[envoy][rbac] Rule prefix tags

[thomasvnoort]

What does this PR do?

This PR adds support for the rule_stat_prefix option of Envoy's RBAC metrics with the rule_prefix tag, as implemented in envoyproxy/envoy#31835. This is not released yet, but will be included in an upcoming 1.30 Envoy release. Since this prefix is optional, we can add support for this here before the release is out.

This PR also fixes a missing tag shadow_rule_prefix on the shadow_allowed metric which was omitted in #16453. TIL the parser "inherits" tags across metrics of the same prefix, so it wasn't missing I was just misunderstanding the implementation of the legacy parser. Because of this, we also had to add a workaround since it couldn't parse different tags for the rule_prefix and shadow_rule_prefix; you had to pick one for all http.rbac metrics. This means we either had to use the same existing shadow_rule_prefix tag for normal metrics or make a breaking change to use rule_prefix for shadow metrics. Luckily, @steveny91 found a way to rewrite the tags after parsing to allow different prefix tags for normal and shadow metrics.

Motivation

Additional Notes

Review checklist (to be filled by reviewers)

• Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
• Changelog entries must be created for modifications to shipped code
• Add the qa/skip-qa label if the PR doesn't need to be tested during QA.
• If you need to backport this PR to another branch, you can add the backport/<branch-name> label to the PR and it will automatically open a backport PR once this one is merged

[github-actions]

Test Results

94 tests   79 ✅  1m 7s ⏱️
 1 suites  13 💤
 1 files     2 ❌

For more details on these failures, see this check.

Results for commit 1031241.

♻️ This comment has been updated with latest results.

[iliakur]

Just need to fix the CI failures, otherwise lgtm. Really appreciate you adding/updating the tests for this too!

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.18%. Comparing base (2a6ec26) to head (5c1ab1e).
Report is 99 commits behind head on master.

Additional details and impacted files

Flag	Coverage Δ
active_directory	?
activemq_xml	?
aerospike	?
airflow	?
amazon_msk	?
ambari	?
arangodb	?
avi_vantage	?
azure_iot_edge	?
ceph	?
cisco_aci	?
citrix_hypervisor	?
clickhouse	?
cloudera	?
cockroachdb	?
couch	?
couchbase	?
crio	?
datadog_checks_base	?
datadog_checks_downloader	?
datadog_cluster_agent	?
dcgm	?
ddev	?
dns_check	?
dotnetclr	?
druid	?
ecs_fargate	?
elastic	?
envoy	95.18% <100.00%> (+0.12%)	⬆️
exchange_server	?
external_dns	?
gearmand	?
gitlab_runner	?
glusterfs	?
gunicorn	?
haproxy	?
harbor	?
http_check	?
ibm_db2	?
ibm_was	?
iis	?
karpenter	?
kong	?
kube_apiserver_metrics	?
kube_controller_manager	?
kube_dns	?
kube_metrics_server	?
kube_proxy	?
kube_scheduler	?
kubernetes_state	?
kyototycoon	?
linux_proc_extras	?
mapr	?
marathon	?
marklogic	?
mcache	?
mesos_slave	?
nagios	?
network	?
nfsstat	?
nginx	?
nginx_ingress_controller	?
nvidia_triton	?
openmetrics	?
oracle	?
pdh_check	?
pgbouncer	?
php_fpm	?
postfix	?
postgres	?
process	?
prometheus	?
rabbitmq	?
ray	?
redisdb	?
riakcs	?
sap_hana	?
scylla	?
silk	?
snmp	?
snowflake	?
sonarqube	?
spark	?
sqlserver	?
ssh_check	?
statsd	?
strimzi	?
system_core	?
system_swap	?
tcp_check	?
teamcity	?
tekton	?
temporal	?
twemproxy	?
twistlock	?
varnish	?
vault	?
vertica	?
voltdb	?
vsphere	?
weaviate	?
win32_event_log	?
windows_performance_counters	?
zk	?

Flags with carried forward coverage won't be shown. Click here to find out more.

[iliakur]

lgtm, thanks for the contribution!