Add subresource marker to workload CRD (#12360)

* Add subresource marker to workload CRD

Our ExternalWorkload resource has a status field, but the status is not
marked as a subresource in the object's schema. Status patches are done
in libraries through a separate interface; without marking the status as
a subresource, the API Server will respond to patch requests with a 404.
This makes ExternalWorkload resource statuses unpatachable from
controllers.

We fix the issue by marking the status as a subresource in the `v1beta1`
schema. No codegen changes are necessary. The version is not bumped
since this does not change the existing contract offered by an
ExternalWorkload; it only allows the API Server to treat its status as a
subresource when patching it (i.e. we can use the `patch_status`
interface).

Additional context:
 * In Kubernetes, each resource has its own declarative API that can be
   used to change its state.
 * Resources may optionally include other declarative APIs that are
   decoupled from the main resource's state; this includes `Scale` and
   `Status` subresources. They can be thought of as a set of shared
   interfaces that add additional information to a resource.
 * Statuses are meant to be patched through a separate interface as a
   result. This allows both:
   * A separation of concerns: either patch the spec or the status but
     not both to avoid overwriting or deleting fields
   * Principle of least privileged: fine-grained RBAC can be used to
     isolate spec writes from status writes.
 * Subresources get their own API paths, writing to a subresource means
   we are effectively sending a requested to a nested path (e.g.
   `/status` on a pod). The API server needs to know this path is
   available.
 * CRDs require that fields are marked as a subresource, without doing
   so, the API Server will reply with a 404 Not Found when attempting to
   modify a status, since the path doesn't exist (I assume).

See:
* [Kubernetes docs](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#scale-kubectl-patch)
* [API conventions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status)

Signed-off-by: Matei David <matei@buoyant.io>

* Golden files

Signed-off-by: Matei David <matei@buoyant.io>

---------

Signed-off-by: Matei David <matei@buoyant.io>

charts/linkerd-crds/templates/workload/external-workload.yaml

@@ -163,6 +163,8 @@ spec:
   - name: v1beta1
     served: true
     storage: true
+    subresources:
+      status: {}
     schema:
       openAPIV3Schema:
         description: >-