feat: Generate OpenAPI schemas for all CRDs using controller-gen

[ferrohd]

Changes

Replace the hand-written CRDs that used a bare x-kubernetes-preserve-unknown-fields: true with no spec/status schema, with fully-typed OpenAPI v3 schemas generated from the Go types using controller-gen.

Problem: Every CRD in this project had no resource metadata defined — just type: object with preserve-unknown-fields. This meant no server-side validation, no kubectl explain, no IDE autocompletion, and no field pruning.

Solution: Use controller-gen to generate proper schemas from the existing Go types (which are already richly typed), then sync them into the config/ directories and Helm chart.

Commit breakdown

1. Add kubebuilder markers to CRD Go types: Adds +kubebuilder:object:root, +kubebuilder:resource:scope=Cluster, +kubebuilder:subresource:status, and +kubebuilder:printcolumn markers to all 15 root types and list types. Escape-hatch fields that embed full k8s API types (AdditionalOptions, mf.Slice, external configs) are marked with PreserveUnknownFields + Schemaless to keep CRD size manageable.

2. Add controller-gen toolchain and CRD sync script: Adds controller-gen v0.17.3 to the Makefile (make generate-crds, make sync-helm-crds) and a hack/sync-helm-crds.sh script that syncs generated CRDs into config/{base,kubernetes/base,openshift/base}/ and assembles the Helm chart CRD template files with proper conditionals and labels.

3. Regenerate CRD manifests: Mechanical output of make sync-helm-crds. All 15 CRDs now carry typed spec/status schemas.

What this enables

• Server-side validation: the API server rejects unknown/malformed fields
• kubectl explain: users can discover the API from the CLI
• IDE autocompletion: tools that consume the OpenAPI schema get full field info
• Field pruning: unknown fields are rejected instead of silently preserved

Notes

• The AdditionalOptions fields (Deployments, ConfigMaps, StatefulSets, HPAs) and a few external types (pruner config, scheduler config, mf.Slice manifests) retain x-kubernetes-preserve-unknown-fields since they intentionally accept arbitrary k8s objects.

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

• Run make test lint before submitting a PR
• Includes tests (if functionality changed/added)
• Includes docs (if user facing)
• Commit messages follow commit message best practices

See the contribution guide for more details.

Release Notes

CRD manifests now include full OpenAPI v3 schemas generated for all operator.tekton.dev custom resources.

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: ferrohd / name: Alessandro (51d6d0f)

[vdemeester]

Nice work! One suggestion: can we consider adding a CRD size validation step similar to what tektoncd/pipeline does in hack/update-schemas.sh — it validates each generated CRD stays under 256KB (JSON-serialized) to avoid issues with etcd's object size limits.

It's a nit though, so we could do it in a follow-up as it's definitely not as problematic as on tektoncd/pipeline.

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: vdemeester

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [vdemeester]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[vdemeester]

@ferrohd can you squash you commits and use rebase instead of merge to update the PR from main ? 🙏🏼

[jkhelil]

@ferrohd can you rebase this pr please ?

[jkhelil]

@pramodbindal @enarha @anithapriyanatarajan
Can you have sometime to review this PR please ?