Add support for CredentialsBindings

[etiennnr]

What would you like to be added:
Right now, when using provider-env to login to the Cloud provider CLI, gardenctl fetches the credentials based on the shoot's secretBindingName

gardenctl-v2/pkg/cmd/providerenv/options.go

Lines 169 to 186 in 41e47d4

	if (shoot.Spec.SecretBindingName == nil || *shoot.Spec.SecretBindingName == "") &&
	(shoot.Spec.CredentialsBindingName == nil || *shoot.Spec.CredentialsBindingName == "") {
	return fmt.Errorf("shoot %q is not bound to a cloud provider credential", o.Target.ShootName())
	}
	var (
	secretName string
	secretNamespace string
	)
	if shoot.Spec.SecretBindingName != nil && *shoot.Spec.SecretBindingName != "" {
	secretBinding, err := client.GetSecretBinding(ctx, shoot.Namespace, *shoot.Spec.SecretBindingName)
	if err != nil {
	return err
	}
	secretName = secretBinding.SecretRef.Name
	secretNamespace = secretBinding.SecretRef.Namespace

However, with GEP-26, a new way of authenticating using CredentialsBindings has been added. The end goal of CredentialsBindings is to enable thrust based authentication (which would probably break the provider-env feature anyway), however it also supports secrets referencing (similar to the way secretBindings works, but the format is a bit different, see https://github.com/gardener/gardener/blob/master/example/80-credentialsbinding.yaml)

Why is this needed:

Support the case where we are using CredentialsBindings that is still referencing a secret, aka not break the feature.