bpfman
diff --git a/‎.github/workflows/integration_test.yml‎
Lines changed: 15 additions & 2 deletions b/‎.github/workflows/integration_test.yml‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎Makefile‎
Lines changed: 31 additions & 32 deletions b/‎Makefile‎
Lines changed: 31 additions & 32 deletions
diff --git a/‎apis/v1alpha1/config_types.go‎
Lines changed: 96 additions & 0 deletions b/‎apis/v1alpha1/config_types.go‎
Lines changed: 96 additions & 0 deletions
diff --git a/‎apis/v1alpha1/zz_generated.deepcopy.go‎
Lines changed: 112 additions & 0 deletions b/‎apis/v1alpha1/zz_generated.deepcopy.go‎
Lines changed: 112 additions & 0 deletions
diff --git a/‎apis/v1alpha1/zz_generated.register.go‎
Lines changed: 2 additions & 0 deletions b/‎apis/v1alpha1/zz_generated.register.go‎
Lines changed: 2 additions & 0 deletions
@@ -9,12 +9,19 @@ on:
 
 jobs:
   kubernetes-integration-tests:
-    name: Kubernetes Integration Tests (Go ${{ matrix.go }} - amd64 - ${{ matrix.oci_bin }})
+    name: Kubernetes Integration Tests (Go ${{ matrix.go }} - amd64 - ${{ matrix.oci_bin }} - ${{ matrix.command }})
     runs-on: ubuntu-24.04
     strategy:
       matrix:
         go: ["1.24"]
         oci_bin: ["docker", "podman"]
+        command: [
+          "integration",
+          "lifecycle"
+        ]
+        exclude:
+          - oci_bin: podman
+            command: "lifecycle"
     env:
       BPFMAN_AGENT_IMG: quay.io/bpfman/bpfman-agent:int-test
       BPFMAN_OPERATOR_IMG: quay.io/bpfman/bpfman-operator:int-test
@@ -64,10 +71,16 @@ jobs:
 
       # Run integration tests only if OCI_BIN is Docker.
       - name: Run integration tests
-        if: ${{ matrix.oci_bin == 'docker' }}
+        if: ${{ (matrix.oci_bin == 'docker') && (matrix.command == 'integration') }}
         run: |
           make test-integration
 
+      # Run lifecycle tests only if OCI_BIN is Docker.
+      - name: Run lifecycle tests
+        if: ${{ (matrix.oci_bin == 'docker') && (matrix.command == 'lifecycle') }}
+        run: |
+          make run-on-kind && make test-lifecycle-local
+
       - name: Check disk space
         run: df -h
 
 
@@ -303,11 +303,7 @@ test: fmt envtest ## Run Unit tests.
 
 
 .PHONY: test-integration
-test-integration: ## Run Integration tests.
-	cd config/bpfman-deployment && \
-	  $(SED) -e 's@bpfman\.image=.*@bpfman.image=$(BPFMAN_IMG)@' \
-	      -e 's@bpfman\.agent\.image=.*@bpfman.agent.image=$(BPFMAN_AGENT_IMG)@' \
-		  kustomization.yaml.env > kustomization.yaml
+test-integration: patch-image-references ## Run Integration tests.
 	GOFLAGS="-tags=integration_tests" go test -count=1 -race -v ./test/integration/...
 
 .PHONY: test-integration-local
@@ -316,17 +312,16 @@ test-integration-local: ## Run Integration tests against existing deployment. Us
 	SKIP_BPFMAN_DEPLOY=true \
 	GOFLAGS="-tags=integration_tests" go test -count=1 -race -v ./test/integration $(if $(TEST),-run $(TEST),)
 
