bpfman-operator: Support Load/Attach Split

[anfredette]

This commit introduces support for bpfman’s load-attach split from bpfman PR
#1354 and includes major
refactoring and CRD changes to align with this new model.

Key Changes:

• Remove "*Program" CRDs and related code in favor of the BpfApplication CRD,
  which can contain multiple eBPF programs.
• Replace BpfProgram CRD with BpfApplicationState, which stores per-node state
  information for all eBPF programs in a BpfApplication.
• Rename CRDs for better alignment with Kubernetes conventions:
  • BpfApplication => ClusterBpfApplication (Cluster-scoped)
  • BpfNsApplication => BpfApplication (Namespace-scoped)
• The BpfApplication CRDs have been modified to include an optional list of
  attach points for each program, enabling pre-loading programs before
  attachment and supporting dynamic attachment updates.
• Redesign the bpfman-agent controller to natively support BpfApplications.

This code can be executed on KIND with the following command:

BPFMAN_IMG="quay.io/afredette/bpfman:latest" make run-on-kind

Fixes: #397

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 789 lines in your changes missing coverage. Please review.

Project coverage is 31.69%. Comparing base (d60c342) to head (e36ff6e).
Report is 8 commits behind head on main.

Files with missing lines	Patch %	Lines
apis/v1alpha1/zz_generated.deepcopy.go	0.00%	690 Missing ⚠️
apis/v1alpha1/shared_types.go	0.00%	42 Missing ⚠️
cmd/bpfman-operator/main.go	0.00%	16 Missing ⚠️
apis/v1alpha1/bpf_application_state_types.go	0.00%	14 Missing ⚠️
...is/v1alpha1/cluster_bpf_application_state_types.go	0.00%	14 Missing ⚠️
cmd/bpfman-agent/main.go	0.00%	7 Missing ⚠️
apis/v1alpha1/zz_generated.register.go	0.00%	6 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #347       +/-   ##
===========================================
+ Coverage   18.67%   31.69%   +13.01%     
===========================================
  Files         128       66       -62     
  Lines       11211     7794     -3417     
===========================================
+ Hits         2094     2470      +376     
+ Misses       8909     5097     -3812     
- Partials      208      227       +19     

Flag	Coverage Δ
unittests	31.69% <0.00%> (+13.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[anfredette]

All of the examples will need to be updated with the new CRD format before the Kubernetes integration tests will pass.

[mergify]

@anfredette, this pull request is now in conflict and requires a rebase.

[mergify]

@anfredette, this pull request is now in conflict and requires a rebase.

[mergify]

@anfredette, this pull request is now in conflict and requires a rebase.

[anfredette]

This is still a WIP, but it's working for cluster-scoped XDP programs.

Here's a sample of the kubectl output from installing and deleting an XDP program:
https://gist.github.com/anfredette/4433aaa58518db5d4d14ed2bf4218f55

If you're looking at the code, the new operator and agent code is in the app-operator and app-agent directories, while the old code is still in bpfman-operator and bpfman-agent. I plan to eventually delete the old directories and rename the new ones, but I'm keeping the old code around for comparison and to pull from as needed.

[msherif1234]

not sure about renaming the agent files with cl is that for clusterscope ?

[msherif1234]

I don't know why u deleted the kproberet and uproberet program types ?

[anfredette]

They weren't being used.

[msherif1234]

we no longer have an object called BpfProgram so we should avoid using it everywhere in code and comments

[anfredette]

I got rid of a lot of it, but there's still more work to do.

[msherif1234]

nit no need to check the len range will handle that

[anfredette]

Done.

[anfredette]

not sure about renaming the agent files with cl is that for clusterscope ?

Yes. I was planning to rename things as follows:
cluster-scoped related files: cl_*
namespace-scoped related files: ns_*

[Billy99]

Work needs to be done on the integration tests. Merging with integration tests failing and work off main to get tests passing again.