1. Proposed title of this feature request
HCP KubeVirt Nodepool support for UEFI Secure Boot

2. What is the nature and description of the request?
The NodePool CR of Hosted Control Planes (with KubeVirt provider) does not provide an option to enable UEFI Secure Boot on the KubeVirt VirtualMachines [1]. The UEFI Secure boot is also not enabled per default.

$ oc -n clusters get nodepool test-nodepool -oyaml | yq '.status.version'
4.19.21

$ oc -n clusters-test get vm test-nodepool-cxhfj-rrs9l -oyaml | yq '.spec.template.spec.domain.features'
null

$ oc -n clusters-test get vm test-nodepool-cxhfj-rrs9l -oyaml | yq '.spec.template.spec.domain.firmware'
serial: 45cce37b-6e47-4475-bd88-83ab66350bc5
uuid: 88b7997c-6ce6-4987-a293-d66f32282a6e

Please note, that it might make sense to add EFI persistence for KubeVirt VMs [2] with this RFE as well.

 [1] https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/virtualization/managing-vms#virt-booting-vms-uefi-mode_virt-uefi-mode-for-vms 

 [2] https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/virtualization/managing-vms#virt-enabling-persistent-efi_virt-uefi-mode-for-vms 

3. Why does the customer need this? (List the business requirements here)
Compliance requirements for UEFI Secure Boot

4. List any affected packages or components.

• HCP Nodepool CR