From bc21d32792b7bebb6399654793d6ec3f871be96d Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Tue, 17 Jun 2025 09:42:14 +0530 Subject: [PATCH 01/10] OCPNODE-3372: Update defaultRuntime doc to show options available and set default to crun --- .../DefaultRuntimeConfig.yaml | 39 +++++++++++++++++++ machineconfiguration/v1/types.go | 11 +++++- ...config_01_containerruntimeconfigs.crd.yaml | 13 ++++++- .../AAA_ungated.yaml | 13 ++++++- .../v1/zz_generated.swagger_doc_generated.go | 2 +- ...config_01_containerruntimeconfigs.crd.yaml | 13 ++++++- 6 files changed, 82 insertions(+), 9 deletions(-) create mode 100644 machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml new file mode 100644 index 00000000000..9c63aaafde2 --- /dev/null +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "ContainerRuntimeConfig" +crdName: containerruntimeconfigs.machineconfiguration.openshift.io +tests: + onCreate: + - name: Should fail if invalid ContainerRuntimeConfig is provided + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: docker + expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\", \"\"" + - name: Should be able to set crun in ContainerRuntimeConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: crun + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: crun + - name: Should be able to set runc in ContainerRuntimeConfig + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: runc + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: runc diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index a6552550a7b..bfe83bf1b65 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -844,18 +844,25 @@ type ContainerRuntimeConfiguration struct { // +optional OverlaySize *resource.Quantity `json:"overlaySize,omitempty"` - // defaultRuntime is the name of the OCI runtime to be used as the default. + // defaultRuntime is the name of the OCI runtime to be used as the default for containers. + // Allowed values are `runc`, `crun`, and omitted (`""`). + // When set to `runc`, OpenShift will use runc to execute the container + // When set to `crun`, OpenShift will use crun to execute the container + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. Currently, the default is `crun`. + // +kubebuilder:validation:Enum=crun;runc;"" // +optional DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` } type ContainerRuntimeDefaultRuntime string +// These constants are used in the Machine Config Operator (MCO) const ( ContainerRuntimeDefaultRuntimeEmpty = "" ContainerRuntimeDefaultRuntimeRunc = "runc" ContainerRuntimeDefaultRuntimeCrun = "crun" - ContainerRuntimeDefaultRuntimeDefault = ContainerRuntimeDefaultRuntimeRunc + ContainerRuntimeDefaultRuntimeDefault = ContainerRuntimeDefaultRuntimeCrun ) // ContainerRuntimeConfigStatus defines the observed state of a ContainerRuntimeConfig diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index 37dd8453544..53e8363377a 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,8 +53,17 @@ spec: runtime. properties: defaultRuntime: - description: defaultRuntime is the name of the OCI runtime to - be used as the default. + description: |- + defaultRuntime is the name of the OCI runtime to be used as the default for containers. + Allowed values are `runc`, `crun`, and omitted (`""`). + When set to `runc`, OpenShift will use runc to execute the container + When set to `crun`, OpenShift will use crun to execute the container + When omitted, this means no opinion and the platform is left to choose a reasonable default, + which is subject to change over time. Currently, the default is `crun`. + enum: + - crun + - runc + - "" type: string logLevel: description: |- diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index 80942ade443..84b294e3350 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -54,8 +54,17 @@ spec: runtime. properties: defaultRuntime: - description: defaultRuntime is the name of the OCI runtime to - be used as the default. + description: |- + defaultRuntime is the name of the OCI runtime to be used as the default for containers. + Allowed values are `runc`, `crun`, and omitted (`""`). + When set to `runc`, OpenShift will use runc to execute the container + When set to `crun`, OpenShift will use crun to execute the container + When omitted, this means no opinion and the platform is left to choose a reasonable default, + which is subject to change over time. Currently, the default is `crun`. + enum: + - crun + - runc + - "" type: string logLevel: description: |- diff --git a/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 92f536b9a88..7fe27888c32 100644 --- a/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -79,7 +79,7 @@ var map_ContainerRuntimeConfiguration = map[string]string{ "logLevel": "logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug.", "logSizeMax": "logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer.", "overlaySize": "overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)", - "defaultRuntime": "defaultRuntime