feat(bff): list user namespaces in dev mode

[ederign]

This PR introduces a new endpoint (GET /v1/namespaces) in dev mode (standalone app) to populate the namespaces dropdown.

It's important to highlight that this new endpoint is only available in BFF dev mode (DEV_MODE=true)

make run MOCK_K8S_CLIENT=true MOCK_MR_CLIENT=true DEV_MODE=true

Description

In this PR:

• clients/ui/bff/internal/api/middleware.go:

1. Created context keys;
2. Created kubeflow group headers (preparing for a following PR)
3. Inject kubeflow-userid and kubeflow-groups header in the request context
4. Refactoring on exempt paths for RequireAccessControl to receive a list of paths to skip SAR

• clients/ui/bff/internal/api/namespaces_handler.go: core handler of this PR
• clients/ui/bff/internal/api/namespaces_handler_test.go: tests of the handler of this PR
• clients/ui/bff/internal/api/app.go: only register the handler in dev mode and also add the new middleware method to extract the readers and add to the context
• clients/ui/bff/internal/integrations/k8s.go: method to list namespaces and do a SAR based on user to see which namespaces user can access
• clients/ui/bff/internal/api/test_utils.go: Refactoring to use the right keys
• clients/ui/bff/internal/mocks/k8s_mock.go: added the right rbac for non admin user in mock
• clients/ui/bff/internal/models/namespace.go: namespace model
• clients/ui/bff/internal/repositories/namespace.go: namespace repository
• clients/ui/bff/internal/repositories/repositories.go: changes in repository interface
• clients/ui/bff/internal/API/healthcheck_handler.go: refactoring to use context instead of handlers directly
• clients/ui/bff/internal/api/healthcheck__handler_test.go: refactoring to use context instead of handlers directly
• clients/ui/bff/internal/api/user_handler.go: refactoring to use context instead of handlers directly
• clients/ui/bff/internal/api/user_handler_test.go: refactoring to use context instead of handlers directly
• clients/ui/bff/README.md: adding endpoint info

How Has This Been Tested?

• I did a basic sanity check in the UI

 make run MOCK_K8S_CLIENT=true MOCK_MR_CLIENT=true DEV_MODE=false
 
curl -i -H "kubeflow-userid: [email protected]" localhost:4000/api/v1/namespaces                                     (kind-kubeflow/default)
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 13 Dec 2024 21:21:43 GMT
Content-Length: 93

{
	"error": {
		"code": "404",
		"message": "the requested resource could not be found"
	}
}

k8s mocked with env test
make run MOCK_K8S_CLIENT=true MOCK_MR_CLIENT=true DEV_MODE=true

curl -i -H "kubeflow-userid: [email protected]" localhost:4000/api/v1/namespaces                                     (kind-kubeflow/default)
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 13 Dec 2024 21:22:43 GMT
Content-Length: 221

{
	"data": [
		{
			"name": "default"
		},
		{
			"name": "dora-namespace"
		},
		{
			"name": "kube-node-lease"
		},
		{
			"name": "kube-public"
		},
		{
			"name": "kube-system"
		},
		{
			"name": "kubeflow"
		}
	]
}

curl -i -H "kubeflow-userid: [email protected]" localhost:4000/api/v1/namespaces                             (kind-kubeflow/default)
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 13 Dec 2024 21:23:05 GMT
Content-Length: 54

{
	"data": [
		{
			"name": "dora-namespace"
		}
	]
}


 curl -i -H "kubeflow-userid: dordasdasm" localhost:4000/api/v1/namespaces                                           (kind-kubeflow/default)
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 13 Dec 2024 21:23:21 GMT
Content-Length: 16

{
	"data": []
}


curl -i -H "bad header: dordasdasm" localhost:4000/api/v1/namespaces                                                (kind-kubeflow/default)
HTTP/1.1 400 Bad Request: invalid header name
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request: invalid header name%

Connected to kubeflow cluster

make run MOCK_K8S_CLIENT=false MOCK_MR_CLIENT=true DEV_MODE=true
curl -i -H "kubeflow-userid: [email protected]" localhost:4000/api/v1/namespaces                                     (kind-kubeflow/default)
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Fri, 13 Dec 2024 21:24:40 GMT
Content-Length: 65

{
	"data": [
		{
			"name": "kubeflow-user-example-com"
		}
	]
}

Merge criteria:

• All the commits have been signed-off (To pass the DCO check)

• The commits have meaningful messages; the author will squash them after approval or in case of manual merges will ask to merge with squash.
• [X ] Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• [X ] The developer has manually tested the changes and verified that the changes work.
• [X ] Code changes follow the kubeflow contribution guidelines.

[alexcreasy]

Tested locally and works - code looks good - I think there's just one mistake in one of the test descriptions.

[ederign]

@alexcreasy all checks passed!

[alexcreasy]

/lgtm

[alexcreasy]

+1

[google-oss-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexcreasy

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• clients/ui/OWNERS [alexcreasy]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment