e2e resource group cleanup: use rg-ordered workflow and make "no-rp" mode best-effort

[roivaz]

Replace the ad-hoc DeleteResourceGroup calls in e2e cleanup with the cleanup-sweeper's rg-ordered workflow, and let callers control whether deletion errors are fatal.

Changes:

• Both standard and no-rp cleanup modes now use runOrderedResourceGroupCleanup, which runs ResourceGroupOrderedCleanupWorkflow from the cleanup-sweeper engine. This removes direct use of DeleteResourceGroup, resourceClientFactory, and networkClientFactory from the cleanup paths.
• ContinueOnError added to WorkflowOptions: Steps in the ordered workflow now use opts.ContinueOnError instead of hardcoding true, letting callers choose between strict and best-effort behavior.
• standard mode (ContinueOnError: false, Wait: true): Deletion failures abort the workflow and fail the job — correct for int/stg/prod where cleanup issues need immediate visibility.
• no-rp mode (ContinueOnError: true, Wait: false): Per-target deletion failures are logged and skipped inside the engine. Discovery errors still propagate since they indicate broken code. Deletions are fire-and-forget.
• Existing cleanup-sweeper and templatize callers explicitly pass ContinueOnError: true to preserve their best-effort behavior.
• Added cleanup-sweeper as a dependency of the test module.
• Grant release bot Graph directory read permission for orphaned role assignment discovery, and treat per-target delete failures as best-effort so one forbidden deletion doesn't fail the whole sweep.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: roivaz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• dev-infrastructure/OWNERS [roivaz]
• test/OWNERS [roivaz]
• tooling/OWNERS [roivaz]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@roivaz: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-parallel	e164209	link	true	/test e2e-parallel

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.