feat(sandbox-manager): support auto-resume (wake-on-traffic) sandboxes

[AiRanthem]

Summary

• Add wake-on-traffic annotation lifecycle and timeout parsing for E2B sandboxes.
• Add scoped system credential support for manager-to-gateway wake requests.
• Teach sandbox-gateway to resume paused sandboxes on matching traffic and add focused unit coverage.

Test Plan

• go test ./pkg/sandbox-gateway/... ./pkg/sandbox-manager/... ./pkg/servers/e2b/... ./pkg/utils/proxyutils ./pkg/utils/timeout ./pkg/proxy

[kruise-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign zmberg for approval by writing /assign @zmberg in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

❌ Patch coverage is 91.35560% with 44 lines in your changes missing coverage. Please review.
✅ Project coverage is 79.91%. Comparing base (0a98763) to head (e2cea07).
⚠️ Report is 15 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/sandbox-gateway/filter/filter.go	87.50%	8 Missing and 5 partials ⚠️
pkg/servers/e2b/core.go	33.33%	10 Missing ⚠️
pkg/servers/e2b/keys/systemkey.go	93.33%	3 Missing and 3 partials ⚠️
...g/sandbox-gateway/controller/gateway_controller.go	0.00%	5 Missing ⚠️
pkg/sandbox-gateway/wake/wake.go	95.29%	2 Missing and 2 partials ⚠️
pkg/sandbox-gateway/server/server.go	75.00%	1 Missing and 1 partial ⚠️
pkg/sandbox-gateway/wake/client.go	93.33%	1 Missing and 1 partial ⚠️
pkg/sandbox-manager/infra/sandboxcr/sandbox.go	93.10%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #495      +/-   ##
==========================================
+ Coverage   79.37%   79.91%   +0.54%     
==========================================
  Files         189      194       +5     
  Lines       13308    13776     +468     
==========================================
+ Hits        10563    11009     +446     
- Misses       2365     2379      +14     
- Partials      380      388       +8     

Flag	Coverage Δ
unittests	79.91% <91.35%> (+0.54%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[kruise-bot]

@AiRanthem: PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.