_Proposed title of this feature request
Exclude specific annotation from namespace when restoring from backup

What is the nature and description of the request?
When rebuilding an OpenShift Container Platform 4 - Cluster because of a disaster and attempting to restore application namespace from OADP backup, it can happen that openshift.io/sa.scc.uid-range, openshift.io/sa.scc.supplemental-groups and openshift.io/sa.scc.mcs are available twice on the OpenShift Container Platform 4 - Cluster because namespaces such as openshift-* are being created and have random values selected. Given the values are randomly selected, they may conflict with what is restored from backup. It therefore is requested to have a way to exclude annotation from namespace when restoring namespace object to make sure openshift.io/sa.scc.uid-range, openshift.io/sa.scc.supplemental-groups and openshift.io/sa.scc.mcs are assigned again dynamically and are not conflicting with existing namespaces.

Instead of excluding the annotation and alternative approach would be to detect the conflict/duplicated annotation and resolve them automatically.

Why does the customer need this? (List the business requirements here)
Having openshift.io/sa.scc.uid-range, openshift.io/sa.scc.supplemental-groups and openshift.io/sa.scc.mcs set twice on different namespace does expose a risk with regards to security and hence should be prevented. While we have the problem covered via Resolving overlapping UID ranges in OpenShift namespaces after migration, it still would be nice to have a way to prevent the problem from happening at all.

Optional: List affected component/s.
OpenShift APIs for Data Protection