WIP: OCPNODE-4060: Add additional storage configuration fields to ContainerRuntimeConfig

[saschagrunert]

User description

This enhancement extends ContainerRuntimeConfig API with three features for improved container storage flexibility:

• additionalLayerStores: Enable lazy image pulling via storage plugins (BYOS approach with stargz-snapshotter, nydus-storage-plugin)

• additionalImageStores: Read-only container image caches on shared or high-performance storage (NFS, SSD) for faster startup and reduced network overhead

• additionalArtifactStores: Configurable OCI artifact storage locations (SSD-backed storage, pre-populated caches, air-gapped deployments)

All features target AI/ML workload performance improvements and will ship as Tech Preview in 4.22 behind TechPreviewNoUpgrade feature gate.

Path-based configuration with graceful fallback to standard behavior on failure. Unified API design pattern across all three features.

Requires openshift/enhancements#1934

---

PR Type

Enhancement

---

Description

• Add three new storage configuration fields to ContainerRuntimeConfig API

  • additionalLayerStores: Enable lazy image pulling via storage plugins
  • additionalImageStores: Read-only container image caches on shared/high-performance storage
  • additionalArtifactStores: Configurable OCI artifact storage locations

• Implement comprehensive validation with path constraints and item limits

  • Path validation: absolute paths, 1-256 characters, alphanumeric/slash/underscore/hyphen only
  • Layer stores: max 5 items, image/artifact stores: max 10 items each

• Generate required Kubernetes API machinery code and CRD manifests

  • DeepCopy functions for all three new types
  • Swagger documentation and validation rules

• Add comprehensive test suite validating all storage configuration scenarios

---

Diagram Walkthrough

flowchart LR
  CRC["ContainerRuntimeConfig"]
  ALS["AdditionalLayerStores<br/>max 5 items"]
  AIS["AdditionalImageStores<br/>max 10 items"]
  AAS["AdditionalArtifactStores<br/>max 10 items"]
  VAL["Path Validation<br/>absolute, 1-256 chars"]
  CRC -->|adds| ALS
  CRC -->|adds| AIS
  CRC -->|adds| AAS
  ALS -->|enforces| VAL
  AIS -->|enforces| VAL
  AAS -->|enforces| VAL

Loading

File Walkthrough

	Relevant files
Enhancement	types.go Define storage configuration types and validation rules    machineconfiguration/v1/types.go Add three new fields to ContainerRuntimeConfiguration struct: AdditionalLayerStores, AdditionalImageStores, AdditionalArtifactStores Define three new types: AdditionalLayerStore, AdditionalImageStore, AdditionalArtifactStore with path field Add comprehensive validation rules via kubebuilder annotations (MinLength, MaxLength, XValidation regex, MinItems, MaxItems) Include detailed documentation comments explaining purpose, constraints, and behavior of each field +111/-0
Miscellaneous	zz_generated.deepcopy.go Auto-generate deepcopy functions for storage types              machineconfiguration/v1/zz_generated.deepcopy.go Generate DeepCopyInto and DeepCopy methods for AdditionalLayerStore type Generate DeepCopyInto and DeepCopy methods for AdditionalImageStore type Generate DeepCopyInto and DeepCopy methods for AdditionalArtifactStore type Update ContainerRuntimeConfiguration DeepCopyInto to handle new storage configuration fields +63/-0
Documentation	zz_generated.swagger_doc_generated.go Generate swagger documentation for storage types                  machineconfiguration/v1/zz_generated.swagger_doc_generated.go Add swagger documentation maps for AdditionalLayerStore, AdditionalImageStore, AdditionalArtifactStore Update ContainerRuntimeConfiguration swagger map with three new storage configuration fields Include detailed field descriptions for API documentation generation +36/-6
Tests	AdditionalStorageConfig.yaml Add comprehensive validation test suite                                    machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AdditionalStorageConfig.yaml Add 13 comprehensive test cases validating additionalLayerStores configuration Add 2 test cases validating additionalImageStores and additionalArtifactStores max item limits Add 1 combined test case validating all three storage types with existing fields Test scenarios include: valid configurations, empty paths, non-absolute paths, spaces, invalid characters, length limits, item count limits, missing required fields +173/-0
Configuration changes	0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Update CRD manifest with storage configuration schema        machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in CRD manifest +126/-0  AAA_ungated.yaml Update featuregated CRD manifest with storage configuration machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in featuregated CRD manifest +126/-0  0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Update payload CRD manifest with storage configuration      payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in payload CRD manifest +126/-0

---

[openshift-ci-robot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[openshift-ci-robot]

@saschagrunert: This pull request references OCPNODE-4060 which is a valid jira issue.

