Patch default namespace with label

[ccremer]

Traffic incoming on the HostNetwork is marked as netid:0, which causes Networkpolicies to reject traffic. The Red Hat way is to patch default namespace with a label

Internal reference: OCP-31

Checklist

• [x] Keep pull requests small so they can be easily reviewed.
• [ ] Update the documentation.
• [ ] Update the ./CHANGELOG.md.
• [ ] Link this PR to related issues.

[ccremer]

I tried to compile locally, but for some reason the resource locker lib cannot be imported:

$ make compile
docker run --rm --user "$(id -u)" -v "${PWD}:/openshift4-ingress" --workdir /openshift4-ingress --entrypoint /usr/local/bin/jb projectsyn/commodore:latest install
CLEAN /openshift4-ingress/vendor/lib
docker run --rm --user "$(id -u)" -v "${PWD}:/openshift4-ingress" --workdir /openshift4-ingress projectsyn/commodore:latest component compile .
Agent pid 10
grep: /app/.ssh: No such file or directory
No SSH keys were added
Compile component openshift4-ingress...
GET https://github.com/bitnami-labs/kube-libsonnet/archive/28743043c44c1f5cd69688c202e72d5f677ad02f.tar.gz 200
Compiling catalog...

Jsonnet error: failed to compile /tmp/component-uyt2hcep/dependencies/openshift4-ingress/component/main.jsonnet:
 RUNTIME ERROR: couldn't open import "lib/resource-locker.libjsonnet": [Errno 2] No such file or directory: '/tmp/component-uyt2hcep/dependencies/openshift4-ingress/component/lib/resource-locker.libjsonnet'
    /tmp/component-uyt2hcep/dependencies/openshift4-ingress/component/main.jsonnet:4:24-63  thunk <resourcelocker>
    /tmp/component-uyt2hcep/dependencies/openshift4-ingress/component/main.jsonnet:20:31-45 thunk <defaultNamespacePatch>
    /tmp/component-uyt2hcep/dependencies/openshift4-ingress/component/main.jsonnet:49:68-89 object <anonymous>
    During manifestation    

Compile error: failed to compile target: openshift4-ingress
make: *** [Makefile:61: compile] Error 1