Implement resource pruning in k8s plugin

[Warashi]

What this PR does:

as title

Why we need it:

to prune the resources which removed in the git repository

Which issue(s) this PR fixes:

Part of #4980

Does this PR introduce a user-facing change?: No

• How are users affected by this change:
• Is this breaking change:
• How to migrate (if breaking change):

[codecov]

Codecov Report

Attention: Patch coverage is 41.07143% with 132 lines in your changes missing coverage. Please review.

Project coverage is 26.19%. Comparing base (792015b) to head (40af37c).
Report is 17 commits behind head on master.

Files with missing lines	Patch %	Lines
.../app/pipedv1/plugin/kubernetes/provider/kubectl.go	0.00%	77 Missing ⚠️
...app/pipedv1/plugin/kubernetes/deployment/server.go	65.51%	16 Missing and 4 partials ⚠️
...app/pipedv1/plugin/kubernetes/provider/manifest.go	19.04%	17 Missing ⚠️
...g/app/pipedv1/plugin/kubernetes/provider/loader.go	0.00%	13 Missing ⚠️
...app/pipedv1/plugin/kubernetes/provider/resource.go	89.36%	5 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #5455      +/-   ##
==========================================
+ Coverage   26.15%   26.19%   +0.04%     
==========================================
  Files         456      457       +1     
  Lines       48992    49303     +311     
==========================================
+ Hits        12814    12916     +102     
- Misses      35156    35362     +206     
- Partials     1022     1025       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Warashi]

We need this to ensure the loaded manifests' namespaces are matched with applied resource.

[Warashi]

Oops, we have to check the input.Namespace is empty or not.

[Warashi]

I want these labels to retrieve live resources when pruning the resources.

[ffjlabo]

I haven't seen everything yet, but I left some comments 🙏

[ffjlabo]

[nit] How about fixing the name as getClusterScopedAPIResources?
It seems that the method calls kubectl api-resources --namespaced=false.

[Warashi]

I fixed this on this commit.
c2a747f

[ffjlabo]

It would be nice to comment on why piped identifies these three values. 🙏

[Warashi]

I added comments on this commit.
6fb0aab

[ffjlabo]

[ask] In this case, does the result include the cluster scoped resources?

[Warashi]

The result does not include the cluster scoped resources.
I checked with the kubectl v1.32.0.

$ kubectl version
Client Version: v1.32.0
Kustomize Version: v5.5.0
Server Version: v1.31.0

$ kubectl get all --all-namespaces
NAMESPACE            NAME                                             READY   STATUS    RESTARTS   AGE
kube-system          pod/coredns-6f6b679f8f-czgq7                     1/1     Running   0          2d5h
kube-system          pod/coredns-6f6b679f8f-j7vcr                     1/1     Running   0          2d5h
kube-system          pod/etcd-kind-control-plane                      1/1     Running   0          2d5h
kube-system          pod/kindnet-rxcpn                                1/1     Running   0          2d5h
kube-system          pod/kube-apiserver-kind-control-plane            1/1     Running   0          2d5h
kube-system          pod/kube-controller-manager-kind-control-plane   1/1     Running   0          2d5h
kube-system          pod/kube-proxy-58jbg                             1/1     Running   0          2d5h
kube-system          pod/kube-scheduler-kind-control-plane            1/1     Running   0          2d5h
local-path-storage   pod/local-path-provisioner-57c5987fd4-52wtm      1/1     Running   0          2d5h

NAMESPACE     NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
default       service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP                  2d5h
kube-system   service/kube-dns     ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   2d5h

NAMESPACE     NAME                        DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
kube-system   daemonset.apps/kindnet      1         1         1       1            1           kubernetes.io/os=linux   2d5h
kube-system   daemonset.apps/kube-proxy   1         1         1       1            1           kubernetes.io/os=linux   2d5h

NAMESPACE            NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
kube-system          deployment.apps/coredns                  2/2     2            2           2d5h
local-path-storage   deployment.apps/local-path-provisioner   1/1     1            1           2d5h

NAMESPACE            NAME                                                DESIRED   CURRENT   READY   AGE
kube-system          replicaset.apps/coredns-6f6b679f8f                  2         2         2       2d5h
local-path-storage   replicaset.apps/local-path-provisioner-57c5987fd4   1         1         1       2d5h

[ffjlabo]

Can we use k.normalize() or k.normalizeNamespace() ?

