diff --git a/cluster/sync.sh b/cluster/sync.sh index eec15450..92cf64f3 100755 --- a/cluster/sync.sh +++ b/cluster/sync.sh @@ -50,5 +50,10 @@ pods_ready_wait() { fi } +enable_psa_feature_gate() { + ./cluster/kubectl.sh apply -f ./hack/psa/kubevirt.yaml +} + pods_ready_wait make create-nodeport +enable_psa_feature_gate diff --git a/cluster/up.sh b/cluster/up.sh index 7cccb5d1..30e9731d 100755 --- a/cluster/up.sh +++ b/cluster/up.sh @@ -18,7 +18,7 @@ set -ex pipefail export DEPLOY_CNAO=${DEPLOY_CNAO:-true} export DEPLOY_KUBEVIRT=${DEPLOY_KUBEVIRT:-true} -export KUBEVIRT_PSA=${KUBEVIRT_PSA:-false} +export KUBEVIRT_PSA=${KUBEVIRT_PSA:-true} source ./cluster/cluster.sh diff --git a/hack/psa/kubevirt.yaml b/hack/psa/kubevirt.yaml new file mode 100644 index 00000000..4e8ce1c6 --- /dev/null +++ b/hack/psa/kubevirt.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: kubevirt.io/v1 +kind: KubeVirt +metadata: + name: kubevirt + namespace: kubevirt +spec: + configuration: + developerConfiguration: + featureGates: + - KubevirtSeccompProfile + seccompConfiguration: + virtualMachineInstanceProfile: + customProfile: + localhostProfile: kubevirt/kubevirt.json