is the name of the OCI runtime to be used as the default.", + "defaultRuntime": "defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc`, `crun`, and omitted (`\"\"`). When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently, the default is `crun`.", } func (ContainerRuntimeConfiguration) SwaggerDoc() map[string]string { diff --git a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index 37dd8453544..53e8363377a 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,8 +53,17 @@ spec: runtime. properties: defaultRuntime: - description: defaultRuntime is the name of the OCI runtime to - be used as the default. + description: |- + defaultRuntime is the name of the OCI runtime to be used as the default for containers. + Allowed values are `runc`, `crun`, and omitted (`""`). + When set to `runc`, OpenShift will use runc to execute the container + When set to `crun`, OpenShift will use crun to execute the container + When omitted, this means no opinion and the platform is left to choose a reasonable default, + which is subject to change over time. Currently, the default is `crun`. + enum: + - crun + - runc + - "" type: string logLevel: description: |- From c724f4a73d7ce87cd00d2c5ee4694e03ccf38b53 Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Wed, 25 Jun 2025 16:34:19 +0530 Subject: [PATCH 02/10] OCPNODE-3372: Add ratcheting validation tests for defaultRuntime --- .../DefaultRuntimeConfig.yaml | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml index 9c63aaafde2..3784ee18b16 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -37,3 +37,44 @@ tests: spec: containerRuntimeConfig: defaultRuntime: runc + - name: Should be able to set other parameters + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: runc + logLevel: info + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: runc + logLevel: info + onUpdate: + - name: Should be able to update other parameters with invalid defaultRuntime + initialCRDPatches: + - op: remove + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: docker + logLevel: fatal + updated: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: docker + logLevel: info + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: docker + logLevel: info From e48450d727016556e63ab85b1bf4e1700ac419fd Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Wed, 25 Jun 2025 19:07:20 +0530 Subject: [PATCH 03/10] OCPNODE-3372: Remove omitempty from defaultRuntime as its handled in MCO --- .../DefaultRuntimeConfig.yaml | 42 +++++++++++++++++++ machineconfiguration/v1/types.go | 2 +- 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml index 3784ee18b16..4b2944caf25 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -3,6 +3,48 @@ name: "ContainerRuntimeConfig" crdName: containerruntimeconfigs.machineconfiguration.openshift.io tests: onCreate: + - name: Should not fail if set to empty string + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: "" + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: "" + - name: Should not fail if not set and other fields set + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + logLevel: info + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + logLevel: info + - name: Should fail if set to a number + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: 1234 + expectedError: "spec.containerRuntimeConfig.defaultRuntime: Invalid value: \"integer\": spec.containerRuntimeConfig.defaultRuntime in body must be of type string: \"integer\", spec.containerRuntimeConfig.defaultRuntime: Unsupported value: 1234: supported values: \"crun\", \"runc\", \"\"" + - name: Should fail if set to a blank string + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: " " + expectedError: "Unsupported value: \" \": supported values: \"crun\", \"runc\", \"\"" - name: Should fail if invalid ContainerRuntimeConfig is provided initial: | apiVersion: machineconfiguration.openshift.io/v1 diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index bfe83bf1b65..50615982c4b 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -852,7 +852,7 @@ type ContainerRuntimeConfiguration struct { // which is subject to change over time. Currently, the default is `crun`. // +kubebuilder:validation:Enum=crun;runc;"" // +optional - DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` + DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime"` } type ContainerRuntimeDefaultRuntime string From f52b842d448df36d4fa09d47e2053c23c14fc3af Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Thu, 26 Jun 2025 06:37:50 +0530 Subject: [PATCH 04/10] OCPNODE-3372: Revert omitempty from defaultRuntime. Empty string and ommitted value handled in MCO --- machineconfiguration/v1/types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index 50615982c4b..bfe83bf1b65 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -852,7 +852,7 @@ type ContainerRuntimeConfiguration struct { // which is subject to change over time. Currently, the default is `crun`. // +kubebuilder:validation:Enum=crun;runc;"" // +optional - DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime"` + DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` } type ContainerRuntimeDefaultRuntime string From 3cc10b286e5f14c8cf148c911783152f7b00bdcb Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Fri, 27 Jun 2025 09:12:01 +0530 Subject: [PATCH 05/10] OCPNODE-3372: Remove omitempty from defaultRuntime as its handled in MCO with additional test cases --- .../AAA_ungated.yaml | 5 +- .../DefaultRuntimeConfig.yaml | 59 +++++++++++++++++-- machineconfiguration/v1/types.go | 3 +- ...config_01_containerruntimeconfigs.crd.yaml | 1 + .../AAA_ungated.yaml | 1 + ...config_01_containerruntimeconfigs.crd.yaml | 1 + 6 files changed, 63 insertions(+), 7 deletions(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index df99315587d..ca31d366368 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -3,7 +3,7 @@ name: "ContainerRuntimeConfig" crdName: containerruntimeconfigs.machineconfiguration.openshift.io tests: onCreate: - - name: Should be able to create a minimal ContainerRuntimeConfig + - name: Should be able to create a minimal ContainerRuntimeConfig and default runtime set initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig @@ -13,4 +13,5 @@ tests: apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: - containerRuntimeConfig: {} + containerRuntimeConfig: + defaultRuntime: "" diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml index 4b2944caf25..98911d029eb 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -28,6 +28,7 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: + defaultRuntime: "" logLevel: info - name: Should fail if set to a number initial: | @@ -66,35 +67,85 @@ tests: spec: containerRuntimeConfig: defaultRuntime: crun - - name: Should be able to set runc in ContainerRuntimeConfig + - name: Should be able to set runc in ContainerRuntimeConfig with other params initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: defaultRuntime: runc + logLevel: info expected: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: defaultRuntime: runc - - name: Should be able to set other parameters + logLevel: info + onUpdate: + - name: Should not be able to update from default to invalid value + initialCRDPatches: + - op: remove + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: runc + defaultRuntime: "" + logLevel: fatal + updated: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: docker + logLevel: info + expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\", \"\"" + - name: Should be able to update from not set to default when other params are set + initial: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: {} + updated: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: logLevel: info expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: "" + logLevel: info + - name: Should be able to update from runc to crun with other parameters + initialCRDPatches: + - op: remove + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum + initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: defaultRuntime: runc + logLevel: fatal + updated: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: crun + logLevel: info + expected: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: ContainerRuntimeConfig + spec: + containerRuntimeConfig: + defaultRuntime: crun logLevel: info - onUpdate: - name: Should be able to update other parameters with invalid defaultRuntime initialCRDPatches: - op: remove diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index bfe83bf1b65..fea045c6e83 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -851,8 +851,9 @@ type ContainerRuntimeConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, // which is subject to change over time. Currently, the default is `crun`. // +kubebuilder:validation:Enum=crun;runc;"" + // +kubebuilder:default:="" // +optional - DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` + DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime"` } type ContainerRuntimeDefaultRuntime string diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index 53e8363377a..f50c3798b8b 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,6 +53,7 @@ spec: runtime. properties: defaultRuntime: + default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc`, `crun`, and omitted (`""`). diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index 84b294e3350..65cbdb8c0c9 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -54,6 +54,7 @@ spec: runtime. properties: defaultRuntime: + default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc`, `crun`, and omitted (`""`). diff --git a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index 