Ci/dependabot consolidation

[Agent-Hellboy]

This pull request introduces several updates and refactorings across the project, primarily focusing on CI/CD dependency consolidation and modernizing Kubernetes API and webhook implementations.

Key changes include:

• GitHub Actions Updates: All GitHub Actions used in the CI, Gosec, and Trivy workflows have been updated to their latest stable versions. This includes dorny/paths-filter, actions/setup-go, codecov/codecov-action, actions/upload-artifact, and aquasecurity/trivy-action.
• API Scheme Registration Refactoring: The mechanism for registering API types (MCPServer, MCPAccessGrant, MCPAgentSession) with the Kubernetes scheme has been modernized. This involves migrating from sigs.k8s.io/controller-runtime/pkg/scheme.Builder to k8s.io/apimachinery/pkg/runtime.NewSchemeBuilder and an explicit addKnownTypes function, removing the old register.go file.
• Webhook Implementation Modernization: The webhook validation and defaulting logic has been updated to align with newer controller-runtime patterns. This involves adopting the generic admission.Defaulter and admission.Validator interfaces and introducing dedicated struct types (mcpServerWebhook, mcpAccessGrantValidator, mcpAgentSessionValidator) for each webhook.
• Reconciliation Result Refinements: The MCPServerReconciler now uses ctrl.Result{} for no requeue and ctrl.Result{RequeueAfter: time.Nanosecond} for immediate requeues, providing more explicit control over reconciliation flow.
• Integration Test Configuration: Integration tests have been updated to explicitly skip controller name validation in the controller-runtime manager options, accommodating recent changes in the library.

[gemini-code-assist]

Code Review

This pull request refactors the API scheme registration and webhook validation logic to use newer controller-runtime patterns and generic interfaces. It also includes a major update of project dependencies, upgrading Go to 1.26.0 and Kubernetes libraries to 0.36.0. Feedback focuses on the webhook implementations where the oldObj parameter is incorrectly ignored during update validations, which prevents state-dependent checks and could lead to runtime panics. Additionally, the use of a nanosecond delay for requeueing in the controller is flagged as non-standard, with a recommendation to use idiomatic requeue flags instead.

[kody-ai]

Kody Review Complete

Great news! 🎉
No issues were found that match your current review configurations.

Keep up the excellent work! 🚀

Kody Guide: Usage and Configuration

Interacting with Kody

• Request a Review: Ask Kody to review your PR manually by adding a comment with the @kody start-review command at the root of your PR.

• Validate Business Logic: Ask Kody to validate your code against business rules by adding a comment with the @kody -v business-logic command.

• Provide Feedback: Help Kody learn and improve by reacting to its comments with a 👍 for helpful suggestions or a 👎 if improvements are needed.

Current Kody Configuration

Review Options

The following review options are enabled or disabled:

Options	Enabled
Bug	✅
Performance	✅
Security	✅
Business Logic	✅

Access your configuration settings here.

​

[codecov]

Codecov Report

❌ Patch coverage is 64.92537% with 47 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.07%. Comparing base (6319ddc) to head (715a1b2).
⚠️ Report is 48 commits behind head on main.

Files with missing lines	Patch %	Lines
api/v1alpha1/validation.go	0.00%	31 Missing ⚠️
internal/cli/setup/platform.go	85.71%	4 Missing and 4 partials ⚠️
internal/operator/controller.go	20.00%	8 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #140      +/-   ##
==========================================
+ Coverage   50.01%   50.07%   +0.05%     
==========================================
  Files          86       86              
  Lines       11178    11262      +84     
==========================================
+ Hits         5591     5639      +48     
- Misses       4990     5022      +32     
- Partials      597      601       +4     

Flag	Coverage Δ
pre-merge	50.07% <64.92%> (+0.05%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
api/v1alpha1/groupversion_info.go	100.00% <100.00%> (ø)
internal/cli/setup/ingressmanifest/render.go	100.00% <100.00%> (ø)
pkg/sentinel/components.go	18.46% <ø> (ø)
internal/cli/setup/platform.go	44.75% <85.71%> (+0.82%)	⬆️
internal/operator/controller.go	64.01% <20.00%> (ø)
api/v1alpha1/validation.go	32.81% <0.00%> (-4.03%)	⬇️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.