diff --git a/Makefile b/Makefile index 16d4e1ce..13690479 100644 --- a/Makefile +++ b/Makefile @@ -62,7 +62,7 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust $(CONTROLLER_GEN) rbac:roleName=jumpstarter-manager-role crd webhook paths="./api/..." paths="./internal/..." \ output:crd:artifacts:config=deploy/helm/jumpstarter/crds/ \ output:rbac:artifacts:config=deploy/helm/jumpstarter/charts/jumpstarter-controller/templates/rbac/ - + # copy the crds to the operator bases directory cp deploy/helm/jumpstarter/crds/* deploy/operator/config/crd/bases/ .PHONY: generate diff --git a/api/v1alpha1/client_types.go b/api/v1alpha1/client_types.go index 73a3d6a0..8e2481b9 100644 --- a/api/v1alpha1/client_types.go +++ b/api/v1alpha1/client_types.go @@ -41,6 +41,9 @@ type ClientStatus struct { // Client is the Schema for the identities API type Client struct { + // The Client in the Jumpstarter controller represents a user that can access the Jumpstarter Controller. + // Clients can be associated to external identity OIDC providers by providing Username, i.e. + // Spec.Username: "kc:user-name-in-keycloak" metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/deploy/operator/bundle/manifests/jumpstarter-operator.clusterserviceversion.yaml b/deploy/operator/bundle/manifests/jumpstarter-operator.clusterserviceversion.yaml index e34de0ab..1b1d3e4f 100644 --- a/deploy/operator/bundle/manifests/jumpstarter-operator.clusterserviceversion.yaml +++ b/deploy/operator/bundle/manifests/jumpstarter-operator.clusterserviceversion.yaml @@ -4,6 +4,75 @@ metadata: annotations: alm-examples: |- [ + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Client", + "metadata": { + "labels": { + "type": "developer" + }, + "name": "client-sample" + }, + "spec": { + "username": "keycloak:user-name-in-keycloak" + } + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Exporter", + "metadata": { + "labels": { + "type": "nxp-imx8mm-evk" + }, + "name": "exporter-sample" + }, + "spec": {} + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "ExporterAccessPolicy", + "metadata": { + "name": "exporteraccesspolicy-sample" + }, + "spec": { + "exporterSelector": { + "matchLabels": { + "lab": "jumpstarter" + } + }, + "policies": [ + { + "from": [ + { + "clientSelector": { + "matchLabels": { + "team": "platform" + } + } + } + ] + } + ] + } + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Lease", + "metadata": { + "name": "lease-sample" + }, + "spec": { + "clientRef": { + "name": "client-sample" + }, + "duration": "1h", + "selector": { + "matchLabels": { + "board": "rcar-s4" + } + } + } + }, { "apiVersion": "operator.jumpstarter.dev/v1alpha1", "kind": "Jumpstarter", @@ -18,7 +87,7 @@ metadata: } ] capabilities: Basic Install - createdAt: "2025-11-25T08:56:27Z" + createdAt: "2025-11-25T16:52:55Z" operators.operatorframework.io/builder: operator-sdk-v1.41.1 operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 name: jumpstarter-operator.v0.8.0 @@ -27,13 +96,22 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - kind: Client + - description: | + Client is the schema for the Clients API. Clients represent a user that can access the Jumpstarter Controller. Clients can be associated to external identity OIDC providers by providing Username, i.e. Spec.Username: "kc:user-name-in-keycloak" + displayName: Client + kind: Client name: clients.jumpstarter.dev version: v1alpha1 - - kind: ExporterAccessPolicy + - description: Exporter access policies define how exporters can be accessed by + clients. + displayName: ExporterAccessPolicy + kind: ExporterAccessPolicy name: exporteraccesspolicies.jumpstarter.dev version: v1alpha1 - - kind: Exporter + - description: | + Exporters represent the services that connect to the physical or virtual devices. They are responsible for providing the access to the devices and for the communication with the devices. A jumpstarter exporter service should be ran on a linux machine, or a pod, with the exporter credentials and the right configuration for this resource to become online. For more information see the Jumpstarter documentation: https://jumpstarter.dev/main/introduction/exporters.html#exporters + displayName: Exporter + kind: Exporter name: exporters.jumpstarter.dev version: v1alpha1 - description: Jumpstarter is the Schema for the jumpstarters API. @@ -41,7 +119,12 @@ spec: kind: Jumpstarter name: jumpstarters.operator.jumpstarter.dev version: v1alpha1 - - kind: Lease + - description: | + Lease is the schema for the Leases API. Leases represent a request for a specific exporter by a client. The lease is acquired by the client and the exporter is assigned to the lease. The lease is released by the client when the client is done with the exporter. For more information see the Jumpstarter documentation: + https://jumpstarter.dev/main/reference/man-pages/jmp.html#jmp-create-lease + https://jumpstarter.dev/main/reference/man-pages/jmp.html#jmp-shell + displayName: Lease + kind: Lease name: leases.jumpstarter.dev version: v1alpha1 description: Jumpstarter is a cloud-native framework for Hardware-in-the-Loop (HIL) @@ -52,8 +135,8 @@ spec: "exporters") directly from your Kubernetes or OpenShift cluster. displayName: Jumpstarter Operator icon: - - base64data: "" - mediatype: "" + - base64data: PHN2ZyB3aWR0aD0iMjkwIiBoZWlnaHQ9IjM2NCIgdmlld0JveD0iMCAwIDI5MCAzNjQiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxwYXRoIGQ9Ik04Ny40OTIyIDIxMy42N0w4Ny41NCAyMTMuMjczQzg3Ljg4MTMgMjExLjU2NyA4Ny41NCAyMTAuMjAxIDg2LjUxNiAyMDkuMTc3Qzg1LjQ5MiAyMDcuODEyIDg0LjEyNjcgMjA3LjEyOSA4Mi40MiAyMDcuMTI5SDExLjc2NEMxMC4wNTczIDIwNy4xMjkgOC41MjEzMyAyMDcuODEyIDcuMTU2IDIwOS4xNzdDNi4xMzIgMjEwLjIwMSA1LjQ0OTMzIDIxMS41NjcgNS4xMDggMjEzLjI3M0wxLjUyNCAyNDMuNDgxQzAuODQxMzMzIDI1MS42NzMgMC41IDI1Ny40NzYgMC41IDI2MC44ODlDMC41IDI5MS45NTEgMTAuNzQgMzE2Ljg2OCAzMS4yMiAzMzUuNjQxQzUyLjA0MTMgMzU0LjA3MyA4MC4yMDEzIDM2My4yODkgMTE1LjcgMzYzLjI4OUMxNDAuOTU5IDM2My4yODkgMTYzLjk5OSAzNTguMzQgMTg0LjgyIDM0OC40NDFDMjA1Ljk4MyAzMzguMjAxIDIyMy4wNDkgMzI0LjAzNiAyMzYuMDIgMzA1Ljk0NUMyNDkuMzMyIDI4Ny44NTUgMjU3LjM1MyAyNjcuMDMzIDI2MC4wODQgMjQzLjQ4MUwyODkuMjY4IDYuOTM3MjZDMjg5LjYwOSA1LjIzMDYgMjg5LjI2OCAzLjg2NTI2IDI4OC4yNDQgMi44NDEyNUMyODcuMjIgMS40NzU5MiAyODUuODU1IDAuNzkzMjQ4IDI4NC4xNDggMC43OTMyNDhIMjE0LjAwNEMyMTIuMjk3IDAuNzkzMjQ4IDIxMC43NjEgMS40NzU5MiAyMDkuMzk2IDIuODQxMjVDMjA4LjM3MiAzLjg2NTI2IDIwNy42ODkgNS4yMzA2IDIwNy4zNDggNi45MzcyNkwxOTMuNzkyIDExNi41NzJIMjIwLjA5MkMyNDYuNTc2IDExNi41NzIgMjYxLjU5NiAxNDYuOTA2IDI0NS41NDMgMTY3Ljk2OUwxMTUuMTc1IDMzOS4wMkM5Ny4wNDc5IDM2Mi44MDQgNTkuMjYxNSAzNDUuNDIyIDY1LjUyNyAzMTYuMTgxTDg3LjQ5MjIgMjEzLjY3WiIgZmlsbD0iIzIxMjEyMSIvPgo8cGF0aCBkPSJNMTc2LjA3NyAxLjkyMjJMMzMuMDM4OCAxNjkuMTQ5QzI4LjU5ODYgMTc0LjM0IDMyLjI4NzMgMTgyLjM0OSAzOS4xMTgyIDE4Mi4zNDlIMTA4Ljg1MkMxMTMuOTQ1IDE4Mi4zNDkgMTE3Ljc0MiAxODcuMDQ1IDExNi42NzUgMTkyLjAyNUw4OC45OTQ0IDMyMS4yMDlDODguMDk5MyAzMjUuMzg2IDkzLjQ5NzMgMzI3Ljg3IDk2LjA4NjkgMzI0LjQ3MkwyMjYuNDU1IDE1My40MjFDMjMwLjQ2OCAxNDguMTU1IDIyNi43MTMgMTQwLjU3MiAyMjAuMDkyIDE0MC41NzJIMTUzLjg4QzE0OC41MzcgMTQwLjU3MiAxNDQuNjk2IDEzNS40MzUgMTQ2LjIwNyAxMzAuMzFMMTgyLjk1NCA1LjY1MzI3QzE4NC4xNzQgMS41MTUgMTc4Ljg4MiAtMS4zNTYzOCAxNzYuMDc3IDEuOTIyMloiIGZpbGw9IiNGRkMxMDciLz4KPC9zdmc+Cg== + mediatype: image/svg+xml install: spec: clusterPermissions: @@ -387,7 +470,12 @@ spec: maintainers: - email: majopela@redhat.com name: Miguel Angel Ajo + - email: bzlotnik@redhat.com + name: Benny Zlotnik + - email: bkhizgiy@redhat.com + name: Bella Khizgiyaev maturity: alpha + minKubeVersion: 1.28.0 provider: name: The Jumpstarter Community url: https://jumpstarter.dev diff --git a/deploy/operator/config/manager/kustomization.yaml b/deploy/operator/config/manager/kustomization.yaml index 9c94df03..205e39ad 100644 --- a/deploy/operator/config/manager/kustomization.yaml +++ b/deploy/operator/config/manager/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: quay.io/jumpstarter-dev/jumpstarter-operator + newName: quay.io/jumpstarte-dev/jumpstarter-operator newTag: latest diff --git a/deploy/operator/config/manifests/bases/jumpstarter-operator.clusterserviceversion.yaml b/deploy/operator/config/manifests/bases/jumpstarter-operator.clusterserviceversion.yaml index 7e93f930..27fb8d43 100644 --- a/deploy/operator/config/manifests/bases/jumpstarter-operator.clusterserviceversion.yaml +++ b/deploy/operator/config/manifests/bases/jumpstarter-operator.clusterserviceversion.yaml @@ -2,7 +2,78 @@ apiVersion: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion metadata: annotations: - alm-examples: '[]' + alm-examples: |- + [ + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Exporter", + "metadata": { + "name": "example-exporter", + "labels": { + "type": "nxp-imx8mm-evk" + } + }, + "spec": {} + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Lease", + "metadata": { + "name": "example-lease" + }, + "spec": { + "clientRef": { + "name": "example-client" + }, + "selector": { + "matchLabels": { + "board": "rcar-s4" + } + }, + "duration": "1h" + } + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "Client", + "metadata": { + "name": "example-client", + "labels": { + "type": "developer" + } + }, + "spec": { + "username": "keycloak:user-name-in-keycloak" + } + }, + { + "apiVersion": "jumpstarter.dev/v1alpha1", + "kind": "ExporterAccessPolicy", + "metadata": { + "name": "example-exporter-access-policy" + }, + "spec": { + "exporterSelector": { + "matchLabels": { + "lab": "jumpstarter" + } + }, + "policies": [ + { + "from": [ + { + "clientSelector": { + "matchLabels": { + "team": "platform" + } + } + } + ] + } + ] + } + } + ] capabilities: Basic Install name: jumpstarter-operator.v0.0.0 namespace: placeholder @@ -10,6 +81,32 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: + - description: | + Client is the schema for the Clients API. Clients represent a user that can access the Jumpstarter Controller. Clients can be associated to external identity OIDC providers by providing Username, i.e. Spec.Username: "kc:user-name-in-keycloak" + displayName: Client + kind: Client + name: clients.jumpstarter.dev + version: v1alpha1 + - description: Exporter access policies define how exporters can be accessed by + clients. + displayName: ExporterAccessPolicy + kind: ExporterAccessPolicy + name: exporteraccesspolicies.jumpstarter.dev + version: v1alpha1 + - description: | + Exporters represent the services that connect to the physical or virtual devices. They are responsible for providing the access to the devices and for the communication with the devices. A jumpstarter exporter service should be ran on a linux machine, or a pod, with the exporter credentials and the right configuration for this resource to become online. For more information see the Jumpstarter