53e8363377a..f50c3798b8b 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,6 +53,7 @@ spec: runtime. properties: defaultRuntime: + default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc`, `crun`, and omitted (`""`). From a2633479c55757d9e934da4dd9ad6ce806d624ed Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Wed, 2 Jul 2025 16:01:43 +0530 Subject: [PATCH 06/10] OCPNODE-3372: Remove omitempty from defaultRuntime as its handled in MCO with additional test cases --- .../AAA_ungated.yaml | 4 ++-- machineconfiguration/v1/types.go | 7 +++---- .../v1/zz_generated.swagger_doc_generated.go | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index ca31d366368..b1787ea0d09 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -3,7 +3,7 @@ name: "ContainerRuntimeConfig" crdName: containerruntimeconfigs.machineconfiguration.openshift.io tests: onCreate: - - name: Should be able to create a minimal ContainerRuntimeConfig and default runtime set + - name: Should be able to create a minimal ContainerRuntimeConfig initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig @@ -14,4 +14,4 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: "" + defaultRuntime: crun diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index fea045c6e83..28f8def1791 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -845,15 +845,14 @@ type ContainerRuntimeConfiguration struct { OverlaySize *resource.Quantity `json:"overlaySize,omitempty"` // defaultRuntime is the name of the OCI runtime to be used as the default for containers. - // Allowed values are `runc`, `crun`, and omitted (`""`). + // Allowed values are `runc` and `crun`. // When set to `runc`, OpenShift will use runc to execute the container // When set to `crun`, OpenShift will use crun to execute the container // When omitted, this means no opinion and the platform is left to choose a reasonable default, // which is subject to change over time. Currently, the default is `crun`. - // +kubebuilder:validation:Enum=crun;runc;"" - // +kubebuilder:default:="" + // +kubebuilder:validation:Enum=crun;runc // +optional - DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime"` + DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` } type ContainerRuntimeDefaultRuntime string diff --git a/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 7fe27888c32..28271fc410c 100644 --- a/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -79,7 +79,7 @@ var map_ContainerRuntimeConfiguration = map[string]string{ "logLevel": "logLevel specifies the verbosity of the logs based on the level it is set to. Options are fatal, panic, error, warn, info, and debug.", "logSizeMax": "logSizeMax specifies the Maximum size allowed for the container log file. Negative numbers indicate that no size limit is imposed. If it is positive, it must be >= 8192 to match/exceed conmon's read buffer.", "overlaySize": "overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB)", - "defaultRuntime": "defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc`, `crun`, and omitted (`\"\"`). When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently, the default is `crun`.", + "defaultRuntime": "defaultRuntime is the name of the OCI runtime to be used as the default for containers. Allowed values are `runc` and `crun`. When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently, the default is `crun`.", } func (ContainerRuntimeConfiguration) SwaggerDoc() map[string]string { From 989d3ccd19451885caf9eee48ce375c8a2fe1b5d Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Wed, 2 Jul 2025 16:17:52 +0530 Subject: [PATCH 07/10] OCPNODE-3372: Remove omitempty from defaultRuntime as its handled in MCO with additional test cases --- .../AAA_ungated.yaml | 3 +-- machineconfiguration/v1/types.go | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index b1787ea0d09..b35227cb056 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -13,5 +13,4 @@ tests: apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: - containerRuntimeConfig: - defaultRuntime: crun + containerRuntimeConfig: {} \ No newline at end of file diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index 28f8def1791..7d81c1c5f45 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -850,7 +850,7 @@ type ContainerRuntimeConfiguration struct { // When set to `crun`, OpenShift will use crun to execute the container // When omitted, this means no opinion and the platform is left to choose a reasonable default, // which is subject to change over time. Currently, the default is `crun`. - // +kubebuilder:validation:Enum=crun;runc + // +kubebuilder:validation:Enum=crun;runc;"" // +optional DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` } From 07574ba647d2907fd4565eab97ae20b23131d1fa Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Thu, 10 Jul 2025 09:20:46 +0530 Subject: [PATCH 08/10] OCPNODE-3372: Readd