What does this PR do?

Improves PodDisruptionBudget configuration for sentinel deployments by implementing replica-aware disruption policies. Single-replica sentinels now use MinAvailable=1 to prevent eviction of the last pod during voluntary disruptions like node drains, while multi-replica sentinels use MaxUnavailable=1 to allow rolling disruptions while maintaining majority availability.

Fixes #4873

If there is not an issue for this, please create one first. This is used to tracking purposes and also helps us understand why this PR exists

Type of change

• Enhancement (small improvements)
• Bug fix (non-breaking change which fixes an issue)
• Chore (refactoring code, technical debt, workflow improvements)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How should this be tested?

• Deploy a single-replica sentinel and verify PDB uses MinAvailable=1
• Deploy a multi-replica sentinel and verify PDB uses MaxUnavailable=1
• Test node drain scenarios to ensure single-replica sentinels are protected from eviction
• Test rolling updates on multi-replica sentinels to ensure proper disruption handling

Checklist

Required

• Filled out the "How to test" section in this PR
• Read Contributing Guide
• Self-reviewed my own code
• Commented on my code in hard-to-understand areas
• Ran pnpm build
• Ran pnpm fmt
• Ran make fmt on /go directory
• Checked for warnings, there are none
• Removed all console.logs
• Merged the latest changes from main onto my branch with git pull origin main
• My changes don't cause any responsiveness issues

Appreciated

• If a UI change was made: Added a screen recording or screenshots to this PR
• Updated the Unkey Docs if changes were necessary

sequenceDiagram
    participant Controller as Controller\n(sentinel apply)
    participant K8sAPI as Kubernetes API
    participant PDB as PodDisruptionBudget

    Controller->>Controller: read desired replica count
    alt replicas ≤ 1
        Controller->>Controller: construct PDB with MinAvailable: 1 + selector
    else replicas > 1
        Controller->>Controller: construct PDB with MaxUnavailable: 1 + selector
    end
    Controller->>K8sAPI: apply desired PDB
    K8sAPI->>PDB: create/update PDB resource
    K8sAPI-->>Controller: response (created/updated)

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@svc/krane/internal/sentinel/apply.go`:
- Around line 386-401: The PodDisruptionBudgetSpec literals in the Apply flow
are non-exhaustive; ensure you build a single policyv1.PodDisruptionBudgetSpec
with all required fields (explicitly set UnhealthyPodEvictionPolicy and both
MinAvailable/MaxUnavailable pointers) and then conditionally set the
availability constraint based on sentinel.GetReplicas()—for example, create
pdbSpec with Selector and UnhealthyPodEvictionPolicy initialized, set
MinAvailable = nil and MaxUnavailable = nil initially, then if
sentinel.GetReplicas() <= 1 assign MinAvailable = ptr.P(intstr.FromInt(1)) else
assign MaxUnavailable = ptr.P(intstr.FromInt(1)); keep using
labels.New().SentinelID(sentinel.GetSentinelId()) for the Selector so
exhaustruct is satisfied and the downstream desired variable can still use
//nolint:exhaustruct.