fix: runner token expiration renewal

[BoxBoxJason]

Description of your changes

This PR adds an automatic renewal mechanism on runner token expiration for the project, group & instance runners.

All of the changes are covered by unit tests

Fixes #304

I have:

• Read and followed Crossplane's contribution process.
• Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

I have:

• Successfully built and ran the provider locally against a kubernetes cluster.
• Successfully created, updated, and deleted resources of the types I changed / created.
• Ensured reconciliation loops for the changed / created resource complete without error.
  • Creation
  • Update
  • Deletion
• Deleted the resource on the app side to ensure the provider correctly handles
  unexpected drift. (should result in recreation of the resource if applicable)
• Updated the resource on the app side to ensure the provider correctly handles
  unexpected drift. (should result in an update of the resource if applicable)

[henrysachs]

Nice improvement overall. One thing worries me here: when renewal is due, Observe() returns ResourceExists: false even though the runner still exists in GitLab. That pushes Crossplane down the create path, and Create() provisions a brand-new runner instead of rotating the token on the existing one. In practice this looks like it would orphan the old runner, change the external name, and leave cleanup attached only to the newest runner. Since the runner client already exposes ResetRunnerAuthenticationToken, would it be safer to keep ResourceExists: true here and handle token renewal in Update() instead? I think the same issue exists in the group/project + cluster mirrors.

[henrysachs]

@BoxBoxJason left some comments even though it is a draft i would like to have this personally.

[BoxBoxJason]

Hey there !

Thanks for this pre review with very good insights. I will implement your suggestions and fixes this week end.

[henrysachs]

@BoxBoxJason could you rebase this one too and also remove the draft status? Because i think we're quite close to merging

[BoxBoxJason]

Hello !

I just performed the rebase,
I am not that confident to have this merged right now, as I did not have time to test the corrections against my gitlab instance this week end.

I will have more time this thursday to perform all tests and remove the draft status confidently !

[BoxBoxJason]

Turns out you were right !

Observation did not properly persist renewAt / createdAt fields set in Create
After a bit of digging around, I found out that using annotations works a lot better for that purpose.

Tell me what you think about this revised (and this time properly tested) version