Details

In response to this:

This enhancement extends ContainerRuntimeConfig API with three features for improved container storage flexibility:

• additionalLayerStores: Enable lazy image pulling via storage plugins (BYOS approach with stargz-snapshotter, nydus-storage-plugin)

• additionalImageStores: Read-only container image caches on shared or high-performance storage (NFS, SSD) for faster startup and reduced network overhead

• additionalArtifactStores: Configurable OCI artifact storage locations (SSD-backed storage, pre-populated caches, air-gapped deployments)

All features target AI/ML workload performance improvements and will ship as Tech Preview in 4.22 behind TechPreviewNoUpgrade feature gate.

Path-based configuration with graceful fallback to standard behavior on failure. Unified API design pattern across all three features.

Requires openshift/enhancements#1934

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds three new fields to ContainerRuntimeConfiguration: AdditionalLayerStores, AdditionalImageStores, and AdditionalArtifactStores, with corresponding public types AdditionalLayerStore, AdditionalImageStore, and AdditionalArtifactStore. Generates deepcopy and Swagger documentation for the new types. Introduces a new feature gate FeatureGateAdditionalStorageConfig and enables it in various feature-gate manifests and the CRD featureGates list. Adds multiple CRD YAMLs for ContainerRuntimeConfig (v1) and a YAML test manifest covering creation and validation scenarios for the new storage fields.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: adding additional storage configuration fields to ContainerRuntimeConfig API, directly matching the core enhancement in the changeset.
Description check	✅ Passed	The description comprehensively explains the enhancement, detailing three new storage fields, validation rules, generated code artifacts, test coverage, and deployment target, all directly related to the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.5.0)

Error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented
The command is terminated due to an error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hello @saschagrunert! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

[openshift-ci-robot]

@saschagrunert: This pull request references OCPNODE-4060 which is a valid jira issue.

Details

In response to this:

User description

This enhancement extends ContainerRuntimeConfig API with three features for improved container storage flexibility:

• additionalLayerStores: Enable lazy image pulling via storage plugins (BYOS approach with stargz-snapshotter, nydus-storage-plugin)

• additionalImageStores: Read-only container image caches on shared or high-performance storage (NFS, SSD) for faster startup and reduced network overhead

• additionalArtifactStores: Configurable OCI artifact storage locations (SSD-backed storage, pre-populated caches, air-gapped deployments)

All features target AI/ML workload performance improvements and will ship as Tech Preview in 4.22 behind TechPreviewNoUpgrade feature gate.

Path-based configuration with graceful fallback to standard behavior on failure. Unified API design pattern across all three features.

Requires openshift/enhancements#1934

---

PR Type

Enhancement

---

Description

• Add three new storage configuration fields to ContainerRuntimeConfig API

• additionalLayerStores: Enable lazy image pulling via storage plugins

• additionalImageStores: Read-only container image caches on shared/high-performance storage

• additionalArtifactStores: Configurable OCI artifact storage locations

• Implement comprehensive validation with path constraints and item limits

• Path validation: absolute paths, 1-256 characters, alphanumeric/slash/underscore/hyphen only

• Layer stores: max 5 items, image/artifact stores: max 10 items each

• Generate required Kubernetes API machinery code and CRD manifests

• DeepCopy functions for all three new types

• Swagger documentation and validation rules

• Add comprehensive test suite validating all storage configuration scenarios

---

Diagram Walkthrough

flowchart LR
 CRC["ContainerRuntimeConfig"]
 ALS["AdditionalLayerStores<br/>max 5 items"]
 AIS["AdditionalImageStores<br/>max 10 items"]
 AAS["AdditionalArtifactStores<br/>max 10 items"]
 VAL["Path Validation<br/>absolute, 1-256 chars"]
 CRC -->|adds| ALS
 CRC -->|adds| AIS
 CRC -->|adds| AAS
 ALS -->|enforces| VAL
 AIS -->|enforces| VAL
 AAS -->|enforces| VAL

