fix(module): avoid queue blocking on invalid module config

[LopatinDmitr]

Description

Make virtualization module config validation tolerate empty or incomplete spec.settings and ensure hooks that patch values only reconcile when a valid copied module config exists.

This change keeps validate-module-config as the single source of truth for config validity:

• valid settings are copied into virtualization.internal.moduleConfig
• invalid settings are not copied
• the previous valid copied config is preserved
• validation errors are reported through virtualization.internal.moduleConfigValidation

Hooks and templates that depend on module config now use the copied internal config contract consistently.

Why do we need it, and what problem does it solve?

During installation the ModuleConfig/virtualization object may appear before the validating webhook is ready, so an empty or incomplete spec.settings can temporarily exist in the cluster.

Previously this could lead to two failure modes:

1. validate-module-config could panic while accessing missing required settings.
2. Hooks that patch values could continue reconciling from an invalid state, return invalid values patches, and block the module queue when Deckhouse validated them against OpenAPI.

With this change, config validation errors are reported cleanly through readiness, invalid settings never overwrite the copied internal config, and hooks that patch values only run when a valid copied config is available.

What is the expected result?

1. Create or keep ModuleConfig/virtualization with empty or incomplete spec.settings.
2. Verify validate-module-config does not panic and stores a validation error.
3. Verify invalid module settings are not copied into virtualization.internal.moduleConfig.
4. Verify the previous valid copied config is preserved if a new invalid config is applied.
5. Verify hooks that patch values do not reconcile until a valid copied config exists, and continue to use the previous valid copied config if it already exists.
6. Verify the module reports a clear readiness error for the invalid config.

Checklist

• The code is covered by unit tests.
• e2e tests passed.
• Documentation updated according to the changes.
• Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: module
type: fix
summary: Make virtualization hooks use only valid copied module config and avoid queue blocking on invalid module settings.