From 9bb85b55506e90dc532a5baf6429645a67d0fc89 Mon Sep 17 00:00:00 2001
From: bmordeha <bmordeha@redhat.com>
Date: Wed, 25 Sep 2024 14:36:59 +0300
Subject: [PATCH] compute: Deprecate DockerSELinuxMCSWorkaround Warn that
 DockerSELinuxMCSWorkaround FG is going to be removed.

Signed-off-by: bmordeha <bmordeha@redhat.com>
---
 pkg/virt-api/webhooks/fuzz/fuzz_test.go       | 2 +-
 pkg/virt-config/deprecation/feature-gates.go  | 3 +++
 pkg/virt-config/feature-gates.go              | 4 +---
 pkg/virt-controller/services/BUILD.bazel      | 1 +
 pkg/virt-controller/services/template_test.go | 3 ++-
 5 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/pkg/virt-api/webhooks/fuzz/fuzz_test.go b/pkg/virt-api/webhooks/fuzz/fuzz_test.go
index 54c35ac40056..71d8faaf08d5 100644
--- a/pkg/virt-api/webhooks/fuzz/fuzz_test.go
+++ b/pkg/virt-api/webhooks/fuzz/fuzz_test.go
@@ -186,7 +186,7 @@ func fuzzKubeVirtConfig(seed int64) *virtconfig.ClusterConfig {
 				virtconfig.Root,
 				virtconfig.ClusterProfiler,
 				virtconfig.WorkloadEncryptionSEV,
-				virtconfig.DockerSELinuxMCSWorkaround,
+				deprecation.DockerSELinuxMCSWorkaround,
 				deprecation.PSA,
 				virtconfig.VSOCKGate,
 			}
diff --git a/pkg/virt-config/deprecation/feature-gates.go b/pkg/virt-config/deprecation/feature-gates.go
index 916d9ac1b248..e0d7d7bbafcb 100644
--- a/pkg/virt-config/deprecation/feature-gates.go
+++ b/pkg/virt-config/deprecation/feature-gates.go
@@ -54,6 +54,8 @@ const (
 
 	PasstGate   = "Passt"   // Deprecated
 	MacvtapGate = "Macvtap" // Deprecated
+	// DockerSELinuxMCSWorkaround sets the SELinux level of all the non-compute virt-launcher containers to "s0".
+	DockerSELinuxMCSWorkaround = "DockerSELinuxMCSWorkaround" // Deprecated
 )
 
 type FeatureGate struct {
@@ -76,6 +78,7 @@ func init() {
 
 	RegisterFeatureGate(FeatureGate{Name: PasstGate, State: Discontinued, Message: PasstDiscontinueMessage, VmiSpecUsed: passtApiUsed})
 	RegisterFeatureGate(FeatureGate{Name: MacvtapGate, State: Discontinued, Message: MacvtapDiscontinueMessage, VmiSpecUsed: macvtapApiUsed})
+	RegisterFeatureGate(FeatureGate{Name: DockerSELinuxMCSWorkaround, State: Deprecated, Message: fmt.Sprintf("DockerSELinuxMCSWorkaround has been discontinued since v1.4.")})
 }
 
 // RegisterFeatureGate adds a given feature-gate to the FG list
diff --git a/pkg/virt-config/feature-gates.go b/pkg/virt-config/feature-gates.go
index 3f605675fa8f..dbf41578a44a 100644
--- a/pkg/virt-config/feature-gates.go
+++ b/pkg/virt-config/feature-gates.go
@@ -43,8 +43,6 @@ const (
 	Root                       = "Root"
 	ClusterProfiler            = "ClusterProfiler"
 	WorkloadEncryptionSEV      = "WorkloadEncryptionSEV"
-	// DockerSELinuxMCSWorkaround sets the SELinux level of all the non-compute virt-launcher containers to "s0".
-	DockerSELinuxMCSWorkaround = "DockerSELinuxMCSWorkaround"
 	VSOCKGate                  = "VSOCK"
 	// DisableCustomSELinuxPolicy disables the installation of the custom SELinux policy for virt-launcher
 	DisableCustomSELinuxPolicy = "DisableCustomSELinuxPolicy"
@@ -191,7 +189,7 @@ func (config *ClusterConfig) WorkloadEncryptionSEVEnabled() bool {
 }
 
 func (config *ClusterConfig) DockerSELinuxMCSWorkaroundEnabled() bool {
-	return config.isFeatureGateEnabled(DockerSELinuxMCSWorkaround)
+	return config.isFeatureGateEnabled(deprecation.DockerSELinuxMCSWorkaround)
 }
 
 func (config *ClusterConfig) VSOCKEnabled() bool {
diff --git a/pkg/virt-controller/services/BUILD.bazel b/pkg/virt-controller/services/BUILD.bazel
index c7bed4bc9398..4c898d0e9890 100644
--- a/pkg/virt-controller/services/BUILD.bazel
+++ b/pkg/virt-controller/services/BUILD.bazel
@@ -76,6 +76,7 @@ go_test(
         "//pkg/testutils:go_default_library",
         "//pkg/util:go_default_library",
         "//pkg/virt-config:go_default_library",
+        "//pkg/virt-config/deprecation:go_default_library",
         "//pkg/virt-controller/watch/topology:go_default_library",
         "//staging/src/kubevirt.io/api/core/v1:go_default_library",
         "//staging/src/kubevirt.io/client-go/api:go_default_library",
diff --git a/pkg/virt-controller/services/template_test.go b/pkg/virt-controller/services/template_test.go
index bac1ba234ee4..6abe2ff0517a 100644
--- a/pkg/virt-controller/services/template_test.go
+++ b/pkg/virt-controller/services/template_test.go
@@ -57,6 +57,7 @@ import (
 	"kubevirt.io/kubevirt/pkg/testutils"
 	"kubevirt.io/kubevirt/pkg/util"
 	virtconfig "kubevirt.io/kubevirt/pkg/virt-config"
+	"kubevirt.io/kubevirt/pkg/virt-config/deprecation"
 	"kubevirt.io/kubevirt/pkg/virt-controller/watch/topology"
 	"kubevirt.io/kubevirt/tools/vms-generator/utils"
 )
@@ -525,7 +526,7 @@ var _ = Describe("Template", func() {
 				if enableWorkaround {
 					kvConfig.Spec.Configuration.DeveloperConfiguration.FeatureGates =
 						append(kvConfig.Spec.Configuration.DeveloperConfiguration.FeatureGates,
-							virtconfig.DockerSELinuxMCSWorkaround)
+							deprecation.DockerSELinuxMCSWorkaround)
 				}
 				testutils.UpdateFakeKubeVirtClusterConfig(kvStore, kvConfig)