Allow overriding secretKey for kubeadm kubeconfig

During reconciliation, the bootstrap provider copies the content from the secret provided by Kamaji, named `<cluster>-admin-kubeconfig` into a `cluster-info` configmap of tenant cluster, which then used by kubeadm to join nodes.

This change introduces a new annotation, `kamaji.clastix.io/kubeconfig-secret-key`, for the TenantControlPlane resource. This annotation instructs kamaji to read the kubeconfig from a specific key (the default one is super-admin.conf).

Example:

```
kamaji.clastix.io/kubeconfig-secret-key: super-admin.svc
```

This will instruct the system to use `super-admin.svc` a kubeconfig with a local service FQDN (introduced by #403).

Signed-off-by: Andrei Kvapil <[email protected]>

Author: kvaps

internal/utilities/tenant_client.go

@@ -44,7 +44,13 @@ func GetTenantKubeconfig(ctx context.Context, client client.Client, tenantContro
 		return nil, err
 	}
 
-	return DecodeKubeconfig(*secretKubeconfig, kubeadmconstants.SuperAdminKubeConfigFileName)
+	secretKey := kubeadmconstants.SuperAdminKubeConfigFileName
+	v, ok := tenantControlPlane.GetAnnotations()["kamaji.clastix.io/kubeconfig-secret-key"]
+	if ok && v != "" {
+		secretKey = v
+	}
+
+	return DecodeKubeconfig(*secretKubeconfig, secretKey)
 }
 
 func GetRESTClientConfig(ctx context.Context, client client.Client, tenantControlPlane *kamajiv1alpha1.TenantControlPlane) (*restclient.Config, error) {