sgx: move hookinstall job to an initcontainer

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>

deployments/sgx_plugin/base/intel-sgx-hookinstall.yaml

@@ -1,27 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: intel-sgx-hookinstall-job
-  labels:
-    jobgroup: intel-sgx-hookinstall-job
-spec:
-  template:
-    metadata:
-      labels:
-        jobgroup: intel-sgx-hookinstall-job
-    spec:
-      restartPolicy: Never
-      containers:
-        - name: intel-sgx-hookinstall-job
-          image: intel/intel-sgx-initcontainer:devel
-          imagePullPolicy: IfNotPresent
-          securityContext:
-            readOnlyRootFilesystem: true
-          volumeMounts:
-          - mountPath: /etc/kubernetes/node-feature-discovery/source.d/
-            name: nfd-source-hooks
-      volumes:
-      - name: nfd-source-hooks
-        hostPath:
-          path: /etc/kubernetes/node-feature-discovery/source.d/
-          type: DirectoryOrCreate

deployments/sgx_plugin/base/intel-sgx-plugin.yaml

@@ -13,6 +13,15 @@ spec:
       labels:
         app: intel-sgx-plugin
     spec:
+      initContainers:
+      - name: intel-sgx-initcontainer
+        image: intel/intel-sgx-initcontainer:devel
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          readOnlyRootFilesystem: true
+        volumeMounts:
+        - mountPath: /etc/kubernetes/node-feature-discovery/source.d/
+          name: nfd-source-hooks
       containers:
       - name: intel-sgx-plugin
         image: intel/intel-sgx-plugin:devel
@@ -32,3 +41,7 @@ spec:
       - name: sgxdevices
         hostPath:
           path: /dev/sgx
+      - name: nfd-source-hooks
+        hostPath:
+          path: /etc/kubernetes/node-feature-discovery/source.d/
+          type: DirectoryOrCreate

deployments/sgx_plugin/base/kustomization.yaml

@@ -1,3 +1,2 @@
 resources:
-  - intel-sgx-hookinstall.yaml
   - intel-sgx-plugin.yaml