feat(controller): add externalIDs support for VPC policyRoutes

[jimyag]

Add support for custom external_ids in VPC policyRoutes to allow users to track the source and ownership of policy routes. The "vendor" key is reserved and always set to "kube-ovn" to prevent user override.

Changes

• Add ExternalIDs field to PolicyRoute struct in CRD type definition
• Update diffPolicyRouteWithExisted and diffPolicyRouteWithLogical to detect externalIDs changes and trigger upsert
• Ensure vendor key cannot be overwritten by user-specified externalIDs
• Update CRD YAML schema in:
  • charts/kube-ovn-v2/crds/kube-ovn-crd.yaml
  • charts/kube-ovn/templates/kube-ovn-crd.yaml
  • dist/images/install.sh
• Add unit tests for externalIDs diff detection and vendor protection

Usage Example

apiVersion: kubeovn.io/v1
kind: Vpc
metadata:
  name: my-vpc
spec:
  policyRoutes:
    - priority: 100
      match: "ip4.src == 10.0.0.0/24"
      action: reroute
      nextHopIP: "10.0.1.1"
      externalIDs:
        source: "my-application"
        environment: "production"

Fixes #6226

---

Pull Request

• Make sure you have followed Kube-OVN Code Style.

What type of this PR

• Features

Which issue(s) this PR fixes

Fixes #6226

[gemini-code-assist]

Summary of Changes

Hello @jimyag, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances VPC policy routes by introducing support for custom externalIDs. This feature allows users to associate arbitrary key-value metadata with their policy routes, facilitating better tracking and management of network policies. A key aspect of this implementation is the reservation and protection of the "vendor" key within externalIDs, which is automatically set to "kube-ovn" to maintain system integrity and prevent user interference. The changes involve updating the CRD, modifying controller logic to correctly detect and apply externalIDs changes, and ensuring deep copy functionality for the new field.

Highlights

• CRD Extension for PolicyRoute: The PolicyRoute Custom Resource Definition (CRD) now includes an externalIDs field, allowing users to attach custom key-value metadata to policy routes.
• Reserved 'vendor' Key Protection: The externalIDs field reserves the "vendor" key, automatically setting it to "kube-ovn" and preventing user overrides, ensuring system-level identification.
• Enhanced Policy Route Diffing Logic: The controller's diffing functions (diffPolicyRouteWithExisted and diffPolicyRouteWithLogical) have been updated to detect changes in externalIDs, enabling proper updates to existing policy routes.
• CRD Schema Updates: The CRD YAML schemas in both Helm charts (charts/kube-ovn-v2/crds/kube-ovn-crd.yaml) and the install.sh script (dist/images/install.sh) have been updated to reflect the new externalIDs field.
• Comprehensive Unit Testing: New unit tests have been added to validate the externalIDs diff detection logic and confirm that the "vendor" key protection mechanism functions as expected.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request adds support for externalIDs to VPC policy routes, allowing for better tracking and ownership of routes. The changes are well-implemented, including updates to the CRD, controller logic, and the addition of comprehensive unit tests. I've identified a couple of areas with code duplication that could be refactored to improve maintainability. Overall, this is a solid feature addition.

[jimyag]

/gemini review

[coveralls]

Pull Request Test Coverage Report for Build 21583491910

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

• For more information on this, see Tracking coverage changes with pull request builds.
• To avoid this issue with future PRs, see these Recommended CI Configurations.
• For a quick fix, rebase this PR at GitHub. Your next report should be accurate.

Details

• 40 of 45 (88.89%) changed or added relevant lines in 2 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.2%) to 23.076%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pkg/controller/vpc.go	28	33	84.85%

Totals
Change from base Build 21580923272:	0.2%
Covered Lines:	12418
Relevant Lines:	53814

---

💛 - Coveralls

[gemini-code-assist]

Code Review

This pull request introduces support for externalIDs on VPC policy routes, a valuable feature for tracking and metadata. The changes are well-structured across the CRDs, API types, and controller logic. The inclusion of comprehensive unit tests is commendable. I've identified a critical issue in the policy diffing logic that could cause unnecessary resource churn, and a minor optimization opportunity. Additionally, the PR includes a crucial fix for a deepcopy issue, which is a great improvement.

[jimyag]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces support for externalIDs in VPC policy routes, allowing for custom metadata to be associated with them. The changes are well-implemented across the CRD definitions, Go type definitions, and the controller logic. The new functionality is also accompanied by a comprehensive set of unit tests, which is great. I have one suggestion to improve compatibility with older Go versions.

[jimyag]

[SkalaNetworks]

I'm interested in what your specific usecase is for this feature

[jimyag]

I'm interested in what your specific usecase is for this feature

see #6226