Use systemd to add the root CA for API server access

this removes the code patching the configmap admin-kubeconfig-client-ca
to use the custom CA, instead it copies the generated CA to '/opt/crc/'
which is then used by a systemd service to created the required  secret
and updates the configmap

Author: anjannath

pkg/crc/cluster/cluster.go

@@ -197,13 +197,10 @@ func EnsureGeneratedClientCAPresentInTheCluster(ctx context.Context, ocConfig oc
 	}
 
 	logging.Info("Updating root CA cert to admin-kubeconfig-client-ca configmap...")
-	jsonPath := fmt.Sprintf(`'{"data": {"ca-bundle.crt": %q}}'`, selfSignedCAPem)
-	cmdArgs := []string{"patch", "configmap", "admin-kubeconfig-client-ca",
-		"-n", "openshift-config", "--patch", jsonPath}
-	_, stderr, err = ocConfig.RunOcCommand(cmdArgs...)
-	if err != nil {
-		return fmt.Errorf("Failed to patch admin-kubeconfig-client-ca config map with new CA` %v: %s", err, stderr)
+	if err := sshRunner.CopyData(selfSignedCAPem, "/opt/crc/custom-ca.crt", 0644); err != nil {
+		return fmt.Errorf("Failed to copy generated CA file to VM: %v", err)
 	}
+
 	if err := sshRunner.CopyFile(constants.KubeconfigFilePath, ocConfig.KubeconfigPath, 0644); err != nil {
 		return fmt.Errorf("Failed to copy generated kubeconfig file to VM: %v", err)
 	}