omitempty for defaultRuntime as its handled in MCO with additional test cases --- .../DefaultRuntimeConfig.yaml | 21 +++++++------------ machineconfiguration/v1/types.go | 2 +- ...config_01_containerruntimeconfigs.crd.yaml | 4 +--- .../AAA_ungated.yaml | 4 +--- 4 files changed, 10 insertions(+), 21 deletions(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml index 98911d029eb..e10c6035e6b 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -3,19 +3,14 @@ name: "ContainerRuntimeConfig" crdName: containerruntimeconfigs.machineconfiguration.openshift.io tests: onCreate: - - name: Should not fail if set to empty string + - name: Should fail if set to empty string initial: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: defaultRuntime: "" - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: ContainerRuntimeConfig - spec: - containerRuntimeConfig: - defaultRuntime: "" + expectedError: "spec.containerRuntimeConfig.defaultRuntime: Unsupported value: \"\": supported values: \"crun\", \"runc\"" - name: Should not fail if not set and other fields set initial: | apiVersion: machineconfiguration.openshift.io/v1 @@ -28,7 +23,6 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: "" logLevel: info - name: Should fail if set to a number initial: | @@ -37,7 +31,7 @@ tests: spec: containerRuntimeConfig: defaultRuntime: 1234 - expectedError: "spec.containerRuntimeConfig.defaultRuntime: Invalid value: \"integer\": spec.containerRuntimeConfig.defaultRuntime in body must be of type string: \"integer\", spec.containerRuntimeConfig.defaultRuntime: Unsupported value: 1234: supported values: \"crun\", \"runc\", \"\"" + expectedError: "spec.containerRuntimeConfig.defaultRuntime: Invalid value: \"integer\": spec.containerRuntimeConfig.defaultRuntime in body must be of type string: \"integer\", spec.containerRuntimeConfig.defaultRuntime: Unsupported value: 1234: supported values: \"crun\", \"runc\"" - name: Should fail if set to a blank string initial: | apiVersion: machineconfiguration.openshift.io/v1 @@ -45,7 +39,7 @@ tests: spec: containerRuntimeConfig: defaultRuntime: " " - expectedError: "Unsupported value: \" \": supported values: \"crun\", \"runc\", \"\"" + expectedError: "Unsupported value: \" \": supported values: \"crun\", \"runc\"" - name: Should fail if invalid ContainerRuntimeConfig is provided initial: | apiVersion: machineconfiguration.openshift.io/v1 @@ -53,7 +47,7 @@ tests: spec: containerRuntimeConfig: defaultRuntime: docker - expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\", \"\"" + expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\"" - name: Should be able to set crun in ContainerRuntimeConfig initial: | apiVersion: machineconfiguration.openshift.io/v1 @@ -92,7 +86,7 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: "" + defaultRuntime: crun logLevel: fatal updated: | apiVersion: machineconfiguration.openshift.io/v1 @@ -101,7 +95,7 @@ tests: containerRuntimeConfig: defaultRuntime: docker logLevel: info - expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\", \"\"" + expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\"" - name: Should be able to update from not set to default when other params are set initial: | apiVersion: machineconfiguration.openshift.io/v1 @@ -119,7 +113,6 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: "" logLevel: info - name: Should be able to update from runc to crun with other parameters initialCRDPatches: diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index 7d81c1c5f45..28f8def1791 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -850,7 +850,7 @@ type ContainerRuntimeConfiguration struct { // When set to `crun`, OpenShift will use crun to execute the container // When omitted, this means no opinion and the platform is left to choose a reasonable default, // which is subject to change over time. Currently, the default is `crun`. - // +kubebuilder:validation:Enum=crun;runc;"" + // +kubebuilder:validation:Enum=crun;runc // +optional DefaultRuntime ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` } diff --git a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index f50c3798b8b..0ef5e23370c 100644 --- a/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,10 +53,9 @@ spec: runtime. properties: defaultRuntime: - default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. - Allowed values are `runc`, `crun`, and omitted (`""`). + Allowed values are `runc` and `crun`. When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, @@ -64,7 +63,6 @@ spec: enum: - crun - runc - - "" type: string logLevel: description: |- diff --git a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index 65cbdb8c0c9..b8147da0ff6 100644 --- a/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -54,10 +54,9 @@ spec: runtime. properties: defaultRuntime: - default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. - Allowed values are `runc`, `crun`, and omitted (`""`). + Allowed values are `runc` and `crun`. When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, @@ -65,7 +64,6 @@ spec: enum: - crun - runc - - "" type: string logLevel: description: |- From 07651b395b43ec4d2ee130ee02167d01d7b81d19 Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Thu, 10 Jul 2025 09:21:37 +0530 Subject: [PATCH 09/10] OCPNODE-3372: Readd omitempty for defaultRuntime as its handled in MCO with additional test cases --- ...0000_80_machine-config_01_containerruntimeconfigs.crd.