Loading

File Walkthrough

	Relevant files
Enhancement	types.go Define storage configuration types and validation rules    machineconfiguration/v1/types.go Add three new fields to ContainerRuntimeConfiguration struct: AdditionalLayerStores, AdditionalImageStores, AdditionalArtifactStores Define three new types: AdditionalLayerStore, AdditionalImageStore, AdditionalArtifactStore with path field Add comprehensive validation rules via kubebuilder annotations (MinLength, MaxLength, XValidation regex, MinItems, MaxItems) Include detailed documentation comments explaining purpose, constraints, and behavior of each field +111/-0
Miscellaneous	zz_generated.deepcopy.go Auto-generate deepcopy functions for storage types              machineconfiguration/v1/zz_generated.deepcopy.go Generate DeepCopyInto and DeepCopy methods for AdditionalLayerStore type Generate DeepCopyInto and DeepCopy methods for AdditionalImageStore type Generate DeepCopyInto and DeepCopy methods for AdditionalArtifactStore type Update ContainerRuntimeConfiguration DeepCopyInto to handle new storage configuration fields +63/-0
Documentation	zz_generated.swagger_doc_generated.go Generate swagger documentation for storage types                  machineconfiguration/v1/zz_generated.swagger_doc_generated.go Add swagger documentation maps for AdditionalLayerStore, AdditionalImageStore, AdditionalArtifactStore Update ContainerRuntimeConfiguration swagger map with three new storage configuration fields Include detailed field descriptions for API documentation generation +36/-6
Tests	AdditionalStorageConfig.yaml Add comprehensive validation test suite                                    machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AdditionalStorageConfig.yaml Add 13 comprehensive test cases validating additionalLayerStores configuration Add 2 test cases validating additionalImageStores and additionalArtifactStores max item limits Add 1 combined test case validating all three storage types with existing fields Test scenarios include: valid configurations, empty paths, non-absolute paths, spaces, invalid characters, length limits, item count limits, missing required fields +173/-0
Configuration changes	0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Update CRD manifest with storage configuration schema        machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in CRD manifest +126/-0  AAA_ungated.yaml Update featuregated CRD manifest with storage configuration machineconfiguration/v1/zz_generated.featuregated-crd-manifests/containerruntimeconfigs.machineconfiguration.openshift.io/AAA_ungated.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in featuregated CRD manifest +126/-0  0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Update payload CRD manifest with storage configuration      payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml Add CRD schema definitions for additionalLayerStores, additionalImageStores, additionalArtifactStores fields Include validation rules: minProperties, minLength, maxLength, minItems, maxItems, x-kubernetes-validations regex Add detailed descriptions and field documentation in payload CRD manifest +126/-0

---

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign joelspeed for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Allow dots in path regex Update the path validation regex to allow dots (.), making it less restrictive and supporting more common and valid path names. machineconfiguration/v1/types.go [970] -// +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/_-]+$')",message="path must be absolute and contain only alphanumeric characters, '/', '_', and '-'" +// +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/._-]+$')",message="path must be absolute and contain only alphanumeric characters, '.', '/', '_', and '-'" Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly points out that the validation regex for paths is too restrictive by not allowing dots, which are common in file and directory names. Allowing dots improves the feature's usability for valid use cases.	Medium
High-level	Consolidate redundant storage types into one The new types AdditionalLayerStore, AdditionalImageStore, and AdditionalArtifactStore are identical. They should be replaced with a single, reusable type to reduce code duplication and improve maintainability. Examples: machineconfiguration/v1/types.go [955-1016] type AdditionalLayerStore struct { // path is the absolute path to the additional layer store location. // // The path must exist on the node before configuration is applied. // When a container image is requested, layers found at this location will be used instead of // retrieving from the registry. // // This field is required and must: // - Have length between 1 and 256 characters // - Start with '/' (absolute path) ... (clipped 52 lines) Solution Walkthrough: Before: type AdditionalLayerStore struct { // +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/_-]+$')" Path string `json:"path,omitempty"` } type AdditionalImageStore struct { // +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/_-]+$')" Path string `json:"path,omitempty"` } type AdditionalArtifactStore struct { // +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/_-]+$')" Path string `json:"path,omitempty"` } After: type StoreLocation struct { // path is the absolute path to the store location. // +kubebuilder:validation:XValidation:rule="self.matches('^/[a-zA-Z0-9/_-]+$')" Path string `json:"path,omitempty"` } type ContainerRuntimeConfiguration struct { // ... AdditionalLayerStores []StoreLocation `json:"additionalLayerStores,omitempty"` AdditionalImageStores []StoreLocation `json:"additionalImageStores,omitempty"` AdditionalArtifactStores []StoreLocation `json:"additionalArtifactStores,omitempty"` } Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies structural duplication in the new types, and consolidating them would improve maintainability; however, keeping distinct types can be a deliberate design choice for future API evolution and clarity.	Low
General	Always serialize required path Remove the omitempty JSON tag from the required path field. This ensures the field is always serialized, aligning with its mandatory nature as defined by the CRD. machineconfiguration/v1/types.go [971] -Path string `json:"path,omitempty"` +Path string `json:"path"` Apply / Chat Suggestion importance[1-10]: 4 __ Why: The suggestion correctly identifies that omitempty is redundant on a required field that cannot be empty. Removing it improves code clarity and aligns the Go struct tag with the validation rules.	Low
Update

