kubeconfig secret is created with the wrong type

[hexchen]

By convention it should be of the type cluster.x-k8s.io/secret instead of Opaque when getting copied from the TenantControlPlane-managed secret.

[prometherion]

Thanks for opening this, @hexchen!

May I ask you what's the impact level of this bug? So far I'm running Kamaji on CAPI v1.5 with no issues, even tho the type is potentially wrong.

[hexchen]

Some external operators (the one I am having problems with is https://github.com/dntosas/capi2argo-cluster-operator) expect that type to determine that it is in fact a valid cluster-api kubeconfig. In this case, this leads to the operator not copying the kubeconfig into an argocd secret.

For reference, this is how the kubeadm control plane provider generates this secret: https://github.com/kubernetes-sigs/cluster-api/blob/main/util/kubeconfig/kubeconfig.go#L133

I'm happy to implement this change and open a PR for it, but since it is changed behaviour, I wanted to clear it with the maintainer first before implementing it.

[prometherion]

I don't see any problem in changing the Secret type, that would work for new clusters, but we need to document this properly since the Type is immutable:

type: Invalid value: "cluster.x-k8s.io/secret": field is immutable

If you're open to implementing the change, happy to receive more contributions of yours 🎉

The plan is to release this for v0.8.0