add: disable-selinux workaround

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

packages/system/kubevirt/templates/disable-selinux-workaround.yaml

@@ -0,0 +1,41 @@
+# See:
+# - https://github.com/siderolabs/talos/issues/10083
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: disable-selinux
+  namespace: cozy-kubevirt
+  labels:
+    app: disable-selinux
+spec:
+  selector:
+    matchLabels:
+      app: disable-selinux
+  template:
+    metadata:
+      labels:
+        app: disable-selinux
+    spec:
+      containers:
+      - command:
+        - sh
+        - -exc
+        - test -f /host/sys/fs/selinux/enforce && mount -t tmpfs tmpfs /host/sys/fs/selinux; sleep infinity
+        image: docker.io/library/alpine
+        name: mount
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - mountPath: /host
+          mountPropagation: Bidirectional
+          name: host-root
+      hostIPC: true
+      hostNetwork: true
+      hostPID: true
+      tolerations:
+      - operator: Exists
+      volumes:
+      - hostPath:
+          path: /
+        name: host-root