Fix enableImpersonation flag type consistency

[xuezhaojun]

Summary

Fix type inconsistency for enableImpersonation configuration across cluster-proxy components and add validation to prevent invalid values.

• Changed enableImpersonation from string "true" to boolean true in addon-agent values.yaml
• Added input validation to reject invalid boolean strings (e.g., "fase", "invalid")
• Ensures consistency with hub-side configuration
• Prevents deployment failures from malformed configuration values
• Adds comprehensive support for impersonation feature control

Changes Made

1. Type Consistency Fix

• addon-agent/values.yaml: Fixed type from string to boolean

2. Input Validation (New)

• agent.go: Added validation logic to check enableImpersonation values
• Accepts only: "true", "false", "1", "0" (as defined by Go's flag.BoolVar)
• Returns clear error message for invalid values
• Prevents the following issues:
  • Pod crash loops from invalid CLI flags
  • Unintended ClusterRole creation from non-empty invalid strings

3. Feature Integration

• ClusterRole templates: Updated to properly handle impersonation flag
• Deployment templates: Updated to pass flag to service-proxy
• service-proxy.go: Added flag support for impersonation control

Problem This Solves

Without validation, if a user sets enableImpersonation: "fase" (typo):

1. ❌ Helm template {{- if .Values.enableImpersonation }} evaluates to true (non-empty string)
2. ❌ ClusterRole gets created even though user intended to disable
3. ❌ service-proxy container fails to start with: invalid boolean value "fase" for -enable-impersonation: parse error
4. ❌ Deployment enters crash loop

With validation:

1. ✅ Agent addon returns clear error: invalid value for enableImpersonation: "fase", must be one of: true, false, 1, 0
2. ✅ Deployment never gets created with invalid configuration
3. ✅ User gets immediate feedback to fix the typo

Type Safety Details

The CRD AdditionalValues uses map[string]string, but boolean defaults in values.yaml are semantically correct. Helm properly converts and evaluates these values at deployment time.

Testing

All existing tests pass:

go test ./pkg/proxyagent/agent/... -v
# PASS

🤖 Generated with Claude Code

[codecov]

Codecov Report

❌ Patch coverage is 14.28571% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 13.84%. Comparing base (788f9c8) to head (7171ec4).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/proxyagent/agent/agent.go	25.00%	5 Missing and 1 partial ⚠️
pkg/serviceproxy/service_proxy.go	0.00%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #245      +/-   ##
==========================================
- Coverage   13.89%   13.84%   -0.05%     
==========================================
  Files          39       39              
  Lines        2246     2254       +8     
==========================================
  Hits          312      312              
- Misses       1906     1913       +7     
- Partials       28       29       +1     

Flag	Coverage Δ
unit	13.84% <14.28%> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[xuezhaojun]

/assign @qiujian16

[qiujian16]

/approve
/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qiujian16, xuezhaojun

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [qiujian16,xuezhaojun]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment