feat: add webhooks for crossplane resources to zarf-agent

[Avarei]

Description

This Implements the Crossplane resources

• Configuration
• Provider
• Function
  to rewrite the spec.package and spec.packagePullSecrets field in a similar way as for Pod.

This allows the Crossplane Pod to pull the images from the local registry.

Well... not quite yet. This also implements an extension of the private-registry secret, which is created for namespaces managed by zarf. additionally to the localhost reference to the registry this also adds the same credentials for the route over the kubernetes service.

This implementation rewrites

apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: provider-terraform
spec:
  package: xpkg.upbound.io/upbound/provider-terraform:v0.16.0

into

apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  # Removed for brevity
  labels:
    app.kubernetes.io/managed-by: Helm
    zarf-agent: patched
  name: provider-terraform
spec:
  ignoreCrossplaneConstraints: false
  package: zarf-docker-registry.zarf.svc.cluster.local:5000/upbound/provider-terraform:v0.16.0-zarf-255403924 # patched by zarf-agent
  packagePullPolicy: IfNotPresent
  packagePullSecrets:
  - name: private-registry # added by zarf-agent
  revisionActivationPolicy: Automatic
  revisionHistoryLimit: 1
  runtimeConfigRef:
    apiVersion: pkg.crossplane.io/v1beta1
    kind: DeploymentRuntimeConfig
    name: default
  skipDependencyResolution: false

which will by default create a pod like this:

apiVersion: v1
kind: Pod
metadata:
  # Removed for brevity
spec:
  containers:
    - image: 127.0.0.1:31999/upbound/provider-terraform:v0.16.0-zarf-255403924-zarf-928246402
       name: package-runtime
  # Removed for brevity

The resulting Pod is a bit of a problem. Since when
https://github.com/defenseunicorns/zarf/blob/0c02643b9f5631a7bdd98650cc87c74901190771/src/internal/agent/hooks/pods.go#L76
is called the function does just replace the hostname.
I could not yet find a nice way to implement this, as the const i would need is in
https://github.com/Avarei/zarf/blob/13a7957b46a0dcacb9baa63d7826f42ea44915d7/src/types/k8s.go#L51
and the package surrounding
https://github.com/defenseunicorns/zarf/blob/0c02643b9f5631a7bdd98650cc87c74901190771/src/pkg/transform/image.go#L27
seems to avoid this kind of external dependency. and i would like to avoid negatively impacting your code quality.

Currently I sidestep this issue by creating a DeploymentRuntimeConfig in Crossplane which lets me overwrite the used image back to the internet version, which will be replaced back to the localhost version when the Pod is created.

Related Issue

Fixes #2572

Checklist before merging

• Test, docs, adr added or updated as needed
• Contributor Guide Steps followed

[netlify]

✅ Deploy Preview for zarf-docs canceled.

Name	Link
🔨 Latest commit	a9a56ff
🔍 Latest deploy log	https://app.netlify.com/sites/zarf-docs/deploys/665a53c85527180008e33ca8

[Avarei]

I reconsidered and implemented the additional logic to the function in the hope that it makes review easier, than thinking about hypotheticals.
The resulting pod now looks like it should. I also added a test to assert this.

[codecov]

Codecov Report

Attention: Patch coverage is 68.78613% with 54 lines in your changes missing coverage. Please review.

Please upload report for BASE (main@0c02643). Learn more about missing BASE report.

Files	Patch %	Lines
.../internal/agent/hooks/crossplane-configurations.go	72.54%	8 Missing and 6 partials ⚠️
src/internal/agent/hooks/crossplane-functions.go	72.54%	8 Missing and 6 partials ⚠️
src/internal/agent/hooks/crossplane-providers.go	72.54%	8 Missing and 6 partials ⚠️
src/pkg/cluster/secrets.go	44.44%	8 Missing and 2 partials ⚠️
src/pkg/transform/image.go	0.00%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2574   +/-   ##
=======================================
  Coverage        ?   27.75%           
=======================================
  Files           ?       92           
  Lines           ?     6853           
  Branches        ?        0           
=======================================
  Hits            ?     1902           
  Misses          ?     4723           
  Partials        ?      228           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[lucasrod16]

I am closing this PR because the Zarf team has decided to not support mutating Crossplane resources at this time

#2628 (comment)