feat(k8s/resource-pool): add the ability to mark/unmark resource pool as system (#5360)

* feat(k8s/resource-pool): add the ability to mark/unmark resource pool as system

fix(kube/ns): check label to see if namespace is system

refactor(k8s/namespaces): rename variables

feat(kubernetes): toggle system state in the server (#5361)

fix(app/resource-pool): UI fixes

feat(app/resource-pool): add confirmation modal when unamrking system namespace

* refactor(app): review changes

* feat(app/namespaces): introduce store to retrieve namespace system status without changing all the kubernetes models

refactor(app/namespaces): remove unused code first introduced for system tagging

fix(app/namespaces): cache namespaces to retrieve system status regardless of namespace reference format

refactor(app): migrate namespace store from helper to a separate singleton

refactor(app): remove KubernetesNamespaceHelper from DI cycle

* refactor(app): normalize usage of KubernetesNamespaceHelper functions

* refactor(app/k8s): change namespace store to functions instead of class

Co-authored-by: LP B <xAt0mZ@users.noreply.github.com>

api/kubernetes/cli/namespace.go

@@ -0,0 +1,73 @@
+package cli
+
+import (
+	"strconv"
+
+	"github.com/pkg/errors"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const (
+	systemNamespaceLabel = "io.portainer.kubernetes.namespace.system"
+)
+
+func defaultSystemNamespaces() map[string]struct{} {
+	return map[string]struct{}{
+		"kube-system":     {},
+		"kube-public":     {},
+		"kube-node-lease": {},
+		"portainer":       {},
+	}
+}
+
+func isSystemNamespace(namespace v1.Namespace) bool {
+	systemLabelValue, hasSystemLabel := namespace.Labels[systemNamespaceLabel]
+	if hasSystemLabel {
+		return systemLabelValue == "true"
+	}
+
+	systemNamespaces := defaultSystemNamespaces()
+
+	_, isSystem := systemNamespaces[namespace.Name]
+
+	return isSystem
+}
+
+// ToggleSystemState will set a namespace as a system namespace, or remove this state
+// if isSystem is true it will set `systemNamespaceLabel` to "true" and false otherwise
+// this will skip if namespace is "default" or if the required state is already set
+func (kcl *KubeClient) ToggleSystemState(namespaceName string, isSystem bool) error {
+	if namespaceName == "default" {
+		return nil
+	}
+
+	nsService := kcl.cli.CoreV1().Namespaces()
+
+	namespace, err := nsService.Get(namespaceName, metav1.GetOptions{})
+	if err != nil {
+		return errors.Wrap(err, "failed fetching namespace object")
+	}
+
+	if isSystemNamespace(*namespace) == isSystem {
+		return nil
+	}
+
+	if namespace.Labels == nil {
+		namespace.Labels = map[string]string{}
+	}
+
+	namespace.Labels[systemNamespaceLabel] = strconv.FormatBool(isSystem)
+
+	_, err = nsService.Update(namespace)
+	if err != nil {
+		return errors.Wrap(err, "failed updating namespace object")
+	}
+
+	if isSystem {
+		return kcl.NamespaceAccessPoliciesDeleteNamespace(namespaceName)
+	}
+
+	return nil
+
+}