documentation: https://jumpstarter.dev/main/introduction/exporters.html#exporters + displayName: Exporter + kind: Exporter + name: exporters.jumpstarter.dev + version: v1alpha1 + - description: | + Lease is the schema for the Leases API. Leases represent a request for a specific exporter by a client. The lease is acquired by the client and the exporter is assigned to the lease. The lease is released by the client when the client is done with the exporter. For more information see the Jumpstarter documentation: + https://jumpstarter.dev/main/reference/man-pages/jmp.html#jmp-create-lease + https://jumpstarter.dev/main/reference/man-pages/jmp.html#jmp-shell + displayName: Lease + kind: Lease + name: leases.jumpstarter.dev + version: v1alpha1 - description: Jumpstarter is the Schema for the jumpstarters API. displayName: Jumpstarter kind: Jumpstarter @@ -23,8 +120,8 @@ spec: "exporters") directly from your Kubernetes or OpenShift cluster. displayName: Jumpstarter Operator icon: - - base64data: "" - mediatype: "" + - base64data: PHN2ZyB3aWR0aD0iMjkwIiBoZWlnaHQ9IjM2NCIgdmlld0JveD0iMCAwIDI5MCAzNjQiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxwYXRoIGQ9Ik04Ny40OTIyIDIxMy42N0w4Ny41NCAyMTMuMjczQzg3Ljg4MTMgMjExLjU2NyA4Ny41NCAyMTAuMjAxIDg2LjUxNiAyMDkuMTc3Qzg1LjQ5MiAyMDcuODEyIDg0LjEyNjcgMjA3LjEyOSA4Mi40MiAyMDcuMTI5SDExLjc2NEMxMC4wNTczIDIwNy4xMjkgOC41MjEzMyAyMDcuODEyIDcuMTU2IDIwOS4xNzdDNi4xMzIgMjEwLjIwMSA1LjQ0OTMzIDIxMS41NjcgNS4xMDggMjEzLjI3M0wxLjUyNCAyNDMuNDgxQzAuODQxMzMzIDI1MS42NzMgMC41IDI1Ny40NzYgMC41IDI2MC44ODlDMC41IDI5MS45NTEgMTAuNzQgMzE2Ljg2OCAzMS4yMiAzMzUuNjQxQzUyLjA0MTMgMzU0LjA3MyA4MC4yMDEzIDM2My4yODkgMTE1LjcgMzYzLjI4OUMxNDAuOTU5IDM2My4yODkgMTYzLjk5OSAzNTguMzQgMTg0LjgyIDM0OC40NDFDMjA1Ljk4MyAzMzguMjAxIDIyMy4wNDkgMzI0LjAzNiAyMzYuMDIgMzA1Ljk0NUMyNDkuMzMyIDI4Ny44NTUgMjU3LjM1MyAyNjcuMDMzIDI2MC4wODQgMjQzLjQ4MUwyODkuMjY4IDYuOTM3MjZDMjg5LjYwOSA1LjIzMDYgMjg5LjI2OCAzLjg2NTI2IDI4OC4yNDQgMi44NDEyNUMyODcuMjIgMS40NzU5MiAyODUuODU1IDAuNzkzMjQ4IDI4NC4xNDggMC43OTMyNDhIMjE0LjAwNEMyMTIuMjk3IDAuNzkzMjQ4IDIxMC43NjEgMS40NzU5MiAyMDkuMzk2IDIuODQxMjVDMjA4LjM3MiAzLjg2NTI2IDIwNy42ODkgNS4yMzA2IDIwNy4zNDggNi45MzcyNkwxOTMuNzkyIDExNi41NzJIMjIwLjA5MkMyNDYuNTc2IDExNi41NzIgMjYxLjU5NiAxNDYuOTA2IDI0NS41NDMgMTY3Ljk2OUwxMTUuMTc1IDMzOS4wMkM5Ny4wNDc5IDM2Mi44MDQgNTkuMjYxNSAzNDUuNDIyIDY1LjUyNyAzMTYuMTgxTDg3LjQ5MjIgMjEzLjY3WiIgZmlsbD0iIzIxMjEyMSIvPgo8cGF0aCBkPSJNMTc2LjA3NyAxLjkyMjJMMzMuMDM4OCAxNjkuMTQ5QzI4LjU5ODYgMTc0LjM0IDMyLjI4NzMgMTgyLjM0OSAzOS4xMTgyIDE4Mi4zNDlIMTA4Ljg1MkMxMTMuOTQ1IDE4Mi4zNDkgMTE3Ljc0MiAxODcuMDQ1IDExNi42NzUgMTkyLjAyNUw4OC45OTQ0IDMyMS4yMDlDODguMDk5MyAzMjUuMzg2IDkzLjQ5NzMgMzI3Ljg3IDk2LjA4NjkgMzI0LjQ3MkwyMjYuNDU1IDE1My40MjFDMjMwLjQ2OCAxNDguMTU1IDIyNi43MTMgMTQwLjU3MiAyMjAuMDkyIDE0MC41NzJIMTUzLjg4QzE0OC41MzcgMTQwLjU3MiAxNDQuNjk2IDEzNS40MzUgMTQ2LjIwNyAxMzAuMzFMMTgyLjk1NCA1LjY1MzI3QzE4NC4xNzQgMS41MTUgMTc4Ljg4MiAtMS4zNTYzOCAxNzYuMDc3IDEuOTIyMloiIGZpbGw9IiNGRkMxMDciLz4KPC9zdmc+Cg== + mediatype: image/svg+xml install: spec: deployments: null @@ -52,7 +149,12 @@ spec: maintainers: - email: majopela@redhat.com name: Miguel Angel Ajo + - email: bzlotnik@redhat.com + name: Benny Zlotnik + - email: bkhizgiy@redhat.com + name: Bella Khizgiyaev maturity: alpha + minKubeVersion: 1.28.0 provider: name: The Jumpstarter Community url: https://jumpstarter.dev diff --git a/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_client.yaml b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_client.yaml new file mode 100644 index 00000000..fa54550d --- /dev/null +++ b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_client.yaml @@ -0,0 +1,9 @@ +apiVersion: jumpstarter.dev/v1alpha1 +kind: Client +metadata: + name: client-sample + labels: + type: developer +spec: + username: "keycloak:user-name-in-keycloak" + diff --git a/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporter.yaml b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporter.yaml new file mode 100644 index 00000000..cfae765f --- /dev/null +++ b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporter.yaml @@ -0,0 +1,8 @@ +apiVersion: jumpstarter.dev/v1alpha1 +kind: Exporter +metadata: + name: exporter-sample + labels: + type: nxp-imx8mm-evk +spec: {} + diff --git a/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporteraccesspolicy.yaml b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporteraccesspolicy.yaml new file mode 100644 index 00000000..ae12cc60 --- /dev/null +++ b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_exporteraccesspolicy.yaml @@ -0,0 +1,14 @@ +apiVersion: jumpstarter.dev/v1alpha1 +kind: ExporterAccessPolicy +metadata: + name: exporteraccesspolicy-sample +spec: + exporterSelector: + matchLabels: + lab: jumpstarter + policies: + - from: + - clientSelector: + matchLabels: + team: platform + diff --git a/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_lease.yaml b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_lease.yaml new file mode 100644 index 00000000..ddc43dfb --- /dev/null +++ b/deploy/operator/config/samples/jumpstarter.dev_v1alpha1_lease.yaml @@ -0,0 +1,12 @@ +apiVersion: jumpstarter.dev/v1alpha1 +kind: Lease +metadata: + name: lease-sample +spec: + clientRef: + name: client-sample + selector: + matchLabels: + board: rcar-s4 + duration: "1h" + diff --git a/deploy/operator/config/samples/kustomization.yaml b/deploy/operator/config/samples/kustomization.yaml index 3704fe7a..cbf2639e 100644 --- a/deploy/operator/config/samples/kustomization.yaml +++ b/deploy/operator/config/samples/kustomization.yaml @@ -1,4 +1,8 @@ ## Append samples of your project ## resources: - operator_v1alpha1_jumpstarter.yaml +- jumpstarter.dev_v1alpha1_client.yaml +- jumpstarter.dev_v1alpha1_exporter.yaml +- jumpstarter.dev_v1alpha1_exporteraccesspolicy.yaml +- jumpstarter.dev_v1alpha1_lease.yaml # +kubebuilder:scaffold:manifestskustomizesamples diff --git a/deploy/operator/contribute/update-contributions.sh b/deploy/operator/contribute/update-contributions.sh new file mode 100755 index 00000000..68f613e4 --- /dev/null +++ b/deploy/operator/contribute/update-contributions.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# if directory community-operators does not exist, checkout from git@github.com:k8s-operatorhub/community-operators.git +if [ ! -d "community-operators" ]; then + git clone git@github.com:k8s-operatorhub/community-operators.git +fi + +# ask if we want to start a new branch from main +read -p "Do you want to start a new branch from main? (y/n): " START_NEW_BRANCH +if [ "$START_NEW_BRANCH" == "y" ]; then + git fetch --all + read -p "Enter the name of the new branch: " NEW_BRANCH + git checkout remotes/origin/main -B $NEW_BRANCH +fi + +cd community-operators + +VERSION=$(grep "^ version:" ../../bundle/manifests/jumpstarter-operator.clusterserviceversion.yaml | awk '{print $2}') + +echo "Updating community-operators to version ${VERSION}" + +# make sure that the operators/jumpstarter-operator/${VERSION} directory exists +mkdir -p operators/jumpstarter-operator/${VERSION} + +cp -v -r -f ../../bundle/* operators/jumpstarter-operator/${VERSION} + +echo You can now review the changes and commit them.