Delete system resource post factory install

The system resource may not be reconciled post factory-install in a
multi-node system as some of the configurations can only be configured
after installed the controller-1, e.g. controllerfs. Leaving the
system resource unreconciled creates problem that some of the new
configurations during enrollment may be overwritten back to the status
at the end of the factory-install.

This commit adds tasks to delete the system resource regardless its
status as a new system resource will be applied during subcloud
enrollment for further configuration.

This commit also corrects the namespace of the CRs getting from the
actual configuration file instead of the default ns, removes
restriction to have the CRs applied to the default namespace only.

Test plan:
1. Passed - factory install AIO-SX with "deployment" namespace,
verified the factory install successful, verified enrollment
successful.

2. Passed - factory install AIO-SX with "customized" namespace,
verified the factory install successful, verified enrollment
successful with all the CRs defined in the "customized" namespace.

3. Passed - factory install AIO-DX with private registry overrides
defined in the localhost.yml, and docker-distribution resized to 50G
in deployment-config.yaml (which can only be resized after both
controllers are available, causing the system CR cannot be reconciled).
Verified factory install successful with private registry in service
parameters, verified subcloud enrollment successful, verified
registries are updated to registry.central.

Closes-bug: 2128351

Change-Id: Ic5168a655729eb39a88923164360492c308e4191
Signed-off-by: Jiang, Yuxing <Yuxing.Jiang@windriver.com>

tools/nocloud-factory-install/factory-install/setup/10-system-setup

@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# Copyright (c) 2024 Wind River Systems, Inc.
+# Copyright (c) 2024-2025 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -17,15 +17,48 @@ echo "Ready - host goenabled"
 
 system_mode=$(awk -F= '/system_mode/ {print $2}' /etc/platform/platform.conf)
 
+# Get namespace from deployment config
+# Using the default namespace if fail to it
+system_ns=$(python3 << 'EOF'
+import yaml
+import os
+
+try:
+    if os.path.exists('/home/sysadmin/dm-playbook-overrides.yaml'):
+        with open('/home/sysadmin/dm-playbook-overrides.yaml') as f:
+            override_data = yaml.safe_load(f)
+        config_file = override_data.get('deployment_config')
+
+        if config_file and os.path.exists(config_file):
+            with open(config_file) as f:
+                docs = list(yaml.safe_load_all(f))
+            sys_doc = next((d for d in docs if d and d.get('kind') == 'System'), None)
+
+            if sys_doc and 'metadata' in sys_doc:
+                namespace = sys_doc['metadata'].get('namespace')
+                if namespace:
+                    print(namespace)
+except:
+    pass
+EOF
+)
+
+# Default to deployment if namespace not found
+# The host ns must be allocated in the same namespace of the system
+if [ -z "$system_ns" ]; then
+    echo "Warning: Namespace not found from existing config files, using default namespace 'deployment'"
+    system_ns="deployment"
+fi
+
 echo "Wait - system deployment reconciled"
 while true; do
     if [ "$system_mode" = "duplex" ]; then
         SYSTEM_RECONCILED=true
     else
-        SYSTEM_RECONCILED=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n deployment get system -o jsonpath='{.items[0].status.reconciled}')
+        SYSTEM_RECONCILED=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n "$system_ns" get system -o jsonpath='{.items[0].status.reconciled}')
     fi
 
-    HOST_RECONCILED=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n deployment get host controller-0 -o jsonpath='{.status.reconciled}')
+    HOST_RECONCILED=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n "$system_ns" get host controller-0 -o jsonpath='{.status.reconciled}')
 
     if [ "$SYSTEM_RECONCILED" = true ] && [ "$HOST_RECONCILED" = true ]; then
         break

tools/nocloud-factory-install/factory-install/systemd/utils/disable-factory-install

@@ -1,13 +1,54 @@
 #!/bin/bash
 #
-# Copyright (c) 2024 Wind River Systems, Inc.
+# Copyright (c) 2024-2025 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 # script to disable the factory install services after the installation is complete
 #
 
-echo "Disabling factory install services"
+log_info() { echo "$(date '+%F %H:%M:%S') INFO: $*"; }
+log_warn() { echo "$(date '+%F %H:%M:%S') WARN: $*"; }
+
+log_info "Disabling factory install services"
+
+# Delete System CRs from cluster
+# Using the default namespace if fail to it
+system_ns=$(python3 << 'EOF'
+import yaml
+import os
+
+try:
+    if os.path.exists('/home/sysadmin/dm-playbook-overrides.yaml'):
+        with open('/home/sysadmin/dm-playbook-overrides.yaml') as f:
+            override_data = yaml.safe_load(f)
+        config_file = override_data.get('deployment_config')
+
+        if config_file and os.path.exists(config_file):
+            with open(config_file) as f:
+                docs = list(yaml.safe_load_all(f))
+            sys_doc = next((d for d in docs if d and d.get('kind') == 'System'), None)
+
+            if sys_doc and 'metadata' in sys_doc:
+                namespace = sys_doc['metadata'].get('namespace')
+                if namespace:
+                    print(namespace)
+except:
+    pass
+EOF
+)
+
+# Default to deployment if namespace not found
+if [ -z "$system_ns" ]; then
+    log_warn "Namespace not found from existing config files, using default namespace 'deployment'"
+    system_ns="deployment"
+fi
+
+log_info "Deleting all System CRs in namespace $system_ns"
+kubectl_output=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf delete system --all -n "$system_ns" 2>&1)
+if [ $? -ne 0 ]; then
+    log_warn "Failed to delete System CRs: $kubectl_output"
+fi
 
 rm -f /var/lib/factory-install/enabled
 rm -f /etc/systemd/system-preset/20-factory-install.preset