Add agentic deploy scripts, CRDs, and operator integration

Dockerfile.dev

@@ -0,0 +1,40 @@
+# Dev build — uses local lightspeed-agentic-operator source instead of fetching from GitHub.
+# Build context must be the workspace root (parent of lightspeed-operator/).
+#
+# Usage: docker build -f lightspeed-operator/Dockerfile.dev -t operator:dev .
+FROM registry.redhat.io/ubi9/go-toolset:9.7-1777043046 AS builder
+
+WORKDIR /workspace
+
+# Copy the local agentic operator module first
+COPY lightspeed-agentic-operator/ /workspace/lightspeed-agentic-operator/
+
+# Copy the operator module manifests
+COPY lightspeed-operator/go.mod lightspeed-operator/go.sum ./
+
+USER 0
+
+# Point to the local agentic operator instead of the remote
+RUN go mod edit -replace github.com/openshift/lightspeed-agentic-operator=./lightspeed-agentic-operator \
+    && go mod edit -replace github.com/openshift/lightspeed-agentic-operator/api=./lightspeed-agentic-operator/api \
+    && go mod edit -replace github.com/harche/lightspeed-agentic-operator=./lightspeed-agentic-operator
+
+RUN go mod download
+
+# Copy the operator source
+COPY lightspeed-operator/cmd/ cmd/
+COPY lightspeed-operator/api/ api/
+COPY lightspeed-operator/internal/ internal/
+COPY lightspeed-operator/LICENSE /licenses/
+
+USER 0
+
+RUN CGO_ENABLED=1 GOOS=linux GOARCH=${TARGETARCH} go build -a -tags strictfipsruntime -o manager cmd/main.go
+
+FROM registry.redhat.io/ubi9/ubi-minimal:9.7-1776645941
+WORKDIR /
+COPY --from=builder /workspace/manager .
+RUN mkdir /licenses
+COPY lightspeed-operator/LICENSE /licenses/.
+USER 65532:65532
+ENTRYPOINT ["/manager"]

cmd/main.go

@@ -81,6 +81,9 @@ import (
 
 	olsv1alpha1 "github.com/openshift/lightspeed-operator/api/v1alpha1"
 
+	agenticv1alpha1 "github.com/openshift/lightspeed-agentic-operator/api/v1alpha1"
+	agenticcontroller "github.com/openshift/lightspeed-agentic-operator/controller"
+
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	"github.com/openshift/lightspeed-operator/internal/controller"
@@ -115,6 +118,7 @@ func init() {
 	utilruntime.Must(configv1.AddToScheme(scheme))
 
 	utilruntime.Must(olsv1alpha1.AddToScheme(scheme))
+	utilruntime.Must(agenticv1alpha1.AddToScheme(scheme))
 	//+kubebuilder:scaffold:scheme
 }
 
@@ -184,6 +188,8 @@ func main() {
 	var lcoreImage string
 	var dataverseExporterImage string
 	var ocpRagImage string
+	var agenticConsoleImage string
+	var agenticSandboxImage string
 	var useLCore bool
 	var lcoreServerMode bool
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
@@ -206,6 +212,8 @@ func main() {
 	flag.StringVar(&lcoreImage, "lcore-image", utils.LlamaStackImageDefault, "The image of the LCore container.")
 	flag.StringVar(&dataverseExporterImage, "dataverse-exporter-image", utils.DataverseExporterImageDefault, "The image of the dataverse exporter container.")
 	flag.StringVar(&ocpRagImage, "ocp-rag-image", utils.OcpRagImageDefault, "The image with the OCP RAG databases.")
+	flag.StringVar(&agenticConsoleImage, "agentic-console-image", utils.AgenticConsoleImageDefault, "The image of the agentic console plugin container.")
+	flag.StringVar(&agenticSandboxImage, "agentic-sandbox-image", utils.AgenticSandboxImageDefault, "The image of the agentic sandbox container.")
 	flag.BoolVar(&useLCore, "use-lcore", false, "Use LCore instead of AppServer for the application server deployment.")
 	flag.BoolVar(&lcoreServerMode, "lcore-server", true, "Use LCore in a server mode.")
 	opts := zap.Options{
@@ -461,6 +469,26 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "OLSConfig")
 		os.Exit(1)
 	}
+	var agenticEnabled bool
+	{
+		olscfg := &olsv1alpha1.OLSConfig{}
+		if err := k8sClient.Get(ctx, types.NamespacedName{Name: utils.OLSConfigName}, olscfg); err == nil {
+			agenticEnabled = slices.Contains(olscfg.Spec.FeatureGates, olsv1alpha1.FeatureGate(utils.FeatureGateLightspeedAgents))
+		}
+	}
+	if agenticEnabled {
+		if err = agenticcontroller.Setup(mgr, agenticcontroller.Options{
+			Namespace:           namespace,
+			AgenticConsoleImage: agenticConsoleImage,
+			AgenticSandboxImage: agenticSandboxImage,
+		}); err != nil {
+			setupLog.Error(err, "unable to set up agentic controllers")
+			os.Exit(1)
+		}
+		setupLog.Info("Agentic controllers registered")
+	} else {
+		setupLog.Info("LightspeedAgents feature gate not enabled — skipping agentic controllers")
+	}
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

config/crd/bases/agentic.openshift.io_agents.yaml

@@ -0,0 +1,226 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.19.0
+  name: agents.agentic.openshift.io
+spec:
+  group: agentic.openshift.io
+  names:
+    kind: Agent
+    listKind: AgentList
+    plural: agents
+    singular: agent
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.llmProvider.name
+      name: LLM
+      type: string
+    - jsonPath: .spec.model
+      name: Model
+      type: string
+    - jsonPath: .status.conditions[?(@.type=="Ready")].status
+      name: Ready
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: "Agent defines a cluster-scoped agent tier (e.g., \"default\",
+          \"smart\", \"fast\").\nThe cluster admin creates Agent resources to configure
+          LLM infrastructure\nand runtime settings. Proposals reference agents by
+          name per step.\n\nAgent is cluster-scoped. The metadata.name serves as the
+          tier identifier.\nThe \"default\" agent must exist; \"smart\" and \"fast\"
+          are optional (the\noperator auto-links to \"default\" if absent).\n\nExample
+          — a high-capability agent tier:\n\n\tapiVersion: agentic.openshift.io/v1alpha1\n\tkind:
+          Agent\n\tmetadata:\n\t  name: smart\n\tspec:\n\t  llmProvider:\n\t    name:
+          vertex-ai\n\t  model: claude-opus-4-6\n\t  timeouts:\n\t    analysisSeconds:
+          300\n\t    executionSeconds: 600\n\t  maxTurns: 200\n\nExample — a fast,
+          cost-efficient agent tier:\n\n\tapiVersion: agentic.openshift.io/v1alpha1\n\tkind:
+          Agent\n\tmetadata:\n\t  name: fast\n\tspec:\n\t  llmProvider:\n\t    name:
+          vertex-ai\n\t  model: claude-haiku-4-5\n\t  timeouts:\n\t    analysisSeconds:
+          120\n\t    executionSeconds: 300\n\t  maxTurns: 100"
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: spec defines the desired state of Agent.
+            properties:
+              llmProvider:
+                description: |-
+                  llmProvider references a cluster-scoped LLMProvider CR that supplies the
+                  LLM backend for this agent tier.
+                properties:
+                  name:
+                    description: name of the LLMProvider. Must be a valid RFC 1123
+                      DNS subdomain.
+                    maxLength: 253
+                    minLength: 1
+                    type: string
+                    x-kubernetes-validations:
+                    - message: 'must be a valid DNS subdomain: lowercase alphanumeric
+                        characters, hyphens, and dots'
+                      rule: '!format.dns1123Subdomain().validate(self).hasValue()'
+                required:
+                - name
+                type: object
+              maxTurns:
+                description: |-
+                  maxTurns is the maximum number of tool-use turns the agent may take
+                  in a single step invocation. Prevents runaway loops.
+                  When omitted, the agent sandbox uses its built-in default.
+                  Minimum 1, maximum 500.
+                format: int32
+                maximum: 500
+                minimum: 1
+                type: integer
+              model:
+                description: |-
+                  model is the LLM model identifier as recognized by the provider
+                  (e.g., "claude-opus-4-6", "claude-haiku-4-5", "gpt-4o").
+                  Must start with an alphanumeric character and may contain
+                  alphanumerics, dots, hyphens, underscores, slashes, colons,
+                  and at-signs. Maximum 256 characters.
+                maxLength: 256
+                minLength: 1
+                type: string
+                x-kubernetes-validations:
+                - message: model must start with an alphanumeric character and contain
+                    only alphanumerics, dots, hyphens, underscores, slashes, colons,
+                    and at-signs
+                  rule: self.matches('^[a-zA-Z0-9][a-zA-Z0-9._\\-/:@]*$')
+              timeouts:
+                description: |-
+                  timeouts configures per-step and per-turn timeout limits.
+                  When omitted, the agent sandbox uses its built-in defaults.
+                minProperties: 1
+                properties:
+                  analysisSeconds:
+                    description: analysisSeconds is the timeout for the analysis step
+                      in seconds.
+                    format: int32
+                    maximum: 3600
+                    minimum: 1
+                    type: integer
+                  chatSeconds:
+                    description: chatSeconds is the timeout for each chat turn with
+                      the LLM in seconds.
+                    format: int32
+                    maximum: 600
+                    minimum: 1
+                    type: integer
+                  executionSeconds:
+                    description: executionSeconds is the timeout for the execution
+                      step in seconds.
+                    format: int32
+                    maximum: 3600
+                    minimum: 1
+                    type: integer
+                  verificationSeconds:
+                    description: verificationSeconds is the timeout for the verification
+                      step in seconds.
+                    format: int32
+                    maximum: 3600
+                    minimum: 1
+                    type: integer
+                type: object
+            required:
+            - llmProvider
+            - model
+            type: object
+          status:
+            description: status defines the observed state of Agent.
+            minProperties: 1
+            properties:
+              conditions:
+                description: |-
+                  conditions represent the latest available observations of the
+                  Agent's state. The Ready condition summarizes whether all
+                  referenced resources (LLMProvider, Secrets) are present.
+                items:
+                  description: Condition contains details for one aspect of the current
+                    state of this API Resource.
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                maxItems: 8
+                minItems: 1
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}