operator: create basic bundle

.github/workflows/build.yaml

@@ -26,6 +26,9 @@ jobs:
           - image_name: jumpstarter-dev/jumpstarter-operator
             dockerfile: Dockerfile.operator
             context: .
+          - image_name: jumpstarter-dev/jumpstarter-operator-bundle
+            dockerfile: bundle.Dockerfile
+            context: deploy/operator
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4

.github/workflows/check-bundle.yaml

@@ -0,0 +1,95 @@
+name: Check Bundle
+on:
+  pull_request:
+    branches:
+      - main
+      - 'release-*'
+
+jobs:
+  check-bundle:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.24
+
+      - name: Cache bin directory (deploy/operator)
+        uses: actions/cache@v4
+        with:
+          path: deploy/operator/bin/
+          key: ${{ runner.os }}-operator-bin-${{ hashFiles('deploy/operator/go.mod') }}
+          restore-keys: |
+            ${{ runner.os }}-operator-bin-
+
+      - name: Get version
+        run: |
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
+            BASE_BRANCH="${{ github.base_ref }}"
+            if [ "$BASE_BRANCH" == "main" ]; then
+              TAG="latest"
+            elif [[ "$BASE_BRANCH" =~ ^release- ]]; then
+              TAG="$BASE_BRANCH"
+            else
+              echo "::error::Unknown base branch: $BASE_BRANCH"
+              exit 1
+            fi
+          else
+            echo "::error::Unsupported event: ${{ github.event_name }}"
+            exit 1
+          fi
+          echo "TAG=${TAG}" >> $GITHUB_ENV
+          echo "TAG=${TAG}"
+
+      - name: Run make bundle
+        working-directory: deploy/operator
+        run: |
+          make bundle IMG="quay.io/jumpstarter-dev/jumpstarter-operator:${TAG}"
+
+      - name: Check for uncommitted changes
+        run: |
+          DIFF=$(git diff)
+          if [ -n "$DIFF" ]; then
+            # Filter out createdAt timestamp lines and context lines, check if any actual changes remain
+            FILTERED_DIFF=$(echo "$DIFF" | grep -vE '^(---|\+\+\+|@@|index|diff)' | grep -vE '^[+-].*createdAt:.*[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z' || true)
+            # Check if there are any non-timestamp, non-context changes
+            if [ -n "$FILTERED_DIFF" ] && [ -n "$(echo "$FILTERED_DIFF" | grep -E '^[+-]' || true)" ]; then
+              echo "::error::Uncommitted changes detected after running 'make bundle'. Please commit all bundle changes before pushing."
+              echo "::error::This can be done by running 'make bundle IMG=\"quay.io/jumpstarter-dev/jumpstarter-operator:${TAG}\""
+              git diff
+              exit 1
+            else
+              echo "Only timestamp changes detected (ignored). Bundle files are up to date."
+              # Reset the timestamp changes to keep the repo clean
+              git checkout -- .
+            fi
+          else
+            echo "No uncommitted changes detected. Bundle files are up to date."
+          fi
+
+      - name: Ensure clean state before build-installer
+        run: |
+          # Reset any remaining changes from root
+          git checkout -- . || true
+
+      - name: Run make build-installer
+        working-directory: deploy/operator
+        run: |
+          make build-installer
+
+      - name: Check for uncommitted changes after build-installer
+        run: |
+          if [ -n "$(git diff)" ]; then
+            echo "::error::Uncommitted changes detected after running 'make build-installer'. Please commit all installer changes before pushing."
+            echo "::error::This can be done by running 'make build-installer'"
+            git diff
+            exit 1
+          else
+            echo "No uncommitted changes detected. Installer files are up to date."
+          fi
+

api/v1alpha1/client_types.go

@@ -31,8 +31,7 @@ type ClientSpec struct {
 
 // ClientStatus defines the observed state of Identity
 type ClientStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
+	// Status field for the clients
 	Credential *corev1.LocalObjectReference `json:"credential,omitempty"`
 	Endpoint   string                       `json:"endpoint,omitempty"`
 }

