Gatekeeper configuration resources should be kind: GatekeeperConfig

[skaven81]

What steps did you take and what happened: This is similar to #677. The config.gatekeeper.sh CRD creates a resource of kind: Config with singular and plural names config and configs, all of which are overly generic and likely to conflict with other projects that wish to store their configuration in a custom resource.

What did you expect to happen: The config.gatekeeper.sh should use the following names:

  names:
    kind: GatekeeperConfig
    listKind: GatekeeperConfigList
    singular: gatekeeperconfig
    plural: gatekeeperconfigs
    shortNames:
    - gkconfig

This makes it obvious both when looking at kubectl api-resources, and when actually creating or maintaing a YAML file with Gatekeeper configuration inside, that it's associated with the Gatekeeper controller running in the cluster.

Environment:

• Gatekeeper version: v3.1.0-beta.9
• Kubernetes version: (use kubectl version):

  Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.3", GitCommit:"2e7996e3e2712684bc73f0dec0200d64eec7fe40", GitTreeState:"clean", BuildDate:"2020-05-20T12:52:00Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
  Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.12", GitCommit:"e2a822d9f3c2fdb5c9bfbe64313cf9f657f0a725", GitTreeState:"clean", BuildDate:"2020-05-06T05:09:48Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}

[maxsmythe]

Naming this config was an attempt to follow the K8s naming conventions:

https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#naming-conventions

FooController is a deprecated kind naming convention. Name the kind after the thing being controlled instead (e.g., Job rather than JobController).

Arguably GatekeeperConfig is just being more descriptive.

From a functional standpoint, there is no risk of conflict as the Gatekeeper Config object is qualified by the gatekeeper.sh domain name.

It should be noted that changing the kind would be a breaking change, which users would need to update their clusters to accommodate.

[maxsmythe]

Some ambivalence at triage: in gatekekeeper-system namespace, so no collisions, on the other hand, using kubectl can be awkward when kinds overlap.

This is an alpha resource, but there would be user effort involved in migrating if we change.

Leaving this open for more people to comment if there is interest.