+.PHONY: test-lifecycle-local
+test-lifecycle-local: ## Run lifecycle tests against existing deployment.
+	GOFLAGS="-tags=integration_tests" go test -count=1 -race -v ./test/lifecycle
+
 ## The physical bundle is no longer tracked in git since it should be considered
 ## and treated as a release artifact, rather than something that's updated
 ## as part of a pull request.
 ## See https://github.com/operator-framework/operator-sdk/issues/6285.
 .PHONY: bundle
-bundle: operator-sdk generate kustomize manifests ## Generate bundle manifests and metadata, then validate generated files.
-	cd config/bpfman-operator-deployment && $(KUSTOMIZE) edit set image quay.io/bpfman/bpfman-operator=${BPFMAN_OPERATOR_IMG}
-	cd config/bpfman-deployment && \
-	  $(SED) -e 's@bpfman\.image=.*@bpfman.image=$(BPFMAN_IMG)@' \
-	      -e 's@bpfman\.agent\.image=.*@bpfman.agent.image=$(BPFMAN_AGENT_IMG)@' \
-		  kustomization.yaml.env > kustomization.yaml
+bundle: operator-sdk generate kustomize manifests patch-image-references ## Generate bundle manifests and metadata, then validate generated files.
 	$(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS)
 	# Dependency on security-profiles-operator removed (file renamed to dependencies.yaml.disabled)
 	# https://github.com/kubernetes-sigs/security-profiles-operator/issues/2699
@@ -439,6 +434,16 @@ install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~
 uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
 	$(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
+##@ Image Patching
+
+.PHONY: patch-image-references
+patch-image-references: kustomize ## Update all image references with environment variables
+	cd config/bpfman-operator-deployment && $(KUSTOMIZE) edit set image quay.io/bpfman/bpfman-operator=${BPFMAN_OPERATOR_IMG}
+	cd config/bpfman-deployment && \
+	  $(SED) -e '[email protected]/bpfman/bpfman:latest@$(BPFMAN_IMG)@g' \
+	      -e '[email protected]/bpfman/bpfman-agent:latest@$(BPFMAN_AGENT_IMG)@g' \
+		  kustomization.yaml.env > kustomization.yaml
+
 ##@ Vanilla K8s Deployment
 
 .PHONY: setup-kind
@@ -451,44 +456,38 @@ destroy-kind: ## Destroy Kind cluster
 
 ## Default deploy target is KIND based with its CSI driver initialized.
 .PHONY: deploy
-deploy: manifests kustomize ## Deploy bpfman-operator to the K8s cluster specified in ~/.kube/config with the csi driver initialized.
-	cd config/bpfman-operator-deployment && $(KUSTOMIZE) edit set image quay.io/bpfman/bpfman-operator=${BPFMAN_OPERATOR_IMG}
-	cd config/bpfman-deployment && \
-	 $(SED)  -e 's@bpfman\.image=.*@bpfman.image=$(BPFMAN_IMG)@' \
-	      -e 's@bpfman\.agent\.image=.*@bpfman.agent.image=$(BPFMAN_AGENT_IMG)@' \
-		  kustomization.yaml.env > kustomization.yaml
+deploy: install patch-image-references ## Deploy bpfman-operator to the K8s cluster specified in ~/.kube/config with the csi driver initialized.
 	$(KUSTOMIZE) build config/default | kubectl apply -f -
 
 .PHONY: undeploy
-undeploy: ## Undeploy bpfman-operator from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	kubectl delete --ignore-not-found=$(ignore-not-found) cm bpfman-config -n bpfman
-	kubectl wait --for=delete configmap/bpfman-config -n bpfman --timeout=60s
-	$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
+undeploy: kustomize ## Undeploy bpfman-operator from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
+	@if kubectl get crd configs.bpfman.io >/dev/null 2>&1; then \
+		kubectl delete --ignore-not-found=$(ignore-not-found) configs.bpfman.io bpfman-config; \
+		kubectl wait --for=delete configs.bpfman.io/bpfman-config --timeout=60s; \
+	fi
+	-$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
 .PHONY: kind-reload-images
 kind-reload-images: load-images-kind ## Reload locally build images into a kind cluster and restart the ds and deployment so they're picked up.
 	kubectl rollout restart daemonset bpfman-daemon -n bpfman
 	kubectl rollout restart deployment bpfman-operator -n bpfman
 
 .PHONY: run-on-kind
-run-on-kind: kustomize setup-kind build-images load-images-kind deploy ## Kind Deploy runs the bpfman-operator on a local kind cluster using local builds of bpfman, bpfman-agent, and bpfman-operator
+run-on-kind: kustomize setup-kind build-images load-images-kind install deploy ## Kind Deploy runs the bpfman-operator on a local kind cluster using local builds of bpfman, bpfman-agent, and bpfman-operator
 
