[CONTINT-4924] Support for wildcards in Kind field in KSM RBAC

[triviajon]

What does this PR do?

This PR adds users to use a wildcard "*" in the Kind field under .spec.features.kubeStateMetricsCore.collectCrMetrics of the DatadogAgent CR. This comes as a follow-up to the bugfix in datadog-agent/pull/43315, and is the Operator equivalent of this helm-charts/datadog PR.

Motivation

What inspired you to submit this pull request?
https://datadoghq.atlassian.net/browse/CONTINT-4924

Additional Notes

Minimum Agent Versions

Are there minimum versions of the Datadog Agent and/or Cluster Agent required?

Relies on the bug-fix in datadog-agent that likely won't be included until 7.74.0 for the KSM check not to fail, but otherwise no.

Describe your test plan

Added a unit-test to feature/kubernetesstatecore/rbac_test.go.

Also QA'd manually:

1. Created a minikube cluster and deployed a new build of the datadog operator: helm install datadog-operator /Users/jon.rosario/dd/helm-charts/charts/datadog-operator -f deploy-ddo.yaml --set clusterRole.allowReadAllResources=true:

image:
  repository: docker.io/jonrosario774/operator
  tag: 1.21.0-test.2

Note: if using make deploy, the operator clusterrole needs to be patched manually to add read to all resources

2. Deployed datadog agent using the operator, configured for KSM to collect CR metrics:

apiVersion: datadoghq.com/v2alpha1
kind: DatadogAgent
metadata:
  name: datadog
...
  features:
    kubeStateMetricsCore:
      enabled: true
      collectCrMetrics:
        - groupVersionKind:
            group: stable.example.com
            version: "*"
            kind: "*"
          labelsFromPath:
            name: ["metadata", "name"]
            namespace: ["metadata", "namespace"]
          metrics:
            - name: crontab_info
              help: "Basic info about CronTab CRs"
              each:
                type: Info
                info:
                  path: ["spec"]
                  labelsFromPath:
                    cronSpec: ["cronSpec"]
                    image: ["image"]
                    replicas: ["replicas"]
...

Note: this requires image override for runners or DCA if not using runners 7.74+ for QA

3. Applied the CronTab CRD and CR, then saw the metrics being reported to Datadog.

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: crontabs.stable.example.com
spec:
  group: stable.example.com
  versions:
    - name: v1
      served: true
      storage: true
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                cronSpec:
                  type: string
                image:
                  type: string
                replicas:
                  type: integer
              required: ["image"]
  scope: Namespaced
  names:
    plural: crontabs
    singular: crontab
    kind: CronTab
    shortNames:
    - ct
---
apiVersion: stable.example.com/v1
kind: CronTab
metadata:
  name: my-cronjob
spec:
  cronSpec: "* * * * */5"
  image: busybox
  replicas: 2

Checklist

• PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
• PR has a milestone or the qa/skip-qa label

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 36.56%. Comparing base (3dd92f9) to head (3efec72).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2350   +/-   ##
=======================================
  Coverage   36.56%   36.56%           
=======================================
  Files         281      281           
  Lines       23911    23914    +3     
=======================================
+ Hits         8742     8745    +3     
  Misses      14485    14485           
  Partials      684      684           

Flag	Coverage Δ
unittests	36.56% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
...r/datadogagent/feature/kubernetesstatecore/rbac.go	100.00% <100.00%> (ø)

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d16ba3c...3efec72. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[tbavelier]

As mentioned in PR description, this requires using 7.74+, so QA can be done with override.clusterChecksRunner.image.name: docker.io/datadog/agent-dev:nightly-main-py3 if using runners, or docker.io/datadog/cluster-agent-dev:master if not using runners.
Also for QA, this indeed requires the readallresources option from the Helm chart template. Or patching directly the clusterrole datadog-operator-manager-role if using make deploy

---

@triviajon we should probably wait to merge this until 7.74 is released, so possibly with operator 1.23, as 1.22 release cycle will start in mid december