Add namespaced admin RBAC option

The current version of the chart creates a service account with cluster-admin permission. If multiple deployments share the same Kubernetes cluster, this set of permissions seems too generous to me. Assume multiple applications are deployed to separate namespaces. There is nothing that prevents one deployment to interfere with a deployment in another namespace.

The only option a user of the chart has, is to disable the creation of the rbac and come up with role bindings themselves.

With this merge request, the chart values have an optional setting rbac.namespaces. If this evaluates to a non-empty list, instead of the binding to cluster-admin, bindings to namespaced admin roles are created. The agent has only access and can only mess with Kubernetes objects in these listed namespaces, protecting everything else from interference.