Enable feature flag disabled error reporting for AzureMachinePool, AzureManagedCluster

[CecileRobertMichon]

Copied from kubernetes-sigs/cluster-api#6331

User Story

As a user I would like to get transparent errors about Feature Flags on object creation.

Detailed Description

In order to get clear errors about feature flag status we can enable webhooks for objects when the associated feature flag is not enabled. The issue with this is whether or not enabling the webhooks in this way violates the way users understand feature flags.

All we're enabling here is reporting the status of the feature flag using the webhook so IMO this should not be a problem.

Additional Details
Currently there are two patterns in Cluster API for dealing with webhooks and feature flags:

Pattern 1: Don't start the webhook
MachinePools, ClusterResourceSet
Error:

Error from server (InternalError): error when creating "../scripts/cluster-api/kindnet-clusterresourceset.yaml": Internal error occurred: failed calling webhook "[default.clusterresourceset.addons.cluster.x-k8s.io](http://default.clusterresourceset.addons.cluster.x-k8s.io/)": Post "[https://capi-webhook-service.capi-system.svc:443/mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset?timeout=10s](https://capi-webhook-service.capi-system.svc/mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset?timeout=10s)": dial tcp 10.96.78.95:443: connect: connection refused

Pattern 2: Start the webhook but refuse object creation and updates.

• ClusterClass
  Error:

Error from server (spec: Forbidden: can be set only if the ClusterTopology feature flag is enabled): error when creating "../scripts/cluster-api/clusterclass.yaml": admission webhook "validation.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io" denied the request: spec: Forbidden: can be set only if the ClusterTopology feature flag is enabled

Steps to implement
Both patterns block usage of the feature, but the error message from pattern 2 is readable and tells users exactly what happened. As a user I would prefer to see this error so I understand what changes I make to the system.

To do this we would need to:

1. Remove feature flag checks for starting the AzureMachinePool and AzureManagedCluster webhooks in main.go
2. Add feature flag checks, like in the Cluster API Cluster Class webhook, for both ValidateCreate and ValidateUpdate in the AzureMachinePool and AzureManagedCluster webhooks.

Example PR to fix this is Cluster API: kubernetes-sigs/cluster-api#6348

/good-first-issue
/kind cleanup

[k8s-ci-robot]

@CecileRobertMichon:
This request has been marked as suitable for new contributors.

Guidelines

Please ensure that the issue body includes answers to the following questions:

• Why are we solving this issue?
• To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
• Does this issue have zero to low barrier of entry?
• How can the assignee reach out to you for help?

For more details on the requirements of such an issue, please see here and ensure that they are met.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-good-first-issue command.

In response to this:

Copied from kubernetes-sigs/cluster-api#6331

User Story

As a user I would like to get transparent errors about Feature Flags on object creation.

Detailed Description

In order to get clear errors about feature flag status we can enable webhooks for objects when the associated feature flag is not enabled. The issue with this is whether or not enabling the webhooks in this way violates the way users understand feature flags.

All we're enabling here is reporting the status of the feature flag using the webhook so IMO this should not be a problem.

Additional Details
Currently there are two patterns in Cluster API for dealing with webhooks and feature flags:

Pattern 1: Don't start the webhook
MachinePools, ClusterResourceSet
Error:

Error from server (InternalError): error when creating "../scripts/cluster-api/kindnet-clusterresourceset.yaml": Internal error occurred: failed calling webhook "[default.clusterresourceset.addons.cluster.x-k8s.io](http://default.clusterresourceset.addons.cluster.x-k8s.io/)": Post "[https://capi-webhook-service.capi-system.svc:443/mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset?timeout=10s](https://capi-webhook-service.capi-system.svc/mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset?timeout=10s)": dial tcp 10.96.78.95:443: connect: connection refused

Pattern 2: Start the webhook but refuse object creation and updates.

• ClusterClass
  Error:

Error from server (spec: Forbidden: can be set only if the ClusterTopology feature flag is enabled): error when creating "../scripts/cluster-api/clusterclass.yaml": admission webhook "validation.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io" denied the request: spec: Forbidden: can be set only if the ClusterTopology feature flag is enabled

Steps to implement
Both patterns block usage of the feature, but the error message from pattern 2 is readable and tells users exactly what happened. As a user I would prefer to see this error so I understand what changes I make to the system.

To do this we would need to:

1. Remove feature flag checks for starting the AzureMachinePool and AzureManagedCluster webhooks in main.go
2. Add feature flag checks, like in the Cluster API Cluster Class webhook, for both ValidateCreate and ValidateUpdate in the AzureMachinePool and AzureManagedCluster webhooks.

Example PR to fix this is Cluster API: kubernetes-sigs/cluster-api#6348

/good-first-issue
/kind cleanup

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[meghanajangi]

/assign

[CecileRobertMichon]

/unassign @meghanajangi

Please feel free to reassign if you pick this up again

[CecileRobertMichon]

/assign @Prajyot-Parab