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@machineconfiguration/v1/types.go`:
- Around line 895-939: The new storage fields AdditionalLayerStores,
AdditionalImageStores, and AdditionalArtifactStores must be gated behind the
TechPreviewNoUpgrade feature gate; add the openshift feature-gate annotation
+openshift:enable:FeatureGate=TechPreviewNoUpgrade directly above each of those
field declarations in types.go so the CRD schema is only emitted when the
TechPreviewNoUpgrade gate is enabled (i.e., add the annotation to the comment
block for AdditionalLayerStores, AdditionalImageStores and
AdditionalArtifactStores).

🧹 Nitpick comments (1)

machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AdditionalStorageConfig.yaml (1)

6-173: Add a couple of path-validation cases for image/artifact stores.

Layer-store paths are thoroughly validated, but image/artifact store path constraints are only covered by max-items tests. A minimal invalid-path case for each would guard against drift.

✅ Proposed test additions

@@
     - name: Should fail if additionalImageStores exceeds maximum of 10 items
       initial: |
         apiVersion: machineconfiguration.openshift.io/v1
         kind: ContainerRuntimeConfig
         spec:
           containerRuntimeConfig:
             additionalImageStores:
               - path: /var/lib/store1
               - path: /var/lib/store2
               - path: /var/lib/store3
               - path: /var/lib/store4
               - path: /var/lib/store5
               - path: /var/lib/store6
               - path: /var/lib/store7
               - path: /var/lib/store8
               - path: /var/lib/store9
               - path: /var/lib/store10
               - path: /var/lib/store11
       expectedError: "additionalImageStores in body should have at most 10 items"
+
+    - name: Should fail if additionalImageStores path is not absolute
+      initial: |
+        apiVersion: machineconfiguration.openshift.io/v1
+        kind: ContainerRuntimeConfig
+        spec:
+          containerRuntimeConfig:
+            additionalImageStores:
+              - path: var/lib/images
+      expectedError: "path must be absolute and contain only alphanumeric characters, '/', '_', and '-'"
@@
     - name: Should fail if additionalArtifactStores exceeds maximum of 10 items
       initial: |
         apiVersion: machineconfiguration.openshift.io/v1
         kind: ContainerRuntimeConfig
         spec:
           containerRuntimeConfig:
             additionalArtifactStores:
               - path: /var/lib/store1
               - path: /var/lib/store2
               - path: /var/lib/store3
               - path: /var/lib/store4
               - path: /var/lib/store5
               - path: /var/lib/store6
               - path: /var/lib/store7
               - path: /var/lib/store8
               - path: /var/lib/store9
               - path: /var/lib/store10
               - path: /var/lib/store11
       expectedError: "additionalArtifactStores in body should have at most 10 items"
+
+    - name: Should fail if additionalArtifactStores path is not absolute
+      initial: |
+        apiVersion: machineconfiguration.openshift.io/v1
+        kind: ContainerRuntimeConfig
+        spec:
+          containerRuntimeConfig:
+            additionalArtifactStores:
+              - path: var/lib/artifacts
+      expectedError: "path must be absolute and contain only alphanumeric characters, '/', '_', and '-'"

[coderabbitai]

Actionable comments posted: 6

🤖 Fix all issues with AI agents

In `@features.md`:
- Line 27: The new table row with "AdditionalStorageConfig" violates MD060
(inconsistent pipe spacing); update the row so pipe characters align with the
table's existing spacing style (match spaces around pipes used by other rows),
ensuring consistent left/right spacing around each '|' and the same number of
cells as the header to fix the lint error for the line containing
"AdditionalStorageConfig".

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-CustomNoUpgrade.crd.yaml`:
- Around line 224-227: Fix the typo in the CRD description for
machineConfigPoolSelector under the ContainerRuntimeConfig resource: change
"shoud" to "should" in the description string for machineConfigPoolSelector to
read "machineConfigPoolSelector selects which pools the ContainerRuntimeConfig
should apply to."

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-Default.crd.yaml`:
- Around line 98-101: Typo: the description for machineConfigPoolSelector in the
ContainerRuntimeConfig CRD contains "shoud" instead of "should"; update the
source type definition that generates these CRDs (the ContainerRuntimeConfig
description field / machineConfigPoolSelector docstring) to correct "shoud" →
"should" so all generated CRD variants (machineConfigPoolSelector in
ContainerRuntimeConfig) get the fixed wording.

