Closed hexchen closed 4 months ago
Thanks for opening this, @hexchen!
May I ask you what's the impact level of this bug? So far I'm running Kamaji on CAPI v1.5 with no issues, even tho the type is potentially wrong.
Some external operators (the one I am having problems with is https://github.com/dntosas/capi2argo-cluster-operator) expect that type to determine that it is in fact a valid cluster-api kubeconfig. In this case, this leads to the operator not copying the kubeconfig into an argocd secret.
For reference, this is how the kubeadm control plane provider generates this secret: https://github.com/kubernetes-sigs/cluster-api/blob/main/util/kubeconfig/kubeconfig.go#L133
I'm happy to implement this change and open a PR for it, but since it is changed behaviour, I wanted to clear it with the maintainer first before implementing it.
I don't see any problem in changing the Secret type, that would work for new clusters, but we need to document this properly since the Type is immutable:
type: Invalid value: "cluster.x-k8s.io/secret": field is immutable
If you're open to implementing the change, happy to receive more contributions of yours 🎉
The plan is to release this for v0.8.0
By convention it should be of the type
cluster.x-k8s.io/secret
instead ofOpaque
when getting copied from the TenantControlPlane-managed secret.