add karmada apiserver kubeconfig to karmada status

Signed-off-by: calvin <wen.chen@daocloud.io>

operator/pkg/controller/karmada/planner.go

@@ -4,12 +4,14 @@ import (
 	"context"
 	"fmt"
 
+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	operator "github.com/karmada-io/karmada/operator/pkg"
 	operatorv1alpha1 "github.com/karmada-io/karmada/operator/pkg/apis/operator/v1alpha1"
+	"github.com/karmada-io/karmada/operator/pkg/util"
 	"github.com/karmada-io/karmada/operator/pkg/workflow"
 )
 
@@ -111,13 +113,24 @@ func (p *Planner) preRunJob() error {
 }
 
 func (p *Planner) runJobErr(err error) error {
+	var errs []error
+	errs = append(errs, err)
+
 	operatorv1alpha1.KarmadaFailed(p.karmada, operatorv1alpha1.Ready, err.Error())
-	return p.Client.Status().Update(context.TODO(), p.karmada)
+	errs = append(errs, p.Client.Status().Update(context.TODO(), p.karmada))
+
+	return utilerrors.NewAggregate(errs)
 }
 
 func (p *Planner) afterRunJob() error {
 	if p.action == InitAction {
+		// Update the condition to Ready and set kubeconfig of karmada-apiserver to status.
 		operatorv1alpha1.KarmadaCompleted(p.karmada, operatorv1alpha1.Ready, "karmada init job is completed")
+		p.karmada.Status.SecretRef = &operatorv1alpha1.LocalSecretReference{
+			Namespace: p.karmada.GetNamespace(),
+			Name:      util.AdminKubeconfigSecretName(p.karmada.GetName()),
+		}
+
 		return p.Client.Status().Update(context.TODO(), p.karmada)
 	}
 

operator/pkg/controlplane/apiserver/mainfests.go

@@ -158,9 +158,9 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-aggregated-apiserver
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
-        - --authentication-kubeconfig=/etc/karmada/config
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
         - --etcd-cafile=/etc/etcd/pki/etcd-ca.crt
         - --etcd-certfile=/etc/etcd/pki/etcd-client.crt
         - --etcd-keyfile=/etc/etcd/pki/etcd-client.key
@@ -172,9 +172,9 @@ spec:
         - --audit-log-maxage=0
         - --audit-log-maxbackup=0
         volumeMounts:
-        - mountPath: /etc/karmada/config
+        - mountPath: /etc/karmada/kubeconfig
           name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
         - mountPath: /etc/etcd/pki
           name: etcd-cert
           readOnly: true

operator/pkg/controlplane/manifests.go

@@ -39,9 +39,9 @@ spec:
         command:
         - kube-controller-manager
         - --allocate-node-cidrs=true
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
-        - --authentication-kubeconfig=/etc/karmada/config
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
         - --bind-address=0.0.0.0
         - --client-ca-file=/etc/karmada/pki/ca.crt
         - --cluster-cidr=10.244.0.0/16
@@ -71,8 +71,8 @@ spec:
           mountPath: /etc/karmada/pki
           readOnly: true
         - name: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
-          subPath: config
+          subPath: kubeconfig
       volumes:
         - name: karmada-certs
           secret:
@@ -111,7 +111,7 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-controller-manager
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
         - --bind-address=0.0.0.0
         - --cluster-status-update-frequency=10s
         - --secure-port=10357
@@ -129,8 +129,8 @@ spec:
           timeoutSeconds: 5
         volumeMounts:
         - name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
       volumes:
       - name: kubeconfig
         secret:
@@ -167,7 +167,7 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-scheduler
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
         - --bind-address=0.0.0.0
         - --secure-port=10351
         - --enable-scheduler-estimator=true
@@ -184,8 +184,8 @@ spec:
           timeoutSeconds: 5
         volumeMounts:
         - name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
       volumes:
         - name: kubeconfig
           secret:
@@ -222,7 +222,7 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-descheduler
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
         - --bind-address=0.0.0.0
         - --leader-elect-resource-namespace={{ .SystemNamespace }}
         - --v=4
@@ -237,8 +237,8 @@ spec:
           timeoutSeconds: 5
         volumeMounts:
         - name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
       volumes:
         - name: kubeconfig
           secret:

operator/pkg/controlplane/metricsadapter/mainfests.go

@@ -31,17 +31,17 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-metrics-adapter
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
-        - --authentication-kubeconfig=/etc/karmada/config
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
         - --client-ca-file=/etc/karmada/pki/ca.crt
         - --audit-log-path=-
         - --audit-log-maxage=0
         - --audit-log-maxbackup=0
         volumeMounts:
         - name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
         - name: karmada-cert
           mountPath: /etc/karmada/pki
           readOnly: true

operator/pkg/controlplane/webhook/mainfests.go

@@ -31,7 +31,7 @@ spec:
         imagePullPolicy: IfNotPresent
         command:
         - /bin/karmada-webhook
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
         - --bind-address=0.0.0.0
         - --default-not-ready-toleration-seconds=30
         - --default-unreachable-toleration-seconds=30
@@ -42,8 +42,8 @@ spec:
         - containerPort: 8443
         volumeMounts:
         - name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
-          mountPath: /etc/karmada/config
+          mountPath: /etc/karmada/kubeconfig
         - name: cert
           mountPath: /var/serving-cert
           readOnly: true

operator/pkg/tasks/init/upload.go

@@ -80,7 +80,7 @@ func runUploadAdminKubeconfig(r workflow.RunData) error {
 			Name:      util.AdminKubeconfigSecretName(data.GetName()),
 			Labels:    constants.KarmadaOperatorLabel,
 		},
-		Data: map[string][]byte{"config": configBytes},
+		Data: map[string][]byte{"kubeconfig": configBytes},
 	})
 	if err != nil {
 		return fmt.Errorf("failed to create secret of kubeconfig, err: %w", err)