feat(CLI): Allow unsetting annotations on cluster

[skrobul]

This allows users to unset cluster annotations by using a special syntax that is equivalent of "kubectl annotate".

The same functionality is currently available through the UI.

Example usage:

## Possible today
$ argocd cluster set mycluster --annotation unwanted=12345
Cluster 'mycluster' updated.

$ argocd cluster get mycluster | yq .annotations
argocd.argoproj.io/refresh: "2025-08-04T14:39:55Z"
unwanted: '12345'
$

## new
$ argocd cluster set mycluster --annotation unwanted-
Cluster 'mycluster' updated.

$ argocd cluster get mycluster | yq .annotations
argocd.argoproj.io/refresh: "2025-08-04T14:39:55Z"
$

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• The title of the PR conforms to the Title of the PR
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).
• My new feature complies with the feature status guidelines.
• I have added a brief description of why this PR is necessary and/or what this PR solves.
• Optional. My organization is added to USERS.md.
• Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

[bunnyshell]

✅ Preview Environment deployed on Bunnyshell

Component	Endpoints
argocd	https://argocd-7ry7y4.bunnyenv.com/
argocd-ttyd	https://argocd-web-cli-7ry7y4.bunnyenv.com/

See: Environment Details | Pipeline Logs

Available commands (reply to this comment):

• 🔴 /bns:stop to stop the environment
• 🚀 /bns:deploy to redeploy the environment
• ❌ /bns:delete to remove the environment

[pjiang-dev]

Thanks for the PR. Added a few comments.
Also one potential concern is if certain annotations are used for security policies (e.g., access controls), allowing deletion could bypass those controls.

[pjiang-dev]

This deletion marker seems a bit hacky/awkward. Consider using a new type with Delete option.

type LabelUpdate struct {
    Value   string
    Delete  bool
}

[skrobul]

I like that idea - will look into that. thanks for the feedback

[pjiang-dev]

What happens if an annotation legitimately has the '-' suffix ?

[skrobul]

Not possible: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set

The name segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between.