General MR

Summary

This MR accomplishes two things:

Fixes a bug where setting serviceAccounts to be mutated and hardened as it pertains to automountServiceAccountToken settings, inadvertently exempted underlying pods from being scrutinized by this policy.
Adds a new mutator that can be used to harden automountServiceAccountToken (set to false) on Pods; to be used in situations where upstream sets the pods to be explicitly TRUE in this regard unnecessarily.

Edited Dec 22, 2023 by Dustin Hilgaertner