Support XValidations (CEL validation rules) changes in CRD upgrade safety checks

[camilamacedo86]

Summary

Currently, when XValidations (CEL validation rules) are added to a CRD, crdify marks them as "unhandled" changes instead of properly categorizing them. This causes legitimate breaking changes to be reported with unreadable error messages, making it difficult for operators to understand what needs to be addressed.

Problem

When upgrading CRDs that add XValidations (CEL validation rules), crdify reports them as "unhandled" changes with huge Go struct dumps, rather than properly categorizing them as breaking changes.

Example Error

v1alpha1: ^.spec.externalAccess.routeSelectorLabels: unhandled: unhandled changes found :
  &v1.JSONSchemaProps{
    ... // 41 identical fields
    XListType:    nil,
    XMapType:     nil,
-   XValidations: nil,
+   XValidations: v1.ValidationRules{
+       {
+           Rule:    "(oldSelf.size() == 0 || self == oldSelf)",
+           Message: "RouteSelectorLabels can't be modified",
+       },
+   },
  }

Why This Is a Problem

1. XValidations additions ARE breaking changes - They make validation more restrictive
2. Should be properly categorized - Not "unhandled", but recognized as a breaking validation change
3. Error messages are unreadable - Huge struct dumps make it hard to understand what changed
4. Blocks legitimate upgrades - Operators can't tell if the change is safe or breaking

Expected Behavior

XValidations additions should be:

• Recognized as a validation change (not "unhandled")
• Categorized as breaking (makes validation more restrictive)
• Reported clearly - e.g., "XValidations: validation rules added (breaking)"

Current Behavior

• XValidations changes are marked as "unhandled"
• Error messages contain huge Go struct dumps
• No clear indication that this is a breaking validation change

Use Case

Scenario: Upgrading operator from v1.2.0 to v1.3.0 adds XValidations to multiple CRD fields:

# Old CRD
spec:
  externalAccess:
    routeSelectorLabels:
      type: object

# New CRD - adds XValidations
spec:
  externalAccess:
    routeSelectorLabels:
      type: object
      x-kubernetes-validations:
        - rule: "(oldSelf.size() == 0 || self == oldSelf)"
          message: "RouteSelectorLabels can't be modified"

Current Result: Upgrade fails with "unhandled changes found" error

Expected Result: Upgrade fails with clear message: "XValidations: validation rules added (breaking change - makes validation more restrictive)"

Proposed Solution

1. Add XValidations detection to crdify's validation logic
2. Categorize XValidations additions as breaking changes
3. Provide clear error messages instead of "unhandled"
4. Optionally: Allow XValidations additions if they're less restrictive (though this is rare)