kluster-manager · tamalsaha · Feb 26, 2026 · Feb 25, 2026 · Feb 26, 2026 · Feb 26, 2026
diff --git a/apis/installer/v1alpha1/cluster_manager_spoke_types.go b/apis/installer/v1alpha1/cluster_manager_spoke_types.go
@@ -76,6 +76,8 @@ type ClusterManagerSpokeSpec struct {
 	WorkFeatures []FeatureGate `json:"workFeatures"`
 
 	Clusteradm ClusteradmSpec `json:"clusteradm"`
+
+	AddOnKubeClientRegistrationDriver AddOnKubeClientRegistrationDriverSpec `json:"addOnKubeClientRegistrationDriver"`
 }
 
 type ClusteradmSpec struct {
@@ -85,6 +87,10 @@ type ClusteradmSpec struct {
 	SecurityContext *core.SecurityContext `json:"securityContext"`
 }
 
+type AddOnKubeClientRegistrationDriverSpec struct {
+	AuthType string `json:"authType"`
+}
+
 type KubectlSpec struct {
 	Image      string `json:"image"`
 	PullPolicy string `json:"pullPolicy"`

diff --git a/apis/installer/v1alpha1/zz_generated.deepcopy.go b/apis/installer/v1alpha1/zz_generated.deepcopy.go
diff --git a/catalog/imagelist.yaml b/catalog/imagelist.yaml
@@ -1,5 +1,5 @@
 - ghcr.io/appscode/kubectl-nonroot:1.34
-- ghcr.io/kluster-manager/cluster-auth:v0.5.0
+- ghcr.io/kluster-manager/cluster-auth:v0.5.1
 - ghcr.io/kluster-manager/cluster-gateway-manager:v1.12.0
 - ghcr.io/kluster-manager/cluster-gateway:v1.12.0
 - ghcr.io/kluster-manager/cluster-profile:v0.11.5

diff --git a/charts/cluster-auth-manager/Chart.yaml b/charts/cluster-auth-manager/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 description: Cluster Auth Manager
 name: cluster-auth-manager
 version: v2026.2.16
-appVersion: v0.5.0
+appVersion: v0.5.1
 home: https://github.com/kluster-manager/cluster-auth
 icon: https://cdn.appscode.com/images/products/searchlight/icons/android-icon-192x192.png
 sources:

diff --git a/charts/cluster-auth/Chart.yaml b/charts/cluster-auth/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 description: Cluster Auth Agent
 name: cluster-auth-agent
 version: v2026.2.16
-appVersion: v0.5.0
+appVersion: v0.5.1
 home: https://github.com/kluster-manager/cluster-auth
 icon: https://cdn.appscode.com/images/products/searchlight/icons/android-icon-192x192.png
 sources:

diff --git a/charts/cluster-manager-spoke/README.md b/charts/cluster-manager-spoke/README.md
@@ -45,31 +45,32 @@ The command removes all the Kubernetes components associated with the chart and
 
 The following table lists the configurable parameters of the `cluster-manager-spoke` chart and their default values.
 