[Warashi]

I fixed to use k.normalize() on this commit.
48c0fb3

[ffjlabo]

Sorry for the more comments 🙏

[ffjlabo]

[nit] clusterLiveResources -> clusterScopedLiveResources

[Warashi]

applied on this commit
6392bca

[ffjlabo]

[IMO] How about changing keys -> normalizedKeys to distinguish the original key?

[Warashi]

applied on this commit
e1dec97

[ffjlabo]

[IMO] How about changing keys -> normalizedKeys to distinguish the original key?

Same as above

[Warashi]

applied on this commit
e1dec97

[ffjlabo]

[nit] It would be nice to add comment to show why using withoutNamespace()

[Warashi]

I added comments on this commit.
e1dec97

[ffjlabo]

[imo] How about unifying to normalize to avoid using only this method in other code?

[Warashi]

applied on this commit.
bcfd121

[ffjlabo]

Suggested change

	// read the running application config from the example file
	// read the running application config from the testdata file

[Warashi]

Thank you. applied on this commit.
f47da4b

[ffjlabo]

Suggested change

	// read the running application config from the example file
	// read the running application config from the testdata file

[Warashi]

Thank you. applied on this commit.
f47da4b

[ffjlabo]

[imo] It might not be set to avoid operation collision for each tests. WDYT>

[Warashi]

I think the operation collision does not occur because the envtest's dummy cluster is launched in each test.

[ffjlabo]

I see. It is in setupTestPluginConfigAndDynamicClient. Thanks, I got your point.

[ffjlabo]

[imo] If possible, it would be nice to check the error is not found. (I'm not sure about the spec for the dynamic client 🙏

[Warashi]

Thank you. I added the assertion on this commit.
b12e317

[ffjlabo]

[imo] In addition to them, we need to check the resource key to check whether the namespace has changed correcty.

[Warashi]

Thank you. I added resource key assertion on this commit.
d75fd94

[ffjlabo]

Also imo about the test 🙏

• How about using t.Run for each preparating or checking.
• It would be nice to add the testcase for the custom resouce's ones
  • When the Custom Resource's preferred version is v1 and the actual resource's version is v1beta1, Is it possible to remove the resource?

That's all for now 🙏

[Warashi]

@ffjlabo Thanks.

• How about using t.Run for each preparating or checking.

I fixed the tests on this commit.
34c7807

• It would be nice to add the testcase for the custom resouce's ones
  • When the Custom Resource's preferred version is v1 and the actual resource's version is v1beta1, Is it possible to remove the resource?

I added v1beta1 pruning assertions in the cluster-scoped test because it already uses the custom resources.
40af37c

[ffjlabo]

@Warashi Thank you for the great contribution! Those fixes look good!

BTW, I noticed that it might also be nice to add a test case when updating the resource's API version and deleting it (e.g., HPA autoscaling/v1 -> autoscaling/v2, and later remove the resource).
But it might take some more time to do. Is it worth doing now? WDYT?

[Warashi]

@ffjlabo Thank you!

BTW, I noticed that it might also be nice to add a test case when updating the resource's API version and deleting it (e.g., HPA autoscaling/v1 -> autoscaling/v2, and later remove the resource). But it might take some more time to do. Is it worth doing now? WDYT?

This PR is already large, so I want to do it on another PR.

[ffjlabo]

@Warashi OK! Thanks!

[ffjlabo]

LGreatTM 👍