Fix labels:

- add recommended app.kubernetes.io/name label to everything

  With these changes we prevent services selecting pods by other
  operators, because they all have the control-plane: controller-manager
  label by default.

  Because deployment updates with modified labels fail, also rename the
  deployment by modifying the namePrefix (causes bundle file renames as
  well).

- Add test that validate retrieval of operator controller pod by the label.

bundle/manifests/node-maintenance-controller-manager-metrics-service_v1_service.yaml

@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: node-maintenance-operator
+    control-plane: controller-manager
+    node-maintenance-operator: ""
+  name: node-maintenance-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: https
+  selector:
+    app.kubernetes.io/name: node-maintenance-operator
+    control-plane: controller-manager
+    node-maintenance-operator: ""
+status:
+  loadBalancer: {}

bundle/manifests/node-maintenance-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: node-maintenance-operator
+    node-maintenance-operator: ""
+  name: node-maintenance-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get

bundle/manifests/node-maintenance-operator-controller-manager-metrics-service_v1_service.yaml

@@ -6,7 +6,7 @@ metadata:
     app.kubernetes.io/name: node-maintenance-operator
     control-plane: controller-manager
     node-maintenance-operator: ""
-  name: node-maintenance-operator-controller-manager-metrics-service
+  name: node-maintenance-controller-manager-metrics-service
 spec:
   ports:
   - name: https

bundle/manifests/node-maintenance-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
-  name: node-maintenance-operator-metrics-reader
+  name: node-maintenance-metrics-reader
 rules:
 - nonResourceURLs:
   - /metrics

bundle/manifests/node-maintenance-operator-webhook-service_v1_service.yaml

@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
-  name: node-maintenance-operator-webhook-service
+  name: node-maintenance-webhook-service
 spec:
   ports:
   - port: 443

bundle/manifests/node-maintenance-operator.clusterserviceversion.yaml

@@ -202,13 +202,13 @@ spec:
           - subjectaccessreviews
           verbs:
           - create
-        serviceAccountName: node-maintenance-operator-controller-manager
+        serviceAccountName: node-maintenance-controller-manager
       deployments:
       - label:
           app.kubernetes.io/name: node-maintenance-operator
           control-plane: controller-manager
           node-maintenance-operator: ""
-        name: node-maintenance-operator-controller-manager
+        name: node-maintenance-controller-manager
         spec:
           replicas: 1
           selector:
@@ -290,7 +290,7 @@ spec:
               priorityClassName: system-cluster-critical
               securityContext:
                 runAsNonRoot: true
-              serviceAccountName: node-maintenance-operator-controller-manager
+              serviceAccountName: node-maintenance-controller-manager
               terminationGracePeriodSeconds: 10
               tolerations:
               - effect: NoSchedule
@@ -338,7 +338,7 @@ spec:
           verbs:
           - create
           - patch
-        serviceAccountName: node-maintenance-operator-controller-manager
+        serviceAccountName: node-maintenance-controller-manager
     strategy: deployment
   installModes:
   - supported: false
@@ -372,7 +372,7 @@ spec:
   - admissionReviewVersions:
     - v1
     containerPort: 443
-    deploymentName: node-maintenance-operator-controller-manager
+    deploymentName: node-maintenance-controller-manager
     failurePolicy: Fail
     generateName: vnodemaintenance.kb.io
     rules:

bundle/manifests/node-maintenance-webhook-service_v1_service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: node-maintenance-operator
+    node-maintenance-operator: ""
+  name: node-maintenance-webhook-service
+spec:
+  ports:
+  - port: 443
+    protocol: TCP
+    targetPort: 9443
+  selector:
+    app.kubernetes.io/name: node-maintenance-operator
+    control-plane: controller-manager
+    node-maintenance-operator: ""
+status:
+  loadBalancer: {}

config/default/kustomization.yaml

@@ -6,9 +6,10 @@ namespace: node-maintenance-operator-system
 # "wordpress" becomes "alices-wordpress".
 # Note that it should also match with the prefix (text before '-') of the namespace
 # field above.
-namePrefix: node-maintenance-operator-
+namePrefix: node-maintenance-
 
 # Labels to add to all resources and selectors.
+# Workaround: rename the deployment (by modifying namePrefix above)
 commonLabels:
   node-maintenance-operator: ""
   app.kubernetes.io/name: node-maintenance-operator