feat!: support additional vCenter entities for privilege rules

[TylerGillson]

Issue

N/A

Description

• Extend privilege rules to support datastores, the vCenter root object, and all network types.
• Add GroupPrincipals and Propagated to the privilege rule spec.
  • GroupPrincipals are used to identify permissions that grant privileges to a user on a specific entity. They're required because non-admin users cannot query the vCenter API to determine their own group membership.
  • Propagated is a new flag that further qualifies the assignment of privileges to a user on a specific entity.
• Clean up some lingering Spectro-internal logic that was filtering Datacenters and Clusters based on kubernetes tags.

Related:

• refactor!: remove role privilege rules validatorctl#217

[ahmad-ibra]

LGTM aside from the minor grammar issue. Also thanks for cleaning up all the helper functions that weirdly returned a bool along with the err and actual return value. It always felt like some weird anti-pattern.

[codecov]

Codecov Report

Attention: Patch coverage is 32.26381% with 380 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
pkg/vsphere/user.go	0.00%	150 Missing ⚠️
pkg/vsphere/network.go	50.87%	47 Missing and 9 partials ⚠️
pkg/vsphere/datacenter.go	0.00%	31 Missing ⚠️
pkg/vsphere/cluster.go	0.00%	30 Missing ⚠️
pkg/vsphere/vsphere_mocks.go	0.00%	20 Missing ⚠️
pkg/vsphere/folder.go	0.00%	19 Missing ⚠️
pkg/vsphere/vm.go	60.97%	16 Missing ⚠️
pkg/vsphere/datastore.go	50.00%	9 Missing and 4 partials ⚠️
pkg/vsphere/host.go	23.07%	10 Missing ⚠️
pkg/vsphere/vapp.go	0.00%	6 Missing ⚠️
... and 10 more

@@            Coverage Diff             @@
##             main     #362      +/-   ##
==========================================
+ Coverage   38.75%   39.20%   +0.45%     
==========================================
  Files          29       32       +3     
  Lines        1729     1977     +248     
==========================================
+ Hits          670      775     +105     
- Misses        987     1106     +119     
- Partials       72       96      +24     

Files with missing lines	Coverage Δ
api/v1alpha1/vspherevalidator_types.go	44.82% <ø> (ø)
pkg/validators/privileges/privilege.go	100.00% <100.00%> (ø)
tests/integration/tags/tags.go	88.50% <100.00%> (ø)
...kg/validators/computeresources/computeresources.go	76.64% <95.00%> (+0.60%)	⬆️
pkg/vcsim/vcsim.go	88.23% <95.23%> (+1.71%)	⬆️
api/vcenter/types.go	50.00% <0.00%> (-38.89%)	⬇️
pkg/validators/ntp/ntp.go	18.51% <0.00%> (-0.72%)	⬇️
pkg/vsphere/tag.go	8.47% <0.00%> (ø)
pkg/validate/validate.go	40.54% <57.14%> (-3.75%)	⬇️
pkg/vsphere/resource_pool.go	0.00% <0.00%> (ø)
... and 13 more

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 37af6b3...d5272af. Read the comment docs.