Remove HTTPRoute listener and parentRef validation from admission webhook

[pmalek]

Problem statement

KIC's admission webhook has some (legacy?) Gateway API validation code that was introduce in early days of Gateway API.

Some logic that's covered in admission webhook should be done in runtime via the respective controllers, e.g.:

• validating that matched Gateway listener AllowedRoutes indeed supports HTTPRoutes link is already done via routeMatchesListenerAllowedRoutes in

  kubernetes-ingress-controller/internal/controllers/gateway/route_utils.go

  Line 205 in dce791d

  if ok, err := routeMatchesListenerAllowedRoutes(ctx, mgrc, route, listener, gateway.Namespace, parentRef.Namespace); err != nil {

There is also a separate aspect which is not allowing HTTPRoutes which do not have a matched LIstener on a referenced Gateway (which is set in route's parentRef) present in the cluster - this should be allowed and a relevant status parent condition - NoMatchingParent - should be set in HTTPRoute

Furthermore, HTTPRoutes that do not reference Gateways managed by KIC should be allowed to be created, but no status update should happen (they should be ignored by the controller).

Additional Information

The related issue about the HTTPRoute features validation: #5253

Acceptance criteria

• HTTPRoute which doesn't have a Listener matching the specified parentRef is not rejected in the admission webhook but allowed in and appropriate status - NoMatchingParent - is set in its status.
• HTTPRoute which doesn't match Gateway listener's AllowedRoutes is allowed by admission webhook and appropriate parent status condition - NotAllowedByListeners - is set in its status.
• HTTPRoute which doesn't match Gateways managed by KIC should be allowed but ignored by the controller.

[rainest]

kubernetes-sigs/gateway-api#2617 covers some parts of the spec that may need changes to add additional status types for feature compatibility.