api/datadoghq/v2alpha1: add support for SSI targets

[knusbaum]

What does this PR do?

We want to allow the datadog-operator to configure SSI targets in the cluster agent.
The config we want to add is here.

Motivation

See: INPLAT-424

Minimum Agent Versions

This change supports a new feature in the cluster agent, and is harmless to older cluster agents.

• Cluster Agent: Requires Cluster Agent 7.64.0

Describe your test plan

I setup minikube locally with a registry. I ran the following to install my operator based on the docs:

# Build
make IMG=localhost:5000/test/operator:test IMG_CHECK=localhost:5000/test/operator-check:test docker-build

# Push
make IMG=localhost:5000/test/operator:test IMG_CHECK=localhost:5000/test/operator-check:test docker-push

# Deploy
make IMG=localhost:5000/test/operator:test IMG_CHECK=localhost:5000/test/operator-check:test deploy

I then added the following config to examples/datadogagent/datadog-agent-minimum.yaml and ran the script for a DatadogAgent resource:

apiVersion: datadoghq.com/v2alpha1
kind: DatadogAgent
metadata:
  name: datadog
spec:
  override:
    clusterAgent:
      image:
        name: registry.ddbuild.io/ci/datadog-agent/cluster-agent:v55563759-d8db7b1b-amd64
        tag: v55563759-d8db7b1b-amd64
  global:
    clusterName: my-example-cluster
    credentials:
      apiKey: <YOUR-API-KEY-HERE>
  features:
    apm:
      instrumentation:
        targets:
          - name: "sometarget"
            podSelector:
              matchLabels:
                key: value
              matchExpressions:
                - key: somekey
                  operator: In
                  values:
                    - value1
                    - value2
            namespaceSelector:
              matchNames:
                - name1
                - name2
              matchLabels:
                key1: val1
                key2: val2
              matchExpressions:
                - key: somekey1
                  operator: In
                  values:
                    - value1
                    - value2
            ddTraceVersions:
              java: "1"
              dotnet: "2"
        enabled: true
        enabledNamespaces:
          - "test-1"

Finally, I exec'd into the cluster agent pod and verified that the expected environment variable is set:

$ kubectl -n system exec -ti datadog-cluster-agent-897578d6d-ljm5v -- bash
root@datadog-cluster-agent-897578d6d-ljm5v:/# env | grep DD_APM
DD_APM_INSTRUMENTATION_ENABLED_NAMESPACES=["test-1"]
DD_APM_INSTRUMENTATION_ENABLED=true
DD_APM_INSTRUMENTATION_TARGETS=[{"name":"sometarget","podSelector":{"matchLabels":{"key":"value"},"matchExpressions":[{"key":"somekey","operator":"In","values":["value1","value2"]}]},"namespaceSelector":{"matchNames":["name1","name2"],"matchLabels":{"key1":"val1","key2":"val2"},"matchExpressions":[{"key":"somekey1","operator":"In","values":["value1","value2"]}]},"ddTraceVersions":{"dotnet":"2","java":"1"}}]

Checklist

• PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
• PR has a milestone or the qa/skip-qa label

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 75.00000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 50.44%. Comparing base (b073d93) to head (3f10318).
Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
...nal/controller/datadogagent/feature/apm/feature.go	70.00%	2 Missing and 1 partial ⚠️

❌ Your patch status has failed because the patch coverage (75.00%) is below the target coverage (80.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1670      +/-   ##
==========================================
+ Coverage   49.48%   50.44%   +0.96%     
==========================================
  Files         218      218              
  Lines       21240    22028     +788     
==========================================
+ Hits        10511    11113     +602     
- Misses      10182    10327     +145     
- Partials      547      588      +41     

Flag	Coverage Δ
unittests	50.44% <75.00%> (+0.96%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
pkg/testutils/builder.go	91.69% <100.00%> (+0.01%)	⬆️
...nal/controller/datadogagent/feature/apm/feature.go	65.66% <70.00%> (+0.14%)	⬆️

... and 37 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b073d93...3f10318. Read the comment docs.

[aliciascott]

Just a small suggestion but approved

[betterengineering]

🚀

[celenechang]

we don't have a precedence of referencing the datadog.yaml config keys in this file; do you think it's needed?

(in general, a goal of the operator is to obscure some of the complicated config when setting up the agent)

[celenechang]

are all of these parameters required? they don't have +optional or omitempty

[celenechang]

could we reuse this type? https://github.com/DataDog/datadog-operator/blob/main/api/datadoghq/v2alpha1/datadogagent_types.go#L869-L877

[celenechang]

[]corev1.EnvVar could be used instead