chore(KFLUXVNGD-128): Delete old crossplane namespace claims

Delete crossplane namespace claims periodically to prevent the
compute provided.

Jira-Url: https://issues.redhat.com/browse/KFLUXVNGD-128
Signed-off-by: Homaja Marisetty <[email protected]>

components/crossplane-control-plane/base/cronjob.yaml

@@ -0,0 +1,37 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: namespace-claim-cleaner
+  namespace: crossplane-system
+spec:
+  schedule: "0 4 * * *" # every day at 4AM UTC
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+            - name: namespace-claim-cleaner
+              image: quay.io/konflux-ci/appstudio-utils:e9578e46aefbe58bf77de1f154fbb846fcbdacec@sha256:2094a997c17bc168264209deb43504adcda4b97b64602041e4886f086856301d
+              command:
+                - /bin/bash
+                - /scripts/namespace-claim-cleaner.sh
+              volumeMounts:
+                - name: script-volume
+                  mountPath: /scripts
+                  readOnly: true
+              resources:
+                requests:
+                  cpu: 250m
+                  memory: 125Mi
+                limits:
+                  cpu: 250m
+                  memory: 125Mi
+              securityContext:
+                readOnlyRootFilesystem: true
+                runAsNonRoot: true
+          volumes:
+            - name: script-volume
+              configMap:
+                name: namespace-claim-configmap
+          restartPolicy: Never
+          serviceAccountName: namespace-claim-cleaner

components/crossplane-control-plane/base/kustomization.yaml

@@ -1,6 +1,9 @@
 resources:
-- https://github.com/konflux-ci/crossplane-control-plane/crossplane?ref=5d6c42730c1c9f66b5d3567bdf04d587832ceac1
-- https://github.com/konflux-ci/crossplane-control-plane/config?ref=5d6c42730c1c9f66b5d3567bdf04d587832ceac1
+- https://github.com/konflux-ci/crossplane-control-plane/crossplane?ref=f61fa6c74ed6e7ac1a913c35612498157b37549d
+- https://github.com/konflux-ci/crossplane-control-plane/config?ref=f61fa6c74ed6e7ac1a913c35612498157b37549d
+- rbac.yaml
+- cronjob.yaml
+- namespace-claim-configmap.yaml
 
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization

components/crossplane-control-plane/base/namespace-claim-configmap.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: namespace-claim-configmap
+  namespace: crossplane-system
+data:
+  namespace-claim-cleaner.sh: |
+    #!/bin/bash
+    set -eo pipefail
+    
+    namespaces=$(kubectl get namespaces.eaas.konflux-ci.dev --all-namespaces -o json | jq -c '.items[] | "\(.metadata.name) \(.metadata.namespace) \(.metadata.creationTimestamp)"' | sed 's/"//g' | xargs)
+    
+    if [[ -z "$namespaces" ]]; then
+      echo "No namespaces found"
+      exit 0
+    fi
+
+    while read -r name namespace creationTime; do
+      CREATION_TIME=$(date -d "$creationTime" +%s)
+      CURRENT_TIME=$(date +%s)
+      AGE=$((CURRENT_TIME - CREATION_TIME))
+      if [ $AGE -gt 14400 ]; then
+        kubectl delete namespaces.eaas.konflux-ci.dev $name -n $namespace
+      fi
+    done <<< "$namespaces"

components/crossplane-control-plane/base/rbac.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: namespace-claim-cleaner
+  namespace: crossplane-system
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: namespace-claim-cleaner
+rules:
+  - apiGroups:
+      - eaas.konflux-ci.dev
+    resources:
+      - namespaces
+    verbs:
+      - list
+      - delete
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: namespace-claim-cleaner
+subjects:
+  - kind: ServiceAccount
+    name: namespace-claim-cleaner
+    namespace: crossplane-system
+roleRef:
+  kind: ClusterRole
+  name: namespace-claim-cleaner
+  apiGroup: rbac.authorization.k8s.io

components/crossplane-control-plane/development/kustomization.yaml

@@ -1,6 +1,6 @@
 resources:
 - ../base
-- https://github.com/konflux-ci/crossplane-control-plane/examples/provider-kubernetes-in-cluster?ref=5d6c42730c1c9f66b5d3567bdf04d587832ceac1
+- https://github.com/konflux-ci/crossplane-control-plane/examples/provider-kubernetes-in-cluster?ref=f61fa6c74ed6e7ac1a913c35612498157b37549d
 
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization