gatekeeper update to 3.21.0-bb.2

Package Merge Request

Package Changes

https://repo1.dso.mil/big-bang/product/packages/policy/-/blob/3.21.0-bb.2/CHANGELOG.md

Package MR

big-bang/product/packages/policy!336 (merged)

For Issue

Closes big-bang/product/packages/policy#309 (closed)

Upgrade Notices

Gatekeeper now leverages the bb-common network policy DSL. This replaces the legacy netpol templates and standardizes default ingress/egress policies at the namespace level. A new egress rule was added for the crd-cleanup job to preserve Kubernetes API access during post-upgrade cleanup. Also webhook access was reduced in scope under the kubeAPI definition. This is limited to port 8443 and only to set ip blocks like 192.168.0.0/16, 172.16.0.0/12 10.0.0.0/8. These will be set to your controlPlaneCIDR when deployed with BB