MTV-1745 | Improve validating webhooks

[jonner]

• Allow api service account to create SubjectAccessReview objects
• Validate target namespace from plan webhook
• webhook: Disallow plans when providers can't be retrieved
• webhooks: add check for permissions on VMs in migration plans
• webhooks: check permissions on providers in migration plans
• Add migration webhooks
• Change api.GetGroupResource() to return a GroupResource

ref: https://issues.redhat.com/browse/MTV-1745

[yaacov]

@jonner can you squash the commits ?

[jonner]

@jonner can you squash the commits ?

I personally prefer more fine-grained commits, but I certainly can squash them. Do you prefer that to using the "squash and merge" feature in github?

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

Attention: Patch coverage is 75.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 15.37%. Comparing base (f1fe5d0) to head (b320de7).
Report is 8 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/controller/provider/web/base/auth.go	75.00%	1 Missing ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1338      +/-   ##
==========================================
- Coverage   15.45%   15.37%   -0.08%     
==========================================
  Files         112      112              
  Lines       23377    23495     +118     
==========================================
  Hits         3613     3613              
- Misses      19479    19597     +118     
  Partials      285      285              

Flag	Coverage Δ
unittests	15.37% <75.00%> (-0.08%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[yaacov]

Do you prefer that to using the "squash and merge" feature in github?

I prefer the PR owner to be responsible for the squashing, that way I know if the separate commits are only for reviewing purposes or are a real separation of concerns, because the PR author has the best context and understanding of the changes they've made and can therefore create a clean, logical, and meaningful commit history in the final squashed commit, making it easier for reviewers and future maintainers to understand the evolution of the code.

[yaacov]

I personally prefer more fine-grained commits

My concern with a large number of commits in a pull request is that it complicates back porting. A smaller, concern specific commits can makes it easier to track and manage the back porting.