ConstraintTemplate spec.crd.names should following CustomResourceDefinitionNames spec

[josh-ferrell-sas]

The OPA Constraint Framework should follow the Kubernetes CustomResourceDefinitionNames spec for Constraint templates to allow specifying plural, singular, shortnames, etc.. without modifying the CRD after the constraint template is created.

https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#customresourcedefinitionnames-v1-apiextensions-k8s-io

[maxsmythe]

Hi!

The ability to have multiple names for a resource was causing problems by making it possible for people to create constraint templates that were in conflict with each other:

https://github.com/open-policy-agent/gatekeeper/issues/156

In the end, we thought it'd be good to make sure only one name can be specified, making it impossible for a user to to thing that create two CRDs with conflicting names or somehow inject the wrong Rego code.

Is there a use case you're looking to support?

[josh-ferrell-sas]

I can strip out the ability to specify singular and plural name specs but my goal started with being able to specify shortnames so I could get 'ir' instead of 'ingressrestriction'.

[maxsmythe]

+1 on adding short names.

Lets drop plural and singular. We could also add configurable categories in here (so long as "all" and "constraints" are specified by default per: https://github.com/open-policy-agent/frameworks/pull/65/files

Though the category thing could be saved for later, if preferable.