Bug: `runtime/client.(*Impersonator).CanImpersonate` does not take kubeconfig into account

[matheuscscp]

xref: fluxcd/helm-controller#1250

This method is used by kustomize-controller during the finalization of a Kustomization to know if it can impersonate the configured spec.serviceAccountName for the operation. The method simply takes the existence of the ServiceAccount in the current cluster as the answer to this question. When spec.kubeConfig is configured, spec.serviceAccountName is supposed to exist in the remote cluster, and not in the current cluster. This means that if anybody is using both fields and the ServiceAccount does not exist in the current cluster (but correctly exists in the remote cluster), kustomize-controller does not collect the garbage in the remote cluster when the Kustomization is deleted.