for other nodes
   - Update documentation to reflect webhook enforcement
• Add e2e tests for cross-node access.