Refactor roles: static definitions in bundle

[jotak]

Description

Move all roles from in-code/dynamic definition to yaml/bundle static definions.

It better clarifies which roles are used and why. Use a finer granularity in role definitions, and keep only the logic for bindings attribution.

All component roles are defined in config/rbac/component_roles.yaml. Files netobserv-<rolename>_etc.yaml in bundle are generated from component_roles.yaml

New functions to generate bindings for roles

Change prometheus role to be a namespaced role instead of cluster role

Remove a few unnecessary roles

Dependencies

n/a

Checklist

If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.

• Is this PR backed with a JIRA ticket? If so, make sure it is written as a title prefix (in general, PRs affecting the NetObserv/Network Observability product should be backed with a JIRA ticket - especially if they bring user facing changes).
• Does this PR require product documentation?
  • If so, make sure the JIRA epic is labeled with "documentation" and provides a description relevant for doc writers, such as use cases or scenarios. Any required step to activate or configure the feature should be documented there, such as new CRD knobs.
• Does this PR require a product release notes entry?
  • If so, fill in "Release Note Text" in the JIRA.
• Is there anything else the QE team should know before testing? E.g: configuration changes, environment setup, etc.
  • If so, make sure it is described in the JIRA ticket.
• QE requirements (check 1 from the list):
  • Standard QE validation, with pre-merge tests unless stated otherwise.
  • Regression tests only (e.g. refactoring with no user-facing change).
  • No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

[OlivierCazade]

One comment about some tests, but most of the PR is looking good to me.

[OlivierCazade]

Were these comments intended ?

[jotak]

probably something I forgot to finish, thanks for pointing this out :-)

[jotak]

fixed

[codecov]

Codecov Report

Attention: Patch coverage is 86.97674% with 56 lines in your changes missing coverage. Please review.

Project coverage is 62.63%. Comparing base (7e68060) to head (3ab567a).
Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
controllers/flp/flp_monolith_objects.go	85.10%	10 Missing and 4 partials ⚠️
controllers/flp/flp_transfo_objects.go	86.00%	10 Missing and 4 partials ⚠️
controllers/flp/flp_monolith_reconciler.go	68.42%	5 Missing and 7 partials ⚠️
controllers/flp/flp_transfo_reconciler.go	79.31%	2 Missing and 4 partials ⚠️
controllers/flp/flp_common_objects.go	95.06%	3 Missing and 1 partial ⚠️
...ntrollers/ebpf/internal/permissions/permissions.go	25.00%	2 Missing and 1 partial ⚠️
controllers/monitoring/monitoring_controller.go	33.33%	1 Missing and 1 partial ⚠️
pkg/cleanup/cleanup.go	0.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1209      +/-   ##
==========================================
+ Coverage   62.42%   62.63%   +0.21%     
==========================================
  Files          77       76       -1     
  Lines       11581    11503      -78     
==========================================
- Hits         7229     7205      -24     
+ Misses       3893     3834      -59     
- Partials      459      464       +5     

Flag	Coverage Δ
unittests	62.63% <86.97%> (+0.21%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
controllers/consoleplugin/consoleplugin_objects.go	85.59% <ø> (-0.88%)	⬇️
...trollers/consoleplugin/consoleplugin_reconciler.go	69.14% <100.00%> (+2.09%)	⬆️
controllers/flp/flp_controller.go	64.40% <ø> (+0.40%)	⬆️
controllers/monitoring/monitoring_objects.go	88.00% <ø> (+36.23%)	⬆️
controllers/reconcilers/common.go	90.00% <ø> (+15.00%)	⬆️
...trollers/reconcilers/namespaced_objects_manager.go	87.71% <100.00%> (+0.44%)	⬆️
controllers/reconcilers/reconcilers.go	72.14% <100.00%> (+10.69%)	⬆️
pkg/helper/flowcollector.go	82.37% <100.00%> (ø)
pkg/manager/manager.go	58.18% <ø> (ø)
pkg/resources/roles.go	100.00% <100.00%> (ø)
... and 9 more

... and 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[OlivierCazade]

LGTM

[jotak]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jotak

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jotak]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment