Flare operator

.dockerignore

@@ -0,0 +1,20 @@
+# Keep build contexts small and force the docker builders to always
+# compile from source. Without this, Dockerfile.operator's COPY picks
+# up the host's Nix-built `.lake/build/bin/flare_operator` (which has
+# a /nix/store glibc interpreter baked into its ELF header) and simply
+# re-packages it, producing an image that crashes at startup with
+# "exec /usr/local/bin/flare_operator: no such file or directory".
+#
+# Excluding .lake/ forces lake to build inside the Ubuntu builder stage
+# with /lib64/ld-linux-x86-64.so.2, which is what actually exists in
+# the runtime image.
+flare_operator/.lake/
+flare_operator/.lake~/
+
+# Git metadata and editor/OS junk -- not useful inside any image and
+# wasteful to ship as build context.
+.git/
+.gitignore
+*.swp
+*~
+.DS_Store

.github/workflows/e2e-tests.yaml

@@ -0,0 +1,114 @@
+name: E2E Tests
+
+on:
+  push:
+    branches:
+      - flare-operator
+      - master
+  pull_request:
+    branches:
+      - flare-operator
+      - master
+
+jobs:
+  e2e-test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Install elan (Lean version manager)
+        run: |
+          curl https://raw.githubusercontent.com/leanprover/elan/master/elan-init.sh -sSf | sh -s -- -y
+          echo "$HOME/.elan/bin" >> $GITHUB_PATH
+
+      - name: Install kind
+        run: |
+          curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.24.0/kind-linux-amd64
+          chmod +x ./kind
+          sudo mv ./kind /usr/local/bin/kind
+
+      - name: Install kubectl
+        run: |
+          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+          chmod +x kubectl
+          sudo mv kubectl /usr/local/bin/kubectl
+
+      - name: Install helm
+        run: |
+          curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
+
+      - name: Build Lean operator
+        run: |
+          cd flare_operator
+          lake build flare_operator flare_e2e
+
+      - name: Create kind cluster
+        run: kind create cluster --name flare-e2e --wait 120s
+
+      - name: Build Docker images
+        run: |
+          docker build -t flare-operator:test -f Dockerfile.operator .
+          docker build -t flare-node:test -f Dockerfile.flare-node .
+
+      - name: Load images into kind
+        run: |
+          kind load docker-image flare-operator:test --name flare-e2e
+          kind load docker-image flare-node:test --name flare-e2e
+
+      - name: Create namespace
+        run: kubectl create namespace flare-system --dry-run=client -o yaml | kubectl apply -f -
+
+      - name: Install CRD
+        run: kubectl apply -f deploy/crd.yaml
+
+      - name: Install RBAC
+        run: kubectl apply -f deploy/rbac.yaml
+
+      - name: Deploy operator
+        run: |
+          # Use simple deployment manifest instead of Helm to avoid timeout issues in CI
+          sed 's|flare-operator:latest|flare-operator:test|;s|IfNotPresent|Never|' \
+            deploy/operator.yaml | kubectl apply -f -
+
+      - name: Wait for operator ready
+        run: |
+          kubectl rollout status deployment/flare-operator -n flare-system --timeout=300s
+          echo "=== Operator pods ==="
+          kubectl get pods -n flare-system
+          echo "=== Operator logs (initial) ==="
+          kubectl logs -n flare-system -l app=flare-operator --tail=50
+
+      - name: Run E2E tests
+        run: |
+          cd flare_operator
+          export KUBECONFIG=$HOME/.kube/config
+          timeout 2400 .lake/build/bin/flare_e2e
+
+      - name: Dump operator logs on failure
+        if: failure()
+        run: |
+          echo "=== Operator Logs ==="
+          kubectl logs -n flare-system -l app=flare-operator --tail=500 || true
+
+      - name: Dump K8s state on failure
+        if: failure()
+        run: |
+          echo "=== All Namespaces ==="
+          kubectl get ns || true
+          echo ""
+          echo "=== All Pods ==="
+          kubectl get pods --all-namespaces || true
+          echo ""
+          echo "=== Events (all namespaces) ==="
+          kubectl get events --all-namespaces --sort-by='.lastTimestamp' || true
+          echo ""
+          echo "=== FlareCluster CRs ==="
+          kubectl get flareclusters --all-namespaces -o yaml || true
+
+      - name: Delete kind cluster
+        if: always()
+        run: kind delete cluster --name flare-e2e

.github/workflows/nix-linux.yml

@@ -3,7 +3,8 @@ name: nix-linux
 on: [push, pull_request]
 
 jobs:
-  build-cache:
+  test-legacy:
+    name: Test Legacy Build (without RocksDB)
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -12,5 +13,36 @@ jobs:
           extra_nix_config: |
             experimental-features = nix-command flakes
           nix_path: nixpkgs=channel:nixos-unstable
-      - run: |
+      - name: Build and test legacy Flare
+        run: |
           nix build .#test-flare -L
+      - name: Verify RocksDB is NOT compiled
+        run: |
+          nix build .#flare -L
+          if nm result/bin/flared | grep -q rocksdb; then
+            echo "ERROR: RocksDB symbols found in legacy build"
+            exit 1
+          fi
+          echo "SUCCESS: Legacy build has no RocksDB dependencies"
+
+  test-rocksdb:
+    name: Test RocksDB Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: cachix/install-nix-action@v22
+        with:
+          extra_nix_config: |
+            experimental-features = nix-command flakes
+          nix_path: nixpkgs=channel:nixos-unstable
+      - name: Build and test Flare with RocksDB
+        run: |
+          nix build .#test-flare-rocksdb -L
+      - name: Verify RocksDB is compiled
+        run: |
+          nix build .#flare-rocksdb -L
+          if ! nm result/bin/flared | grep -q rocksdb; then
+            echo "ERROR: RocksDB symbols NOT found in RocksDB build"
+            exit 1
+          fi
+          echo "SUCCESS: RocksDB build has RocksDB dependencies"

.gitignore

@@ -19,3 +19,6 @@ Makefile.in
 /test/*.log
 /test/*.trs
 /test-driver
+
+# Lean build artifacts
+.lake/