From d855df8b3aa4bf4287946f10701b55d746c8b5c8 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sat, 29 Jan 2022 19:51:24 +0100
Subject: [PATCH] feat(system-upgrades): Manage kubelet by
 system-upgrades-controller

---
 infrastructure/system-upgrades/kubelet.yaml   | 46 +++++++++++++++++++
 .../system-upgrades/kustomization.yaml        |  3 +-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 infrastructure/system-upgrades/kubelet.yaml

diff --git a/infrastructure/system-upgrades/kubelet.yaml b/infrastructure/system-upgrades/kubelet.yaml
new file mode 100644
index 000000000..4c1e682fd
--- /dev/null
+++ b/infrastructure/system-upgrades/kubelet.yaml
@@ -0,0 +1,46 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubelet
+  namespace: system-upgrade
+type: Opaque
+stringData:
+  kubelet.service: |
+    [Service]
+    Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --authentication-token-webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
+  upgrade.sh: |
+    #!/bin/sh
+    set -e
+    set -x
+    secrets="$(dirname $0)"
+    cp "$secrets/kubelet.service" /etc/systemd/system/kubelet.service.d/flux.conf
+    systemctl daemon-reload
+    systemctl restart kubelet.service
+---
+apiVersion: upgrade.cattle.io/v1
+kind: Plan
+metadata:
+  name: kubelet-config
+  namespace: system-upgrade
+spec:
+  concurrency: 1
+  nodeSelector:
+    matchExpressions:
+      - key: feature.node.kubernetes.io/system-os_release.ID
+        operator: In
+        values:
+          - "fedora"
+      - key: feature.node.kubernetes.io/system-os_release.VERSION_ID.major
+        operator: In
+        values:
+          - "35"
+  serviceAccountName: system-upgrade
+  secrets:
+    - name: kubelet
+      path: /host/run/system-upgrade/secrets/kubelet
+  version: "1.0.0"
+  upgrade:
+    image: registry.fedoraproject.org/fedora:35
+    command: ["chroot", "/host"]
+    args: ["sh", "/run/system-upgrade/secrets/kubelet/upgrade.sh"]
diff --git a/infrastructure/system-upgrades/kustomization.yaml b/infrastructure/system-upgrades/kustomization.yaml
index 6f6c7a78b..d7047ee68 100644
--- a/infrastructure/system-upgrades/kustomization.yaml
+++ b/infrastructure/system-upgrades/kustomization.yaml
@@ -2,8 +2,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: system-upgrade
 resources:
-  - fedora.yaml
   - calver-server.yaml
+  - fedora.yaml
+  - kubelet.yaml
   - longhorn-lvm.yaml
   - longhorn-setup.yaml
   - fedora-temperature-monitoring.yaml
-- 
GitLab