Add IBM Cloud managed annotations to CVO manifests

This matches openshift/enhancements#445 and does
not change behavior.

manifests/0000_20_kube-apiserver-operator_00_cr-anyuid.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:anyuid

manifests/0000_20_kube-apiserver-operator_00_cr-hostaccess.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:hostaccess

manifests/0000_20_kube-apiserver-operator_00_cr-hostmount-anyuid.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:hostmount

manifests/0000_20_kube-apiserver-operator_00_cr-hostnetwork.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:hostnetwork

manifests/0000_20_kube-apiserver-operator_00_cr-nonroot.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:nonroot

manifests/0000_20_kube-apiserver-operator_00_cr-privileged.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:privileged

manifests/0000_20_kube-apiserver-operator_00_cr-restricted.yaml

@@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     rbac.authorization.kubernetes.io/autoupdate: "true"
   name: system:openshift:scc:restricted

manifests/0000_20_kube-apiserver-operator_00_namespace.yaml

@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Namespace
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     openshift.io/node-selector: ""
   labels:

manifests/0000_20_kube-apiserver-operator_00_scc-anyuid.yaml

@@ -15,6 +15,7 @@ groups:
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: anyuid provides all features of the restricted SCC

manifests/0000_20_kube-apiserver-operator_00_scc-hostaccess.yaml

@@ -14,6 +14,7 @@ groups: []
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: 'hostaccess allows access to all host namespaces but

manifests/0000_20_kube-apiserver-operator_00_scc-hostmount-anyuid.yaml

@@ -14,6 +14,7 @@ groups: []
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: |-

manifests/0000_20_kube-apiserver-operator_00_scc-hostnetwork.yaml

@@ -14,6 +14,7 @@ groups: []
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: hostnetwork allows using host networking and host ports

manifests/0000_20_kube-apiserver-operator_00_scc-nonroot.yaml

@@ -14,6 +14,7 @@ groups: []
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: nonroot provides all features of the restricted SCC

manifests/0000_20_kube-apiserver-operator_00_scc-privileged.yaml

@@ -20,6 +20,7 @@ groups:
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: 'privileged allows access to all privileged and host

manifests/0000_20_kube-apiserver-operator_00_scc-restricted.yaml

@@ -15,6 +15,7 @@ groups:
 kind: SecurityContextConstraints
 metadata:
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
     kubernetes.io/description: restricted denies access to all host features and requires

manifests/0000_20_kube-apiserver-operator_01_operator.cr.yaml

@@ -3,6 +3,7 @@ kind: KubeAPIServer
 metadata:
   name: cluster
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
     release.openshift.io/create-only: "true"
 spec:

manifests/0000_20_kube-apiserver-operator_03_configmap.yaml

@@ -4,6 +4,7 @@ metadata:
   namespace: openshift-kube-apiserver-operator
   name: kube-apiserver-operator-config
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 data:
   config.yaml: |

manifests/0000_20_kube-apiserver-operator_04_clusterrolebinding.yaml

@@ -3,6 +3,7 @@ kind: ClusterRoleBinding
 metadata:
   name: system:openshift:operator:kube-apiserver-operator
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 roleRef:
   kind: ClusterRole

manifests/0000_20_kube-apiserver-operator_05_serviceaccount.yaml

@@ -6,5 +6,6 @@ metadata:
   labels:
     app: kube-apiserver-operator
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 

manifests/0000_20_kube-apiserver-operator_08_flowschema.yaml

@@ -3,6 +3,7 @@ kind: PriorityLevelConfiguration
 metadata:
   name: openshift-aggregated-api-delegated-auth
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 spec:
   limited:
@@ -20,6 +21,7 @@ kind: PriorityLevelConfiguration
 metadata:
   name: openshift-control-plane-operators
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 spec:
   limited:
@@ -37,6 +39,7 @@ kind: FlowSchema
 metadata:
   name: openshift-monitoring-metrics
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 spec:
   distinguisherMethod:
@@ -61,6 +64,7 @@ kind: FlowSchema
 metadata:
   name: openshift-kube-apiserver-operator
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 spec:
   distinguisherMethod:

manifests/0000_90_kube-apiserver-operator_01_prometheusrole.yaml

@@ -5,6 +5,7 @@ metadata:
   name: prometheus-k8s
   namespace: openshift-kube-apiserver-operator
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 rules:
 - apiGroups:

manifests/0000_90_kube-apiserver-operator_02_prometheusrolebinding.yaml

@@ -4,6 +4,7 @@ metadata:
   name: prometheus-k8s
   namespace: openshift-kube-apiserver-operator
   annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
     include.release.openshift.io/self-managed-high-availability: "true"
 roleRef:
   apiGroup: rbac.authorization.k8s.io