Consider alternative to apps-in-any-namespace for cluster mapping #593
Description
Is your feature request related to a problem? Please describe.
The current architecture of the Agent uses apps-in-any-namespace to map applications to clusters. This works well in single-tenant use cases like cluster configuration but is potentially problematic in multi-tenant cases where users may want to use apps-in-any-namespace as intended to isolate multiple tenants.
As it is now all Applications targetting a specific cluster must go in the same namespace and the namespace must be named the same as used to register the cluster agent. This means that multiple tenants using the same cluster can no longer be isolated to a tenant specific namespace as was IMHO the original intent of apps-in-any-namespace.
I believe this is mostly an issue with managed mode and is less of a problem in autonomous since tenants would deploy their applications on the target clusters in autonomous. There may be issues for autonomous but most of my experience is with managed mode so I may not be fully considering all the implications.
Describe the solution you'd like
We could map Applications to Clusters by using the Application.spec.destination.name instead. The target cluster would be resolved by the name matching the name of the target cluster. This change would enable Applications to be in any namespace on the control plane.
Note that you should still be able to restrict target clusters using the AppProject's ability to limit destinations so this change should not cause unrestricted access to target clusters.
Describe alternatives you've considered
I haven't thought of a good alternative.
Additional context
Slack Thread: https://cloud-native.slack.com/archives/C07L5SX6A9J/p1758289030402449