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-DevPreviewNoUpgrade.crd.yaml`:
- Around line 52-97: The CRD is missing the containerRuntimeConfig fields
additionalLayerStores, additionalImageStores, and additionalArtifactStores; add
these three properties under containerRuntimeConfig mirroring the
CustomNoUpgrade CRD's schema: each property should be an array of strings with
item length constraints (1-256 chars), pattern/validation matching the existing
CRD, and min/max item constraints (additionalLayerStores: minItems 1 maxItems 5;
additionalImageStores and additionalArtifactStores: minItems 1 maxItems 10);
ensure types and x-kubernetes validations align with
machineconfiguration/v1/types.go and the CustomNoUpgrade CRD definitions so
schema and validation are consistent.

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-TechPreviewNoUpgrade.crd.yaml`:
- Around line 98-101: Fix the typo in the CRD description for the field
machineConfigPoolSelector by changing "shoud" to "should" in both the
ContainerRuntimeConfig and the CustomNoUpgrade variant descriptions; locate the
description block under the machineConfigPoolSelector key and update the wording
to "machineConfigPoolSelector selects which pools the ContainerRuntimeConfig
should apply to." for both occurrences.
- Around line 1-97: The TechPreviewNoUpgrade CRD is missing the storage fields
controlled by the AdditionalStorageConfig feature gate (additionalLayerStores,
additionalImageStores, additionalArtifactStores); update the
ContainerRuntimeConfig schema under spec.containerRuntimeConfig in this CRD to
add those three fields with the same types/anyOf/x-kubernetes-int-or-string and
validation as the CustomNoUpgrade variant and annotate them the same way they
are annotated for the feature gate (i.e. the
+openshift:enable:FeatureGate=AdditionalStorageConfig behavior reflected in the
OpenAPI schema), or alternatively restrict the feature gate scope in
features/features.go to exclude TechPreviewNoUpgrade to keep schemas consistent
with the gate.

🧹 Nitpick comments (2)

machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AdditionalStorageConfig.yaml (2)

102-142: Consider adding positive test case for additionalImageStores.

The tests for additionalImageStores cover validation errors well (max items, non-absolute path, missing path), but there's no positive test case showing successful creation with valid image store paths, unlike additionalLayerStores which has one at lines 7-25.

---

143-183: Consider adding positive test case for additionalArtifactStores.

Similarly, additionalArtifactStores validation tests are present but a positive test case demonstrating successful creation with valid artifact store paths would provide more complete coverage.

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In
`@machineconfiguration/v1/tests/containerruntimeconfigs.machineconfiguration.openshift.io/AdditionalStorageConfig.yaml`:
- Line 45: Update the test expectations in AdditionalStorageConfig.yaml where
the expectedError string omits the '.' character: change the three occurrences
of expectedError ("path must be absolute and contain only alphanumeric
characters, '/', '_', and '-'") to include the '.' in the allowed-character list
(e.g., "path must be absolute and contain only alphanumeric characters, '/',
'_', '-', and '.'") so they match the CRD regex; the affected values are the
expectedError fields used in the test cases around the three entries currently
failing.

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-CustomNoUpgrade.crd.yaml`:
- Around line 164-174: The validation message for the additionalLayerStores
field is inconsistent: the description and the x-kubernetes-validations regular
expression (rule: self.matches('^/[a-zA-Z0-9/._-]+$')) allow the '.' character
but the message omits it; update the x-kubernetes-validations message to list
'/', '.', '_', and '-' (e.g., "path must be absolute and contain only
alphanumeric characters, '/', '.', '_', and '-'") so it matches the description
and the regex for additionalLayerStores and the rule
self.matches('^/[a-zA-Z0-9/._-]+$').

In
`@payload-manifests/crds/0000_80_machine-config_01_containerruntimeconfigs-DevPreviewNoUpgrade.crd.yaml`:
- Around line 224-227: Fix the typo in the CRD description for the
machineConfigPoolSelector field: change "shoud" to "should" in the description
string for machineConfigPoolSelector in the containerruntimeconfigs CRD (the
multi-line description under machineConfigPoolSelector).

[saschagrunert]

@qodo-code-review:

• "Allow dots in path regex": Should be addressed
• "Consolidate redundant storage types into one": I'm going to keep separate types for future API flexibility.
• "Always serialize required path": Omitempty is required, otherwise the linter will complain on purpose.

[openshift-ci]

@saschagrunert: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/integration	50e1e8a	link	true	/test integration

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.