From d35e48a459948aa2dbb2ca89b98a3f55dfda9727 Mon Sep 17 00:00:00 2001
From: Vighnesh Maheshwari <vighnesh.maheshwari@gmail.com>
Date: Thu, 19 Dec 2024 21:43:30 +0000
Subject: [PATCH] feat: use kubernetes device ownership setting

---
 sources/Cargo.lock                                          | 6 +++---
 sources/Cargo.toml                                          | 2 +-
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../55-kubernetes-device-ownership-default-false.toml       | 1 +
 .../kubernetes-device-ownership-default-false.toml          | 5 +++++
 13 files changed, 19 insertions(+), 4 deletions(-)
 create mode 120000 sources/settings-defaults/aws-k8s-1.24-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.24/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.25-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.25/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.26-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.26/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.31-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/aws-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/metal-k8s-1.30/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 120000 sources/settings-defaults/vmware-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
 create mode 100644 sources/shared-defaults/kubernetes-device-ownership-default-false.toml

diff --git a/sources/Cargo.lock b/sources/Cargo.lock
index 826b31e5429..3a264f44fe1 100644
--- a/sources/Cargo.lock
+++ b/sources/Cargo.lock
@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4
 
 [[package]]
 name = "abi_stable"
@@ -574,7 +574,7 @@ dependencies = [
 [[package]]
 name = "bottlerocket-settings-derive"
 version = "0.1.0"
-source = "git+https://github.com/bottlerocket-os/bottlerocket-settings-sdk?tag=bottlerocket-settings-plugin-v0.1.0#9cb0286b59cd4fcb5df9dd441aee8521ea5698e6"
+source = "git+https://github.com/bottlerocket-os/bottlerocket-settings-sdk?tag=bottlerocket-settings-models-v0.6.0#276b8e8f6db01c9a03469613e82ece11d729b908"
 dependencies = [
  "darling 0.20.8",
  "proc-macro2",
@@ -623,7 +623,7 @@ dependencies = [
 [[package]]
 name = "bottlerocket-settings-plugin"
 version = "0.1.0"
-source = "git+https://github.com/bottlerocket-os/bottlerocket-settings-sdk?tag=bottlerocket-settings-plugin-v0.1.0#9cb0286b59cd4fcb5df9dd441aee8521ea5698e6"
+source = "git+https://github.com/bottlerocket-os/bottlerocket-settings-sdk?tag=bottlerocket-settings-models-v0.6.0#276b8e8f6db01c9a03469613e82ece11d729b908"
 dependencies = [
  "abi_stable",
  "bottlerocket-settings-derive",
diff --git a/sources/Cargo.toml b/sources/Cargo.toml
index d59c84dfe04..749965093d7 100644
--- a/sources/Cargo.toml
+++ b/sources/Cargo.toml
@@ -157,7 +157,7 @@ version = "0.6.0"
 
 [workspace.dependencies.bottlerocket-settings-plugin]
 git = "https://github.com/bottlerocket-os/bottlerocket-settings-sdk"
-tag = "bottlerocket-settings-plugin-v0.1.0"
+tag = "bottlerocket-settings-models-v0.6.0"
 version = "0.1.0"
 
 [workspace.dependencies.settings-extension-oci-defaults]
diff --git a/sources/settings-defaults/aws-k8s-1.24-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.24-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.24-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.24/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.24/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.24/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.25-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.25-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.25-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.25/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.25/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.25/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.26-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.26-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.26-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.26/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.26/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.26/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.31-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.31-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.31-nvidia/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/aws-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/aws-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/aws-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/metal-k8s-1.30/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/metal-k8s-1.30/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/metal-k8s-1.30/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/settings-defaults/vmware-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml b/sources/settings-defaults/vmware-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
new file mode 120000
index 00000000000..fd989ade11e
--- /dev/null
+++ b/sources/settings-defaults/vmware-k8s-1.31/defaults.d/55-kubernetes-device-ownership-default-false.toml
@@ -0,0 +1 @@
+../../../shared-defaults/kubernetes-device-ownership-default-false.toml
\ No newline at end of file
diff --git a/sources/shared-defaults/kubernetes-device-ownership-default-false.toml b/sources/shared-defaults/kubernetes-device-ownership-default-false.toml
new file mode 100644
index 00000000000..38975701ab1
--- /dev/null
+++ b/sources/shared-defaults/kubernetes-device-ownership-default-false.toml
@@ -0,0 +1,5 @@
+[settings.kubernetes]
+device-ownership-from-security-context = false
+
+[metadata.settings.kubernetes.device-ownership-from-security-context]
+affected-services = ["containerd"]