Webhook Label Selector

[ionysos]

Description

This enables the use of webhook label selectors to be able to reduce the load on the cluster for excluded namespaces / objects. Webhook Label Selectors are available in Kubernetes v1.15+ (https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-objectselector).

Checklist

Before submitting this PR, please make sure:

• [x] your code builds clean with make
• [x] your code lets succeed unit tests with make test
• [x] your code lets succeed integration tests
• [x] you have documented new or changed features

[ionysos]

Feature works fine for me. However, I find it kind of confusing to add the label karydia if you want to exclude this namespace or object from karydia. Would another label (e.g. excludeKarydia) make the functionality more clear?

Moreover, double check the features.md.

Hmm. The idea was that we only have ONE place where to change the settings. If we name the label excludeKarydia we have to add an additional label to the karydia app installation. I think this would generate too much overhead. That's the reason why I just reused the currenty available app: karydia label.