feat: add SoftwareBuild CRD for multi-OS software builds

PROJECT

@@ -38,4 +38,13 @@ resources:
   kind: OperatorConfig
   path: github.com/centos-automotive-suite/automotive-dev-operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: sdv.cloud.redhat.com
+  group: automotive
+  kind: SoftwareBuild
+  path: github.com/centos-automotive-suite/automotive-dev-operator/api/v1alpha1
+  version: v1alpha1
 version: "3"

README.md

@@ -7,6 +7,7 @@ An operator for building automotive OS images on OpenShift. This operator provid
 The CentOS Automotive Suite Operator enables automotive OS image building through:
 
 - **ImageBuild Custom Resource**: Declaratively define and trigger automotive OS image builds
+- **SoftwareBuild Custom Resource**: Build software for any target OS using arbitrary container images and stage commands (Zephyr, Ubuntu, OpenBSW, etc.)
 - **Multiple Build Modes**: Support for traditional AIB manifests and bootc container builds
 - **CLI Tool (caib)**: Command-line interface for creating and monitoring builds
 - **Artifact Management**: Serve built images via OpenShift Routes or push to OCI registries
@@ -135,6 +136,52 @@ oc get imagebuild my-automotive-image -w
 oc logs -f job/my-automotive-image-build
 ```
 
+### Building Software for Other Target OSes
+
+Use `SoftwareBuild` to build firmware or software with any toolchain. The build
+runs inside the container image you specify, executing five sequential stages:
+
+```yaml
+apiVersion: automotive.sdv.cloud.redhat.com/v1alpha1
+kind: SoftwareBuild
+metadata:
+  name: body-ecu-zephyr
+spec:
+  runtime:
+    image: ghcr.io/zephyrproject-rtos/ci-base:v0.27.4
+  source:
+    type: git
+    git:
+      url: https://github.com/vtz/body-ecu
+      revision: main
+  stages:
+    fetch:
+      command: "west init -l . && west update"
+    prebuild:
+      command: "echo 'Dependencies ready'"
+    build:
+      command: "west build -b native_sim app"
+    postbuild:
+      command: "ctest --test-dir build/tests --output-on-failure"
+    deploy:
+      command: "cp build/zephyr/zephyr.elf /workspace/artifacts/"
+  destination:
+    type: sharedFolder
+    path: /workspace/artifacts
+```
+
+Enable the software build pipeline in your `OperatorConfig`:
+
+```yaml
+apiVersion: automotive.sdv.cloud.redhat.com/v1alpha1
+kind: OperatorConfig
+metadata:
+  name: default
+spec:
+  softwareBuilds:
+    enabled: true
+```
+
 ## Uninstallation
 
 ### For OperatorHub Installation
@@ -164,7 +211,8 @@ make uninstall
 
 ### Custom Resources
 
-- **ImageBuild**: Defines an automotive OS image build job
+- **ImageBuild**: Defines an automotive OS image build job using AIB
+- **SoftwareBuild**: Defines a generic, stage-based software build for any target OS or toolchain
 - **Image**: Represents a built image with metadata and location information
 - **OperatorConfig**: Cluster-wide configuration for the operator
 

api/v1alpha1/operatorconfig_types.go

@@ -430,6 +430,28 @@ func (c *WorkspacesConfig) GetAutoPauseTimeoutMinutes() int32 {
 	return DefaultAutoPauseTimeoutMinutes
 }
 
+// SoftwareBuildsConfig defines configuration for generic software build operations
+type SoftwareBuildsConfig struct {
+	// Enabled determines if Tekton pipeline for generic software builds should be deployed
+	// +kubebuilder:default=false
+	Enabled bool `json:"enabled"`
+
+	// PVCSize specifies the size for persistent volume claims created for build workspaces
+	// Default: "1Gi"
+	// +optional
+	PVCSize string `json:"pvcSize,omitempty"`
+
+	// BuildTimeoutMinutes is the timeout for software build pipeline tasks in minutes
+	// Default: 30
+	// +optional
+	BuildTimeoutMinutes int32 `json:"buildTimeoutMinutes,omitempty"`
+
+	// DefaultImage is the default container image for software builds when not specified in the CR
+	// Default: "ubuntu:24.04"
+	// +optional
+	DefaultImage string `json:"defaultImage,omitempty"`
+}
+
 // OperatorConfigSpec defines the desired state of OperatorConfig
 type OperatorConfigSpec struct {
 	// OSBuilds defines the configuration for OS build operations
@@ -455,6 +477,12 @@ type OperatorConfigSpec struct {
 	// Workspaces defines configuration for developer workspaces
 	// +optional
 	Workspaces *WorkspacesConfig `json:"workspaces,omitempty"`
+
+	// SoftwareBuilds defines configuration for generic software build operations.
+	// When enabled, the operator deploys a stage-based Tekton pipeline that can
+	// build software for arbitrary target OSes using user-specified container images.
+	// +optional
+	SoftwareBuilds *SoftwareBuildsConfig `json:"softwareBuilds,omitempty"`
 }
 
 // OSBuildsConfig defines configuration for OS build operations

api/v1alpha1/softwarebuild_types.go

@@ -0,0 +1,192 @@
+/*
+Copyright 2025.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// SoftwareBuildSourceType identifies where source code is obtained from.
+type SoftwareBuildSourceType string
+
+// Source can be a Git repository or an existing PVC with pre-populated content.
+const (
+	SoftwareBuildSourceGit SoftwareBuildSourceType = "git"
+	SoftwareBuildSourcePVC SoftwareBuildSourceType = "pvc"
+)
+
+// SoftwareBuildDestinationType identifies where build artifacts are stored.
+type SoftwareBuildDestinationType string
+
+// Artifacts are written to a shared folder on the workspace PVC.
+const (
+	SoftwareBuildDestinationSharedFolder SoftwareBuildDestinationType = "sharedFolder"
+)
+
+// SoftwareBuildPhase represents the current lifecycle phase.
+type SoftwareBuildPhase string
+
+// Phases track the SoftwareBuild lifecycle from submission through completion.
+const (
+	SoftwareBuildPhasePending   SoftwareBuildPhase = "Pending"
+	SoftwareBuildPhaseRunning   SoftwareBuildPhase = "Running"
+	SoftwareBuildPhaseSucceeded SoftwareBuildPhase = "Succeeded"
+	SoftwareBuildPhaseFailed    SoftwareBuildPhase = "Failed"
+)
+
+// SoftwareBuildRuntimeSpec configures the container environment used for every
+// pipeline stage unless overridden per-stage.
+type SoftwareBuildRuntimeSpec struct {
+	// Image is the container image that provides the build toolchain.
+	// +kubebuilder:default="ubuntu:24.04"
+	// +kubebuilder:validation:MinLength=1
+	Image string `json:"image,omitempty"`
+
+	// ServiceAccountName is the Kubernetes SA the build pod runs as.
+	// +optional
+	ServiceAccountName string `json:"serviceAccountName,omitempty"`
+}
+
+// SoftwareBuildGitSource describes a Git repository to clone.
+type SoftwareBuildGitSource struct {
+	// +kubebuilder:validation:Pattern=`^https?://[^\s;|&$'"]+$`
+	URL string `json:"url"`
+	// +kubebuilder:validation:Pattern=`^[a-zA-Z0-9._/-]+$`
+	// +kubebuilder:default=main
+	Revision string `json:"revision,omitempty"`
+}
+
+// SoftwareBuildPVCSource references an existing PVC.
+// +kubebuilder:validation:XValidation:rule="!has(self.path) || !self.path.contains('..')",message="path must not contain '..'"
+type SoftwareBuildPVCSource struct {
+	// +kubebuilder:validation:MinLength=1
+	ClaimName string `json:"claimName"`
+	// +kubebuilder:default=/
+	Path string `json:"path,omitempty"`
+}
+
+// SoftwareBuildSourceSpec identifies the code location.
+// +kubebuilder:validation:XValidation:rule="self.type != 'git' || has(self.git)",message="git source details required when type is git"
+// +kubebuilder:validation:XValidation:rule="self.type != 'pvc' || has(self.pvc)",message="pvc source details required when type is pvc"
+type SoftwareBuildSourceSpec struct {
+	// +kubebuilder:validation:Enum=git;pvc
+	Type SoftwareBuildSourceType `json:"type"`
+	// +optional
+	Git *SoftwareBuildGitSource `json:"git,omitempty"`
+	// +optional
+	PVC *SoftwareBuildPVCSource `json:"pvc,omitempty"`
+}
+
+// SoftwareBuildStageSpec defines a single pipeline stage.
+type SoftwareBuildStageSpec struct {
+	// Command is executed via bash inside the runtime image.
+	// +kubebuilder:validation:MinLength=1
+	Command string `json:"command"`
+	// Image overrides the runtime image for this stage only.
+	// +optional
+	Image string `json:"image,omitempty"`
+}
+
+// SoftwareBuildPipelineStages groups the five sequential stages.
+type SoftwareBuildPipelineStages struct {
+	Fetch     SoftwareBuildStageSpec `json:"fetch"`
+	Prebuild  SoftwareBuildStageSpec `json:"prebuild"`
+	Build     SoftwareBuildStageSpec `json:"build"`
+	Postbuild SoftwareBuildStageSpec `json:"postbuild"`
+	Deploy    SoftwareBuildStageSpec `json:"deploy"`
+}
+
+// SoftwareBuildDestinationSpec describes where artifacts go.
+type SoftwareBuildDestinationSpec struct {
+	// +kubebuilder:validation:Enum=sharedFolder
+	Type SoftwareBuildDestinationType `json:"type"`
+	// +optional
+	Path string `json:"path,omitempty"`
+}
+
+// SoftwareBuildSpec defines the desired state of SoftwareBuild.
+type SoftwareBuildSpec struct {
+	// +optional
+	Runtime     SoftwareBuildRuntimeSpec     `json:"runtime,omitempty"`
+	Source      SoftwareBuildSourceSpec      `json:"source"`
+	Stages      SoftwareBuildPipelineStages  `json:"stages"`
+	Destination SoftwareBuildDestinationSpec `json:"destination"`
+	// +kubebuilder:validation:Minimum=0
+	// +optional
+	TimeoutSeconds int64 `json:"timeoutSeconds,omitempty"`
+}
+
+// SoftwareBuildStageStatus captures per-stage progress.
+type SoftwareBuildStageStatus struct {
+	Name string `json:"name,omitempty"`
+	// +optional
+	StartedAt *metav1.Time `json:"startedAt,omitempty"`
+	// +optional
+	FinishedAt *metav1.Time `json:"finishedAt,omitempty"`
+	// +optional
+	State string `json:"state,omitempty"`
+	// +optional
+	Message string `json:"message,omitempty"`
+}
+
+// SoftwareBuildStatus defines the observed state of SoftwareBuild.
+type SoftwareBuildStatus struct {
+	// +optional
+	Phase SoftwareBuildPhase `json:"phase,omitempty"`
+	// +optional
+	PipelineRunName string `json:"pipelineRunName,omitempty"`
+	// +optional
+	ArtifactURI string `json:"artifactURI,omitempty"`
+	// +optional
+	FailureReason string `json:"failureReason,omitempty"`
+	// +optional
+	Stages []SoftwareBuildStageStatus `json:"stages,omitempty"`
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:path=softwarebuilds,scope=Namespaced,shortName=sb
+// +kubebuilder:printcolumn:name="Phase",type=string,JSONPath=`.status.phase`
+// +kubebuilder:printcolumn:name="Image",type=string,JSONPath=`.spec.runtime.image`
+// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
+
+// SoftwareBuild is the Schema for the softwarebuilds API.
+// It drives a generic, stage-based Tekton pipeline that can build software
+// for any target OS or toolchain by specifying a runtime container image and
+// five sequential shell commands.
+type SoftwareBuild struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   SoftwareBuildSpec   `json:"spec,omitempty"`
+	Status SoftwareBuildStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// SoftwareBuildList contains a list of SoftwareBuild.
+type SoftwareBuildList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []SoftwareBuild `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&SoftwareBuild{}, &SoftwareBuildList{})
+}