prevent concurrent use of same baremetal server from different clusters

We can easily prevent a mistake that is likely to be frequent: the scenario where a BaremetalHost resources is created for a workload cluster B, pointing to a baremetal server already used by another workload cluster A. When this occurs, the corresponding node in workload cluster A will suddenly be destroyed, and the cause won't always that easily be understood.

We can't guard against all such scenarios, in particular when the two workload clusters are managed by different mgmt clusters.

But in the frequent case where they would be managed by the same mgmt cluster, we can easily detect and prevent this scenario by having a Kyverno policy that, on the creation of a BaremetalHost will lookup k8s API to check if there would already exist in another namespace a BaremetalHost with the same spec.bmc.address.