api/v1alpha1/exporter_types.go

@@ -31,8 +31,7 @@ type ExporterSpec struct {
 
 // ExporterStatus defines the observed state of Exporter
 type ExporterStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
+	// Exporter status fields
 	Conditions []metav1.Condition           `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
 	Credential *corev1.LocalObjectReference `json:"credential,omitempty"`
 	Devices    []Device                     `json:"devices,omitempty"`

api/v1alpha1/exporteraccesspolicy_types.go

@@ -42,8 +42,7 @@ type ExporterAccessPolicySpec struct {
 
 // ExporterAccessPolicyStatus defines the observed state of ExporterAccessPolicy.
 type ExporterAccessPolicyStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
+	// Status field for the exporter access policies
 }
 
 // +kubebuilder:object:root=true

deploy/helm/jumpstarter/crds/jumpstarter.dev_clients.yaml

@@ -46,9 +46,7 @@ spec:
             description: ClientStatus defines the observed state of Identity
             properties:
               credential:
-                description: |-
-                  INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-                  Important: Run "make" to regenerate code after modifying this file
+                description: Status field for the clients
                 properties:
                   name:
                     default: ""

deploy/helm/jumpstarter/crds/jumpstarter.dev_exporters.yaml

@@ -46,9 +46,7 @@ spec:
             description: ExporterStatus defines the observed state of Exporter
             properties:
               conditions:
-                description: |-
-                  INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-                  Important: Run "make" to regenerate code after modifying this file
+                description: Exporter status fields
                 items:
                   description: Condition contains details for one aspect of the current
                     state of this API Resource.

deploy/operator/Makefile

@@ -3,7 +3,7 @@
 # To re-generate a bundle for another specific version without changing the standard setup, you can:
 # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
 # - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
-VERSION ?= 0.0.1
+VERSION ?= 0.8.0
 
 # CHANNELS define the bundle channels used in the bundle.
 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")

deploy/operator/api/v1alpha1/jumpstarter_types.go

@@ -514,8 +514,7 @@ type ClusterIPConfig struct {
 // This field is currently empty but can be extended to include status information
 // such as deployment status, endpoint URLs, and health information.
 type JumpstarterStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
+	// Jumpstarter deployment status
 }
 
 // +kubebuilder:object:root=true

deploy/operator/bundle.Dockerfile

@@ -0,0 +1,20 @@
+FROM scratch
+
+# Core bundle labels.
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=jumpstarter-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.41.1
+LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
+LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4
+
+# Labels for testing.
+LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1
+LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/
+
+# Copy files to locations specified by labels.
+COPY bundle/manifests /manifests/
+COPY bundle/metadata /metadata/
+COPY bundle/tests/scorecard /tests/scorecard/

deploy/operator/bundle/manifests/jumpstarter-operator-controller-manager-metrics-service_v1_service.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: jumpstarter-operator
+    control-plane: controller-manager
+  name: jumpstarter-operator-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: 8443
+  selector:
+    app.kubernetes.io/name: jumpstarter-operator
+    control-plane: controller-manager
+status:
+  loadBalancer: {}

deploy/operator/bundle/manifests/jumpstarter-operator-jumpstarter-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,21 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: jumpstarter-operator
+  name: jumpstarter-operator-jumpstarter-admin-role
+rules:
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters
+  verbs:
+  - '*'
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters/status
+  verbs:
+  - get

deploy/operator/bundle/manifests/jumpstarter-operator-jumpstarter-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,27 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: jumpstarter-operator
+  name: jumpstarter-operator-jumpstarter-editor-role
+rules:
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters/status
+  verbs:
+  - get

deploy/operator/bundle/manifests/jumpstarter-operator-jumpstarter-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: jumpstarter-operator
+  name: jumpstarter-operator-jumpstarter-viewer-role
+rules:
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - operator.jumpstarter.dev
+  resources:
+  - jumpstarters/status
+  verbs:
+  - get

deploy/operator/bundle/manifests/jumpstarter-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: jumpstarter-operator
+  name: jumpstarter-operator-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get