fix: Add operator driven cleanup for unsupported KAM resources

[tzprograms]

What type of PR is this?
/kind cleanup

What does this PR do / why we need it:
KAM support was removed in Openshift-Gitops 1.15 , While manual cleanup steps were documented in the release notes, many users missed these instructions and continue running outdated , unsupported KAM components in their environments , this caused the stale resources which were remaining on many clusters causing CVE scan alerts and causing support burden .

Approach:

• Performs targeted Get + Delete for the known KAM Deployment, Service and Route in the openshift-gitops namespace.
• Ensures idempotency

Have you updated the necessary documentation?

• Documentation update is required by this PR.
• Documentation has been updated.

Which issue(s) this PR fixes:

• N/A

Test acceptance criteria:

• Unit Test

How to test changes / Special notes to the reviewer:
Run the unit tests locally:

• go test ./controllers/ -run "TestCleanKAMResources" -v

6 tests cover the following scenarios:

• No KAM resources exist (silent no-op)
• KAM Deployment exists and is deleted
• KAM Service exists and is deleted
• KAM Route exists and is deleted
• All three resources exist and are all deleted
• Idempotency : calling cleanup twice does not panic or error

Manual/E2E Validation
To verify on a live cluster

1. Create stale KAM resources in openshift-gitops namespace:
   kubectl create deployment kam --image=nginx -n openshift-gitops
kubectl create service clusterip kam --tcp=80:80 -n openshift-gitops
2. Deploy operator with this change
3. Wait for reconcile to occur naturally (or trigger it manually)
4. Verify if the resources are gone
   kubectl get deployment kam -n openshift-gitops
kubectl get service kam -n openshift-gitops
kubectl get route kam -n openshift-gitops

Notes

• Cleanup is best-effort and non-blocking ; if deletion fails transiently, reconciliation continues normally and the next reconcile will retry
• Scoped strictly to the openshift-gitops namespace
• No new RBAC permissions required ; the operator already has delete on Deployments, Services, and Routes in that namespace

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign varshab1210 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @tzprograms. Thanks for your PR.

I'm waiting for a redhat-developer member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.