feature: implement the ListenerSets experimental API

[zhaohuabing]

This PR implements the experimental XListenerSet API, as proposed in GEP-1713, allowing listeners to be defined in a separate resource and attached to a Gateway. This feature is enabled via the XListenerSet feature flag in the EnvoyGateway configuration.

Changes

• New controller logic is added to watch and process XListenerSet resources.
• XListenerSet resources are attached to a parent Gateway, and their listeners are processed and merged with the Gateway's own listeners.
• The status of the XListenerSet and its listeners is updated to reflect whether they have been accepted and programmed.
• RBAC: New RBAC permissions for xlistenersets and xlistenersets/status have been added to the Helm charts and config/rbac/role.yaml.
• Testing: Unit tests and End-to-end tests have been added to validate XListenerSet functionality for HTTPRoute(HTTP and HTTPS), gRPCRoute, TLSRoute, TCPRoute and UDPRoute.

TODOs

• Support XListenerSet as TargetRef for xPolicies.
• Add attached XListenerSets to the Gateway status - depend on the next Gateway API release.

To keep this PR focused, these TODOs will be tracked in separate issues and implemented in follow-up PRs.

implement: #5323
release note: yes

[netlify]

✅ Deploy Preview for cerulean-figolla-1f9435 canceled.

Name	Link
🔨 Latest commit	93c8da3
🔍 Latest deploy log	https://app.netlify.com/projects/cerulean-figolla-1f9435/deploys/69735ae0ea1dd500088b9f2e

[codecov]

Codecov Report

❌ Patch coverage is 58.08625% with 311 lines in your changes missing coverage. Please review.
✅ Project coverage is 73.35%. Comparing base (70b85d4) to head (93c8da3).

Files with missing lines	Patch %	Lines
internal/provider/kubernetes/routes.go	42.08%	118 Missing and 32 partials ⚠️
internal/provider/kubernetes/controller.go	40.25%	39 Missing and 7 partials ⚠️
internal/provider/kubernetes/indexers.go	51.13%	34 Missing and 9 partials ⚠️
internal/gatewayapi/xlistenerset.go	81.73%	16 Missing and 5 partials ⚠️
internal/provider/kubernetes/status.go	19.23%	20 Missing and 1 partial ⚠️
internal/gatewayapi/runner/runner.go	5.26%	15 Missing and 3 partials ⚠️
internal/gatewayapi/resource/resource.go	14.28%	5 Missing and 1 partial ⚠️
internal/gatewayapi/validate.go	88.46%	3 Missing ⚠️
api/v1alpha1/envoygateway_helpers.go	0.00%	1 Missing ⚠️
internal/gatewayapi/helpers.go	96.77%	1 Missing ⚠️
... and 1 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7998      +/-   ##
==========================================
- Coverage   73.53%   73.35%   -0.18%     
==========================================
  Files         237      239       +2     
  Lines       35653    36118     +465     
==========================================
+ Hits        26216    26493     +277     
- Misses       7574     7732     +158     
- Partials     1863     1893      +30     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jukie]

Support XListenerSet as TargetRef for xPolicies.
Support XListenerSet as ParentRef for TCPRoute, TLSRoute, and UDPRoute.

Should we include extra status handling to communicate lack of support for these?

Edit: SupportedKinds is probably good enough

[zhaohuabing]

Support XListenerSet as TargetRef for xPolicies.
Support XListenerSet as ParentRef for TCPRoute, TLSRoute, and UDPRoute.

Should we include extra status handling to communicate lack of support for these?

Edit: SupportedKinds is probably good enough

Added support to all the other route types in this PR.

[arkodg]

seeing drift here, why is DeepCopy used here but not for the other resources

[arkodg]

we should insert in the resoureTree only when it doesnt exist in the resourceMap, this is what we've done for other resources afaik

[arkodg]

Suggested change

Implement the experimental XListenerSet API, allowing listeners to be defined in a separate resource and attached to a Gateway. This feature is disabled by default and can be enabled by setting the 'XListenerSet' flag in the EnvoyGateway configuration. Supported route types: HTTPRoute (HTTP/HTTPS), GRPCRoute, TLSRoute, TCPRoute, and UDPRoute. Note: XListenerSet as a TargetRef for xPolicies is not yet supported.

Added support for the experimental XListenerSet API, allowing listeners to be defined in a separate resource and attached to a Gateway. This feature is disabled by default and can be enabled by setting the 'XListenerSet' flag in the EnvoyGateway configuration. Supported route types: HTTPRoute (HTTP/HTTPS), GRPCRoute, TLSRoute, TCPRoute, and UDPRoute. Note: XListenerSet as a TargetRef for xPolicies is not yet supported.