Enhancement - Support integration with Azure Kubernetes Fleet Manager

[nwnt]

Is your feature request related to a problem? Please describe.
We from the Azure Kubernetes Fleet Manager would like to make draft support automated deployment like how it currently works with an AKS cluster. Anybody who wishes to setup an automated deployment onto a fleet resource with a hub resource can then propagate their deployment to its fleet member cluster.

Note that resource propagation is not in the scope of this work.

Mention what platform you want to support the new feature
az-extension, oss draft, and potentially vscode

Describe the solution you'd like
draft setup-gh
draft create
draft generate-workflow
draft validate
would work with a fleet resource in addition to an AKS cluster. This means draft needs to assign a Fleet RBAC role for the app in addition or instead of the current contributor role.

We also aim at bringing this enhancement to azure-cli so that we can use draft consistently with aks (i.e. we can use az fleet draft to set up an automated deployment on a Fleet resource).

Additional context
There are a couple of things that need to be aligned before a PR that enables this feature can be submitted:

1. Whether we still want to make draft works with all the resources in the resource group (setup-gh currently assigns contributor with the whole resource group as the scope) or whether we want to shift to work with an individual resource now (i.e. a single AKS cluster or a single Fleet resource).
   • If we move to an individual resource approach, how do we support specifying a resource name, ID or type? This will allow draft to generate different templates depending on the resource type.
   • If we're not doing that, can we simply assign both Azure Kubernetes Fleet Manager RBAC Writer and Contributor? You might already have a plan to move to a smaller RBAC role like AKS RBAC writer.
2. For any additional templates we need to add for Fleet, do you prefer having them in the same folders as the current templates now or do you prefer having them separated?

[davidgamero]

Whether we still want to make draft works with all the resources in the resource group (setup-gh currently assigns contributor with the whole resource group as the scope) or whether we want to shift to work with an individual resource now (i.e. a single AKS cluster or a single Fleet resource).
If we move to an individual resource approach, how do we support specifying a resource name, ID or type? This will allow draft to generate different templates depending on the resource type.
If we're not doing that, can we simply assign both Azure Kubernetes Fleet Manager RBAC Writer and Contributor? You might already have a plan to move to a smaller RBAC role like AKS RBAC writer.

Moving to a smaller RBAC role would be ideal. we are currently limited by a couple permissions including az acr build-and-push as it requires more than acr reader/writer/push

To address this, we could selectively add Azure Kubernetes Fleet Manager RBAC Writer when using a fleet cluster, which we can handle by adding a cluster selection prompt during the setup-gh steps

For any additional templates we need to add for Fleet, do you prefer having them in the same folders as the current templates now or do you prefer having them separated?

for templates, adding template blocks that are selectively enabled/included by cluster type would be likely the preferable approach