-|                Parameter                |      Description       |                                                                                             Default                                                                                             |
-|-----------------------------------------|------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| clusterMetadata.name                    |                        | <code>TBD</code>                                                                                                                                                                                |
-| clusterMetadata.store.clusterClaim.name |                        | <code>cluster.ace.info</code>                                                                                                                                                                   |
-| clusterMetadata.store.secret.name       | name: "" namespace: "" | <code>ace-cluster-info</code>                                                                                                                                                                   |
-| clusterMetadata.store.secret.namespace  |                        | <code>kubeops</code>                                                                                                                                                                            |
-| bootstrap                               |                        | <code>true</code>                                                                                                                                                                               |
-| hub.apiServer                           |                        | <code>""</code>                                                                                                                                                                                 |
-| hub.caData                              |                        | <code>""</code>                                                                                                                                                                                 |
-| hub.token                               |                        | <code>""</code>                                                                                                                                                                                 |
-| hub.kubeConfig                          |                        | <code>""</code>                                                                                                                                                                                 |
-| aws.hubClusterArn                       |                        | <code>""</code>                                                                                                                                                                                 |
-| aws.managedClusterArn                   |                        | <code>""</code>                                                                                                                                                                                 |
-| registry                                |                        | <code>quay.io/open-cluster-management</code>                                                                                                                                                    |
-| securityContext                         |                        | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}</code>                               |
-| clusteradm.image                        |                        | <code>ghcr.io/kluster-manager/clusteradm</code>                                                                                                                                                 |
-| clusteradm.securityContext              |                        | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
-| bundleVersion.registrationImageVersion  |                        | <code>""</code>                                                                                                                                                                                 |
-| bundleVersion.placementImageVersion     |                        | <code>""</code>                                                                                                                                                                                 |
-| bundleVersion.workImageVersion          |                        | <code>""</code>                                                                                                                                                                                 |
-| bundleVersion.operatorImageVersion      |                        | <code>""</code>                                                                                                                                                                                 |
-| bundleVersion.clusteradmImageVersion    |                        | <code>"v1.2.0"</code>                                                                                                                                                                           |
-| managedKubeconfig                       |                        | <code>''</code>                                                                                                                                                                                 |
-| registrationFeatures                    |                        | <code>[]</code>                                                                                                                                                                                 |
-| workFeatures                            |                        | <code>[{"feature":"RawFeedbackJsonString","mode":"Enable"}]</code>                                                                                                                              |
+|                 Parameter                  |      Description       |                                                                                             Default                                                                                             |
+|--------------------------------------------|------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| clusterMetadata.name                       |                        | <code>TBD</code>                                                                                                                                                                                |
+| clusterMetadata.store.clusterClaim.name    |                        | <code>cluster.ace.info</code>                                                                                                                                                                   |
+| clusterMetadata.store.secret.name          | name: "" namespace: "" | <code>ace-cluster-info</code>                                                                                                                                                                   |
+| clusterMetadata.store.secret.namespace     |                        | <code>kubeops</code>                                                                                                                                                                            |
+| bootstrap                                  |                        | <code>true</code>                                                                                                                                                                               |
+| hub.apiServer                              |                        | <code>""</code>                                                                                                                                                                                 |
+| hub.caData                                 |                        | <code>""</code>                                                                                                                                                                                 |
+| hub.token                                  |                        | <code>""</code>                                                                                                                                                                                 |
+| hub.kubeConfig                             |                        | <code>""</code>                                                                                                                                                                                 |
+| aws.hubClusterArn                          |                        | <code>""</code>                                                                                                                                                                                 |
+| aws.managedClusterArn                      |                        | <code>""</code>                                                                                                                                                                                 |
+| registry                                   |                        | <code>quay.io/open-cluster-management</code>                                                                                                                                                    |
+| securityContext                            |                        | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}</code>                               |
+| clusteradm.image                           |                        | <code>ghcr.io/kluster-manager/clusteradm</code>                                                                                                                                                 |
+| clusteradm.securityContext                 |                        | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
+| bundleVersion.registrationImageVersion     |                        | <code>""</code>                                                                                                                                                                                 |
+| bundleVersion.placementImageVersion        |                        | <code>""</code>                                                                                                                                                                                 |
+| bundleVersion.workImageVersion             |                        | <code>""</code>                                                                                                                                                                                 |
+| bundleVersion.operatorImageVersion         |                        | <code>""</code>                                                                                                                                                                                 |
+| bundleVersion.clusteradmImageVersion       |                        | <code>"v1.2.0"</code>                                                                                                                                                                           |
+| managedKubeconfig                          |                        | <code>''</code>                                                                                                                                                                                 |
+| registrationFeatures                       |                        | <code>[]</code>                                                                                                                                                                                 |
+| workFeatures                               |                        | <code>[{"feature":"RawFeedbackJsonString","mode":"Enable"}]</code>                                                                                                                              |
+| addOnKubeClientRegistrationDriver.authType |                        | <code>"token"</code>                                                                                                                                                                            |
 
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example:

diff --git a/charts/cluster-manager-spoke/templates/klusterlets.cr.yaml b/charts/cluster-manager-spoke/templates/klusterlets.cr.yaml
@@ -110,6 +110,8 @@ spec:
   - url: {{ $spokeServer }}
   {{- end }}
   registrationConfiguration:
+    addOnKubeClientRegistrationDriver:
+      authType: {{ .Values.addOnKubeClientRegistrationDriver.authType | quote }}
     {{if and .Values.aws.hubClusterArn .Values.aws.managedClusterArn}}
     registrationDriver:
       authType: "awsirsa"

diff --git a/charts/cluster-manager-spoke/values.openapiv3_schema.yaml b/charts/cluster-manager-spoke/values.openapiv3_schema.yaml
@@ -1,4 +1,11 @@
 properties:
+  addOnKubeClientRegistrationDriver:
+    properties:
+      authType:
+        type: string
+    required:
+    - authType
+    type: object
   aws:
     properties:
       hubClusterArn:
@@ -246,6 +253,7 @@ properties:
       type: object
     type: array
 required:
+- addOnKubeClientRegistrationDriver
 - bootstrap
 - clusterMetadata
 - clusteradm

diff --git a/charts/cluster-manager-spoke/values.yaml b/charts/cluster-manager-spoke/values.yaml
@@ -60,3 +60,6 @@ registrationFeatures: []
 workFeatures: # +doc-gen:break
   - feature: RawFeedbackJsonString
     mode: Enable
+
+addOnKubeClientRegistrationDriver:
+  authType: "token"