Setup VulnerabilityReport webhook conversion

[matheusfm]

Description

This PR sets up a webhook conversion for VulnerabilityReport CRD. Now the operator is able to inject a webhook conversion in CRDs annotated with zora.undistro.io/inject-conversion: "true". The spec.conversion.webhook.clientConfig.caBundle field in CRD, is set from a file ca.crt mounted as volume in operator, and generated by Helm.

A self-signed certificate is being generate by Helm, if it doesn't exist. A Secret is also being created with three files: tls.crt,tls.key, and ca.crt. This Secret is mounted as volume in webhook server (operator) where tls.crt andtls.key files are used as server certificates and ca.crt is being set in CRD caBundle field on initialization.

Most of files in config/ directory are generated by kubebuilder. Documentation: https://book.kubebuilder.io/multiversion-tutorial/conversion

Linked Issues

• https://github.com/undistro/zora/pull/277
• UD-1404

How has this been tested?

This is a script that I've used for testing:

#!/bin/bash
#kind delete cluster
kind create cluster
#IMG="ghcr.io/undistro/zora/operator:v0.8.5-rc3" make docker-build
kind load docker-image ghcr.io/undistro/zora/operator:v0.8.5-rc3

kubectl apply -f https://raw.githubusercontent.com/undistro/zora/v0.8.4/charts/zora/crds/zora.undistro.io_vulnerabilityreports.yaml
cat config/samples/zora_v1alpha1_vulnerabilityreport.yaml | yq '.metadata.name = "stale"' | kubectl apply -f -

helm upgrade --install zora charts/zora/ --set clusterName=kind-kind -n zora-system --create-namespace --wait
kubectl apply -f config/samples/zora_v1alpha1_vulnerabilityreport.yaml
kubectl apply -f config/samples/zora_v1alpha2_vulnerabilityreport.yaml

Checklist

• [x] I have labeled this PR with the relevant Type labels
• [x] I have documented my code (if applicable)
• [x] My changes are covered by tests