 ##@ Openshift Deployment
 
 .PHONY: deploy-openshift
-deploy-openshift: manifests kustomize ## Deploy bpfman-operator to the Openshift cluster specified in ~/.kube/config.
-	cd config/bpfman-operator-deployment && $(KUSTOMIZE) edit set image quay.io/bpfman/bpfman-operator=${BPFMAN_OPERATOR_IMG}
-	cd config/bpfman-deployment && \
-	  $(SED) -e 's@bpfman\.image=.*@bpfman.image=$(BPFMAN_IMG)@' \
-	      -e 's@bpfman\.agent\.image=.*@bpfman.agent.image=$(BPFMAN_AGENT_IMG)@' \
-		  kustomization.yaml.env > kustomization.yaml
+deploy-openshift: install patch-image-references ## Deploy bpfman-operator to the Openshift cluster specified in ~/.kube/config.
 	$(KUSTOMIZE) build config/openshift | kubectl apply -f -
 
 .PHONY: undeploy-openshift
-undeploy-openshift: ## Undeploy bpfman-operator from the Openshift cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	kubectl delete --ignore-not-found=$(ignore-not-found) cm bpfman-config -n bpfman
-	kubectl wait --for=delete configmap/bpfman-config -n bpfman --timeout=60s
-	$(KUSTOMIZE) build config/openshift | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
+undeploy-openshift: kustomize ## Undeploy bpfman-operator from the Openshift cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
+	@if kubectl get crd configs.bpfman.io >/dev/null 2>&1; then \
+		kubectl delete --ignore-not-found=$(ignore-not-found) configs.bpfman.io bpfman-config; \
+		kubectl wait --for=delete configs.bpfman.io/bpfman-config --timeout=60s; \
+	fi
+	-$(KUSTOMIZE) build config/openshift | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
 # Deploy the catalog.
 .PHONY: catalog-deploy
 
@@ -0,0 +1,96 @@
+/*
+Copyright 2023 The bpfman Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +genclient
+// +genclient:nonNamespaced
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:scope=Cluster
+
+// Config holds the configuration for bpfman-operator.
+// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+type Config struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   ConfigSpec   `json:"spec,omitempty"`
+	Status ConfigStatus `json:"status,omitempty"`
+}
+
+// Spec defines the desired state of the bpfman-operator.
+type ConfigSpec struct {
+	// Agent holds the configuration for the bpfman agent.
+	// +required
+	Agent AgentSpec `json:"agent,omitempty"`
+	// Configuration holds the content of bpfman.toml.
+	// +required
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	Configuration string `json:"configuration"`
+	// Image holds the image of the bpfman DaemonSets.
+	// +required
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	Image string `json:"image"`
+	// LogLevel holds the log level for the bpfman-operator.
+	// +optional
+	LogLevel string `json:"logLevel,omitempty"`
+	// Namespace holds the namespace where bpfman-operator resources shall be
+	// deployed.
+	Namespace string `json:"namespace,omitempty"`
+}
+
+// AgentSpec defines the desired state of the bpfman agent.
+type AgentSpec struct {
+	// HealthProbePort holds the health probe bind port for the bpfman agent.
+	// +optional
+	// +kubebuilder:default=8175
+	// +kubebuilder:validation:Minimum=1
+	// +kubebuilder:validation:Maximum=65535
+	HealthProbePort int `json:"healthProbeAddr"`
+	// Image holds the image for the bpfman agent.
+	// +required
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	Image string `json:"image"`
+	// LogLevel holds the log level for the bpfman agent.
+	// +optional
+	LogLevel string `json:"logLevel,omitempty"`
+}
+
+// status reflects the status of the bpfman-operator configuration.
+type ConfigStatus struct {
+	// conditions store the status conditions of the bpfman-operator.
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
+}
+
+// +kubebuilder:object:root=true
+// ConfigList contains a list of Configs.
+type ConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Config `json:"items"`
+}