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml index f50c3798b8b..0ef5e23370c 100644 --- a/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ b/payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml @@ -53,10 +53,9 @@ spec: runtime. properties: defaultRuntime: - default: "" description: |- defaultRuntime is the name of the OCI runtime to be used as the default for containers. - Allowed values are `runc`, `crun`, and omitted (`""`). + Allowed values are `runc` and `crun`. When set to `runc`, OpenShift will use runc to execute the container When set to `crun`, OpenShift will use crun to execute the container When omitted, this means no opinion and the platform is left to choose a reasonable default, @@ -64,7 +63,6 @@ spec: enum: - crun - runc - - "" type: string logLevel: description: |- From 3ae73f9bc43d8da37e08efd2b852e61027eccfad Mon Sep 17 00:00:00 2001 From: Neeraj Krishna Gopalakrishna Date: Fri, 11 Jul 2025 08:23:26 +0530 Subject: [PATCH 10/10] OCPNODE-3372: Re-add omitempty for defaultRuntime as its handled in MCO with additional test cases --- .../AAA_ungated.yaml | 2 +- .../DefaultRuntimeConfig.yaml | 40 +++++-------------- 2 files changed, 11 insertions(+), 31 deletions(-) diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml index b35227cb056..df99315587d 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml @@ -13,4 +13,4 @@ tests: apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: - containerRuntimeConfig: {} \ No newline at end of file + containerRuntimeConfig: {} diff --git a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml index e10c6035e6b..abde61c165b 100644 --- a/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml +++ b/machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/DefaultRuntimeConfig.yaml @@ -77,7 +77,7 @@ tests: defaultRuntime: runc logLevel: info onUpdate: - - name: Should not be able to update from default to invalid value + - name: Case 1 - Change another field - Should be able to update other parameters with invalid defaultRuntime initialCRDPatches: - op: remove path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum @@ -86,7 +86,7 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: crun + defaultRuntime: docker logLevel: fatal updated: | apiVersion: machineconfiguration.openshift.io/v1 @@ -95,26 +95,14 @@ tests: containerRuntimeConfig: defaultRuntime: docker logLevel: info - expectedError: "Unsupported value: \"docker\": supported values: \"crun\", \"runc\"" - - name: Should be able to update from not set to default when other params are set - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: ContainerRuntimeConfig - spec: - containerRuntimeConfig: {} - updated: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: ContainerRuntimeConfig - spec: - containerRuntimeConfig: - logLevel: info expected: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: + defaultRuntime: docker logLevel: info - - name: Should be able to update from runc to crun with other parameters + - name: Case 2 - Remove the field - Should be able to update from invalid to removed initialCRDPatches: - op: remove path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum @@ -123,23 +111,18 @@ tests: kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: runc - logLevel: fatal + defaultRuntime: docker updated: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: - containerRuntimeConfig: - defaultRuntime: crun - logLevel: info + containerRuntimeConfig: {} expected: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: - containerRuntimeConfig: - defaultRuntime: crun - logLevel: info - - name: Should be able to update other parameters with invalid defaultRuntime + containerRuntimeConfig: {} + - name: Case 3 - Update the field - Should be able to update from invalid to correct value initialCRDPatches: - op: remove path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/containerRuntimeConfig/properties/defaultRuntime/enum @@ -149,18 +132,15 @@ tests: spec: containerRuntimeConfig: defaultRuntime: docker - logLevel: fatal updated: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: docker - logLevel: info + defaultRuntime: runc expected: | apiVersion: machineconfiguration.openshift.io/v1 kind: ContainerRuntimeConfig spec: containerRuntimeConfig: - defaultRuntime: docker - logLevel: info + defaultRuntime: runc