Support specifying patch directives in pod and container overrides

[amisevsk]

Description

When using the pod-overrides or container-overrides attribute in a DevWorkspace, the override bytes are deserialized into a PodSecurityContext/SecurityContext and applied via strategic merge patch. However, this approach prevents un-setting fields within a struct, as empty fields are ignored in the serialize/deserialize procedure (due to omitempty). This means that if a pod is configured to have security context

securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000

it's not possible to specify a pod override to make this

securityContext:
    runAsUser: 1001

Kubernetes strategic merge supports patch directives to change the behavior of the patch:

• $patch: replace causes fields to be applied as-is rather than merged into existing values
• $patch: delete deletes fields altogether without patching anything

Additional context

Originally brought up in discussion on devfile/api#920

[l0rd]

@amisevsk is there some documentation about this or should we add it (in the dwo additional doc md file I guess)?

[l0rd]

cc @max-cx

[amisevsk]

I'm hesitant to add explicit documentation as it's not our functionality so much as it's what is supported by Kubernetes strategic merge patch (documented here).

[l0rd]

Right. Linking to the strategic merge path documentation and mentioning that directives modify the behavior would be useful I think.

[amisevsk]

Created PR #981 to add a short note and link to docs mentioned above.