[feature request] sidecarset support inject serviceaccount

[magicsong]

Use Case: For example, if a sidecar container needs to access Kubernetes resources such as ConfigMaps, Secrets, or interact with the API server for other reasons, it would require a ServiceAccount with appropriate permissions. Injecting the ServiceAccount directly through the SidecarSet simplifies this process and makes it more manageable.

Proposed Implementation:

Extend the SidecarSet specification to include an optional serviceAccountName field. When applying the SidecarSet to a Pod, inject the specified ServiceAccount into the sidecar container configuration.

By the way, there is no reason to ask user's pod to inject a service account which not used by their app