validate the final state of created pods

[qrkourier]

Add a validating webhook to enforce the expected shape of created pods w/ injected sidecars

https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#guaranteeing-the-final-state-of-the-object-is-seen

[dariuszSki]

The deployment controller of those pods are in charge of that not our webhook in my opinion or I just don't understand the context of this issue