feat: support user namespace network policy

[lingdie]

No description provided.

[gru-agent]

TestGru Assignment

Summary

Link	CommitId	Status	Reason
Detail	508a1c7	✅ Finished

Files

File	Pull Request
controllers/user/main.go	🐛 Bug Detected (The test TestLoadConfig fails because the APIServerPort field in the loaded config is empty, even though the YAML file contains 'apiserverPort: "6443"'. This indicates a mismatch between the YAML tag in the config struct and the YAML file. The struct field in configpkg.Kube likely uses a different tag (e.g., 'APIServerPort' instead of 'apiserverPort'), causing the YAML unmarshal to skip the value. This is a source code bug in the config struct definition, not a problem with the test code. Job Details)
controllers/user/controllers/user_controller.go	🟢 Open #5567

Tip

You can @gru-agent and leave your feedback. TestGru will make adjustments based on your input

[lingdie]

cr demo:

apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
  name: demo-2-policy
  namespace: ns-p5wqvlw9
spec:
  endpointSelector: {}
  ingress:
    - fromEntities:
        - host
    - fromEntities:
        - remote-node
    - fromEndpoints:
        - matchExpressions:
          - key: "k8s:io.kubernetes.pod.namespace"
            operator: "In"
            values:
            - "ns-55i3en28"
            - "ns-p5wqvlw9"
  egress:
    - toEndpoints:
        - matchLabels:
            io.kubernetes.pod.namespace: kube-system
            k8s-app: kube-dns
      toPorts:
        - ports:
            - port: "53"
              protocol: UDP
          rules:
            dns:
              - matchPattern: "*"
    - toEntities:
        - host
    - toEntities:
        - remote-node
    - toEndpoints:
        - matchExpressions:
          - key: "k8s:io.kubernetes.pod.namespace"
            operator: "In"
            values:
            - "ns-55i3en28"
            - "ns-p5wqvlw9"
    - toCIDRSet:
        - cidr: 0.0.0.0/0

[pull-request-size]

Whoa! Easy there, Partner!

This PR is too big. Please break it up into smaller PRs.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 61.97%. Comparing base (370361d) to head (664e991).
Report is 12 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #5622   +/-   ##
=======================================
  Coverage   61.97%   61.97%           
=======================================
  Files           8        8           
  Lines         647      647           
=======================================
  Hits          401      401           
  Misses        200      200           
  Partials       46       46           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cla-assistant]

All committers have signed the CLA.

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}