[VC-43753] CyberArk(client): add CyberArk snapshot conversion

[wallrj-cyberark]

Add CyberArk snapshot conversion

Commit 1

• Introduced convertDataReadings to process DataReading objects into snapshots.
• Added support for extracting Kubernetes server version and dynamic resources.
• Updated CyberArkClient to use the new data conversion logic.
• Refactored DiscoveryData and DynamicData structures for better type safety.
• Replaced unstructured.Unstructured with runtime.Object in Snapshot fields.
• Enhanced DataGathererDiscovery and DataGathererDynamic to return strongly typed data.
• Added unit tests for new data extraction and conversion functions.

Commit 2

• Added ClusterID field to DiscoveryData to store the unique Kubernetes
  cluster identifier derived from the kube-system namespace UID.
• Updated DataGathererDiscovery to fetch and store the cluster ID during
  initialization.
• Refactored extractServerVersionFromReading to extractClusterIDAndServerVersionFromReading
  to handle both cluster ID and server version extraction.
• Removed clusteruid package as its functionality is now integrated into
  the discovery data gatherer.
• Updated unit tests to validate the inclusion of ClusterID in snapshots.

Part of: https://venafi.atlassian.net/browse/VC-43753

Followup PRs

1. [VC-43403] CyberArk(helm): add Disco Agent Helm chart #678

Testing

 go run . agent --one-shot --machine-hub --agent-config-file ./examples/machinehub.yaml
I0901 08:10:33.203046 1119769 run.go:58] "Starting" logger="Run" version="development" commit=""
I0901 08:10:33.205033 1119769 run.go:116] "Healthz endpoints enabled" logger="Run.APIServer" addr=":8081" path="/healthz"
I0901 08:10:33.205147 1119769 run.go:120] "Readyz endpoints enabled" logger="Run.APIServer" addr=":8081" path="/readyz"
I0901 08:10:33.205193 1119769 run.go:269] "Pod event recorder disabled" logger="Run" reason="The agent does not appear to be running in a Kubernetes cluster." detail="When running in a Kubernetes cluster the following environment variables must be set: POD_NAME, POD_NODE, POD_UID, POD_NAMESPACE"
I0901 08:10:35.055576 1119769 identity.go:419] "successfully completed AdvanceAuthentication request to CyberArk Identity; login complete" logger="Run.gatherAndOutputData.postData" username="<REDACTED>"
I0901 08:10:36.875315 1119769 run.go:417] "Data sent successfully" logger="Run.gatherAndOutputData.postData"
richard@localhost:~/projects/jetstack/jetstack-secure$

$ tail -n1  request.txt | jq 
{
  "agent_version": "development",
  "cluster_id": "58b0b708-c3e9-439d-ac6e-f5a9dc818e18",
  "k8s_version": "v1.33.1",
  "secrets": [
    {
      "apiVersion": "v1",
      "kind": "Secret",
      "metadata": {
        "creationTimestamp": "2025-08-29T04:07:15Z",
        "labels": {
          "cert-manager.io/next-private-key": "true",
          "controller.cert-manager.io/fao": "true"
        },
        "name": "samplewebhook-example-webhook-ca-zx9qh",
        "namespace": "samplewebhook",
        "ownerReferences": [
          {

I re-ran the e2e test script to check that new ClusterID field in the discovery datagatherer doesn't cause any problems for the TLSPK backend:

$ ./hack/e2e/test.sh
...
{
  "ts": 1756801135013.2488,
  "caller": "transport/round_trippers.go:632",
  "msg": "Response",
  "v": 6,
  "logger": "Run.gatherAndOutputData.postData",
  "verb": "POST",
  "url": "https://api.venafi.cloud/v1/tlspk/upload/clusterdata/no?description=QSBraW5kIGNsdXN0ZXIgdXNlZCBmb3IgdGVzdGluZyB0aGUgdmVuYWZpLWt1YmVybmV0ZXMtYWdlbnQuCg&name=venafi-kubernetes-agent-e2e",
  "status": "200 OK",
  "milliseconds": 343
}
{"ts":1756801135081.4727,"caller":"agent/run.go:417","msg":"Data sent successfully","v":0,"logger":"Run.gatherAndOutputData.postData"}
...
+ jq 'if .count == 0 then . | halt_error(1) end'
{
  "count": 1,
  "certificates": [
   ...
      "certificateName": "venafi-kubernetes-agent-e2e.9bc9b2b7-1674-4fc2-93cb-04bee1b27b28",
    ...
}
+ exit 0

[Copilot]

Pull Request Overview

This PR adds CyberArk snapshot conversion functionality to process DataReading objects into the snapshot format expected by the CyberArk API.

• Introduced data conversion logic with convertDataReadings and extractor functions for processing different resource types
• Updated type definitions to use runtime.Object instead of unstructured.Unstructured for better type safety
• Enhanced data gatherers to return strongly typed data structures (DynamicData and DiscoveryData)

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
pkg/client/client_cyberark.go	Added conversion logic and extractor functions for transforming DataReadings to CyberArk snapshots
pkg/client/client_cyberark_convertdatareadings_test.go	Added comprehensive test coverage for data conversion functions
pkg/client/client_cyberark_test.go	Added helper function for generating test data and updated test cases
pkg/internal/cyberark/dataupload/dataupload.go	Changed Snapshot field types from unstructured.Unstructured to runtime.Object
pkg/internal/cyberark/dataupload/dataupload_test.go	Updated test to use version constant instead of hardcoded value
pkg/internal/cyberark/dataupload/mock.go	Added assertions for cluster ID and agent version validation
pkg/datagatherer/k8s/discovery.go	Refactored to return strongly typed DiscoveryData instead of generic map
pkg/datagatherer/k8s/dynamic.go	Refactored to return strongly typed DynamicData instead of generic map
pkg/datagatherer/k8s/dynamic_test.go	Updated tests to work with new strongly typed return values
api/datareading.go	Added DynamicData and DiscoveryData type definitions
examples/machinehub.yaml	Updated configuration to include comprehensive resource gathering definitions

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[inteon]

The code looks good to me, very clean!