fix(manifests): Add missing permissions for the RuntimeClass and LimitRange

[tenzen-y]

What this PR does / why we need it:

Even though podgroup plugin needs to operate LimitRange and RuntimeClass, the trainer does not have proper permissions.

Which issue(s) this PR fixes (optional, in Fixes #<issue number>, #<issue number>, ... format, will close the issue(s) when PR gets merged):
Fixes #

Checklist:

• Docs included if any changes are user facing

[coveralls]

Pull Request Test Coverage Report for Build 16942765844

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 47.791%

---

Totals
Change from base Build 16940641662:	0.0%
Covered Lines:	941
Relevant Lines:	1969

---

💛 - Coveralls

[astefanutti]

/lgtm

Thanks!

[andreyvelich]

Does the plugin also create/delete the resources ?

trainer/pkg/runtime/framework/plugins/coscheduling/coscheduling.go

Lines 232 to 238 in 9c2febd

	func (h *PodGroupLimitRangeHandler) Create(ctx context.Context, e event.TypedCreateEvent[*corev1.LimitRange], q workqueue.TypedRateLimitingInterface[reconcile.Request]) {
	limitRange := e.Object
	log := ctrl.LoggerFrom(ctx).WithValues("limitRange", klog.KObj(limitRange))
	if err := h.queueSuspendedTrainJob(ctx, limitRange.Namespace, q); err != nil {
	log.Error(err, "could not queue suspended TrainJob to reconcile queue")
	}
	}

[tenzen-y]

That is write operation for TrainJob.
The missing permissions are for LimitRange and RuntimeClass.

[andreyvelich]

/approve

[google-oss-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andreyvelich

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [andreyvelich]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment