[CONTP-519] Support k8s admin events in operator

[gabedos]

What does this PR do?

Adds support for the Kubernetes Admission Events configuration in the Operator.

Motivation

Allow customers to enabled the feature using the Operator

Additional Notes

N/A

Minimum Agent Versions

• Cluster Agent: v7.62+

Describe your test plan

Load up the operator and apply the following agent configuration k apply -f datadog-agent.yaml

apiVersion: datadoghq.com/v2alpha1
kind: DatadogAgent
metadata:
  name: datadog
  namespace: system
spec:
  global:
    kubelet:
      tlsVerify: false
    credentials:
      apiSecret:
        secretName: datadog-secret
        keyName: api-key
      appSecret:
        secretName: datadog-secret
        keyName: app-key
  features:
    admissionController:
      kubernetesAdmissionEvents:
        enabled: true

Note: depending on when you test this you may need to either get a custom cluster agent image build, one of the nightly image build tags, the release candidate image tag (late Dec), or utilize the officially published 7.62.0 image in late Jan. Eg.

  override:
    clusterAgent:
      image:
        name: cluster-agent
        tag: 7.62.0-rc.1

Then connect to the cluster agent and check for the status of the kubernetesAdmissionEvents webhook.

k exec -it datadog-cluster-agent-5f4f9f48c7-zdn75  -n system -- agent status | grep -A 8 "ValidatingWebhook"
      ValidatingWebhookConfigurations name: datadog-webhook
      Created at: 2024-12-17 20:22:06 +0000 UTC
      ---------
        Name: datadog.webhook.kubernetes.admission.events
        CA bundle digest: ff3c27c367a36ce2
        Object selector: &LabelSelector{MatchLabels:map[string]string{},MatchExpressions:[]LabelSelectorRequirement{LabelSelectorRequirement{Key:admission.datadoghq.com/enabled,Operator:NotIn,Values:[false],},},}
        Rule 1: Operations: [*] - APIGroups: [apps] - APIVersions: [v1] - Resources: [deployments]
        Service: system/datadog-admission-controller - Port: 443 - Path: /kubernetes-admission-events

Checklist

• PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
• PR has a milestone or the qa/skip-qa label

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 35.71429% with 9 lines in your changes missing coverage. Please review.

Project coverage is 48.65%. Comparing base (756ed08) to head (d0c213b).

Files with missing lines	Patch %	Lines
...atadogagent/feature/admissioncontroller/feature.go	0.00%	7 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1575      +/-   ##
==========================================
- Coverage   48.66%   48.65%   -0.01%     
==========================================
  Files         226      226              
  Lines       20370    20385      +15     
==========================================
+ Hits         9913     9919       +6     
- Misses       9940     9947       +7     
- Partials      517      519       +2     

Flag	Coverage Δ
unittests	48.65% <35.71%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
api/datadoghq/v2alpha1/datadogagent_default.go	90.95% <100.00%> (+0.15%)	⬆️
api/datadoghq/v2alpha1/datadogagent_types.go	100.00% <ø> (ø)
...atadogagent/feature/admissioncontroller/feature.go	66.26% <0.00%> (-1.83%)	⬇️

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 756ed08...d0c213b. Read the comment docs.

[gabedos]

Created struct for k8s admin event config bc there is potential future use case for users to customize the feature such as having more control in which events are recorded