feat: implement expansion template pod status

[davis-haba]

Signed-off-by: davis-haba davishaba@google.com

Implements byPod status for ExpansionTemplates.

Fixes: #2302

[maxsmythe]

Directionally, this is looking really good. Have a few nit comments (and it looks like this may still be WIP)

[JaydipGabani]

@davis-haba I'd really appreciate if you can explain what is the need behind this PR. As I have not looked at how expansion templates work I do not have enough background. So I am a little confused and curious.

[maxsmythe]

Davis can probably give better context, but it's similar to the reasoning behind constraint/constrainttemplate/mutator statuses (make the ingestion state of a config across the fleet of pods visible)

[codecov-commenter]

Codecov Report

Patch coverage: 39.52% and project coverage change: -0.42 ⚠️

Comparison is base (143e8cf) 53.27% compared to head (c03e842) 52.85%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2598      +/-   ##
==========================================
- Coverage   53.27%   52.85%   -0.42%     
==========================================
  Files         120      123       +3     
  Lines       10594    10926     +332     
==========================================
+ Hits         5644     5775     +131     
- Misses       4515     4695     +180     
- Partials      435      456      +21     

Flag	Coverage Δ
unittests	52.85% <39.52%> (-0.42%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
apis/status/v1beta1/zz_generated.deepcopy.go	0.00% <0.00%> (ø)
pkg/webhook/policy.go	37.76% <0.00%> (-1.32%)	⬇️
...status/v1beta1/expansiontemplatepodstatus_types.go	8.69% <8.69%> (ø)
apis/status/v1beta1/util.go	76.31% <25.00%> (ø)
pkg/controller/expansion/stats_reporter.go	54.05% <45.83%> (ø)
pkg/controller/expansion/expansion_controller.go	55.47% <61.22%> (ø)
pkg/readiness/ready_tracker.go	69.19% <65.30%> (-0.46%)	⬇️
apis/status/v1beta1/constraintpodstatus_types.go	80.64% <100.00%> (ø)
...tatus/v1beta1/constrainttemplatepodstatus_types.go	73.91% <100.00%> (ø)
apis/status/v1beta1/mutatorpodstatus_types.go	80.00% <100.00%> (ø)
... and 2 more

... and 3 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[davis-haba]

@JaydipGabani

@davis-haba I'd really appreciate if you can explain what is the need behind this PR. As I have not looked at how expansion templates work I do not have enough background. So I am a little confused and curious.

The byPod status, present on Constraints, Mutators, and now ExpansionTemplates, is designed to report the status of each resource as observed by each Pod.

For example, suppose you have 3 validation webhook replicas. You might be interested in guaranteeing that all 3 of the replicas have all of the necessary ExpansionTemplates or Constraints registered. If only 2/3 of them have a config registered, this could lead to under-enforcement or nondeterministic behavior.

The design doc has much more detail if you're interested.

[maxsmythe]

Code LGTM barring a nit. Waiting on testing TODOs otherwise.

[maxsmythe]

LGTM

[davis-haba]

@ritazh
I accepted your comment suggestions (thanks btw).

Was there anything else to address?

[ritazh]

LGTM