KubeVirt: always set the feature gate that disables the custom SELinu…

…x policy (#2211) Signed-off-by: Jed Lejosne <jed@redhat.com> Signed-off-by: Jed Lejosne <jed@redhat.com>
kubevirt · Jan 27, 2023 · 8596bc0 · 8596bc0
1 parent 9edac5a
commit 8596bc0
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 9 deletions.
diff --git a/controllers/hyperconverged/hyperconverged_controller_test.go b/controllers/hyperconverged/hyperconverged_controller_test.go
@@ -213,6 +213,7 @@ var _ = Describe("HyperconvergedController", func() {
 					"NUMA",
 					"WithHostPassthroughCPU",
 					"VMExport",
+					"DisableCustomSELinuxPolicy",
 				}
 				// Get the KV
 				kvList := &kubevirtcorev1.KubeVirtList{}

diff --git a/controllers/operands/kubevirt.go b/controllers/operands/kubevirt.go
@@ -28,10 +28,6 @@ import (
 	hcoutil "github.com/kubevirt/hyperconverged-cluster-operator/pkg/util"
 )
 
-const (
-	SELinuxLauncherType = "virt_launcher.process"
-)
-
 // env vars
 const (
 	kvmEmulationEnvName = "KVM_EMULATION"
@@ -96,6 +92,9 @@ const (
 
 	// Export VMs to outside of the cluster
 	kvVMExportGate = "VMExport"
+
+	// Disable the installation and usage of the custom SELinux policy
+	kvDisableCustomSELinuxPolicyGate = "DisableCustomSELinuxPolicy"
 )
 
 var (
@@ -112,6 +111,7 @@ var (
 		kvDownwardMetricsGate,
 		kvNUMA,
 		kvVMExportGate,
+		kvDisableCustomSELinuxPolicyGate,
 	}
 
 	// holds a list of mandatory KubeVirt feature gates. Some of them are the hard coded feature gates and some of
@@ -355,7 +355,6 @@ func getKVConfig(hc *hcov1beta1.HyperConverged) (*kubevirtcorev1.KubeVirtConfigu
 
 	config := &kubevirtcorev1.KubeVirtConfiguration{
 		DeveloperConfiguration: devConfig,
-		SELinuxLauncherType:    SELinuxLauncherType,
 		NetworkConfiguration: &kubevirtcorev1.NetworkConfiguration{
 			NetworkInterface: string(kubevirtcorev1.MasqueradeInterface),
 		},

diff --git a/controllers/operands/kubevirt_test.go b/controllers/operands/kubevirt_test.go
@@ -238,8 +238,6 @@ Version: 1.2.3`)
 			Expect(foundResource.Spec.Configuration.SMBIOSConfig.Sku).Should(Equal("1.2.3"))
 			Expect(foundResource.Spec.Configuration.SMBIOSConfig.Version).Should(Equal("1.2.3"))
 
-			Expect(foundResource.Spec.Configuration.SELinuxLauncherType).Should(Equal(SELinuxLauncherType))
-
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration).ToNot(BeNil())
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration.NetworkInterface).Should(Equal(string(kubevirtcorev1.MasqueradeInterface)))
 
@@ -376,8 +374,6 @@ Version: 1.2.3`)
 			Expect(foundResource.Spec.Configuration.SMBIOSConfig.Sku).Should(Equal("1.2.3"))
 			Expect(foundResource.Spec.Configuration.SMBIOSConfig.Version).Should(Equal("1.2.3"))
 
-			Expect(foundResource.Spec.Configuration.SELinuxLauncherType).Should(Equal(SELinuxLauncherType))
-
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration).ToNot(BeNil())
 			Expect(foundResource.Spec.Configuration.NetworkConfiguration.NetworkInterface).Should(Equal(string(kubevirtcorev1.MasqueradeInterface)))