cluster import into Rancher breaks on "creatorID annotation does not match user"

The issue we run into is that with the workload cluster Rancher import workflow, the cluster-import component is blocked by the rancher-webhook admission controller which errors on the creation of the Cluster.provisioning.cattle.io resource with:

I saw this in rancher-webhook logs:

I1209 06:04:03.357635       1 trace.go:205] Trace[183349696]: "provisioningClusterValidator Admit" user:system:serviceaccount:flux-system:kustomize-controller (09-Dec-2022 06:04:00.529) (total time: 2638ms):
Trace[183349696]: [2.638871236s] [2.638871236s] END

I was able to workaround the issue by using this annotation:

    field.cattle.io/creatorId: system:serviceaccount:flux-system:kustomize-controller

(I just used the user that was appearing in the trace above)

This seem to work, but I now run into a different issue:

      Cluster/default/first-workload-cluster-capi apply failed, error: Internal error occurred: failed calling webhook "rancher.cattle.io": received invalid webhook response: webhook returned response.patch but not response.patchType

This issue seems to be an issue in rancher webhook.

I filed a github issue upstream https://github.com/rancher/webhook/issues/158

See the discussion in that upstream issue: it is possible that recent changes to the rancher-webhook code solve this issue; this remains to be tested.

(this issue follows-up to issue https://gitlab.com/t6306/components/capi-bootstrap/-/issues/38)