/kind bug

From @lentzi90

❯ kubectl diff -k CAPO/test-cluster
The OpenStackCluster "lennart-test" is invalid: 
* status.bastionSecurityGroup.rules: Required value
* status.workerSecurityGroup.rules: Required value
* status.controlPlaneSecurityGroup.rules: Required value

when doing the following:

* Init with CAPO v0.9
* Create a v1alpha7 cluster
* Upgrade CAPO to v0.10.0-alpha.0
* Try to update the OpenStackCluster (e.g. add an IP to the allowedCidrs)

It looks like you're editing the cluster as v1alpha7, which is fine and is intended to work, but is important context.

I think this is complaining that the rules are required in v1alpha7, not v1beta1. We removed rules in v1beta1. I think what's happening here is that:

• it's correctly up-converted
• the controller modifies the status and persists the object as v1beta1
• the client requests v1alpha7 to show the result
• status was modified during up-conversion, so is not restored, only converted
• without restoration the rules are lost in v1alpha7

This would explain why:

• You get the warning about a field which has been removed
• The change is persisted anyway

I think the fix here is to make the field option in versions prior to v1beta1.