OCPCLOUD-2998: Add synchronizedAPI to Machine and MachineSet status

[RadekManak]

Summary

This PR adds a new synchronizedAPI status field to Machine and MachineSet resources to support migration cancellation in the Machine API Migration feature.

New Field

• status.synchronizedAPI: Tracks the API that was last successfully synchronized before status.authoritativeAPI transitioned to Migrating. Valid values are MachineAPI and ClusterAPI.

Purpose

Currently, we determine the direction of migration by checking the value of spec.authoritativeAPI. This works for the base case, but it doesn't work when a migration becomes stuck in status.authoritativeAPI: Migrating and the user, to unblock the migration, changes spec.authoritativeAPI back to the original value.

At that point, we need to reliably determine which direction we were trying to migrate when we got stuck. The synchronizedAPI field captures this information, allowing us to:

1. Identify the source API of the migration (where we came from)
2. Detect when the user requests a rollback (spec.authoritativeAPI matches status.synchronizedAPI while in Migrating state)
3. Apply the correct rollback procedure to undo any partial migration steps (e.g., unpausing the correct resources)

Without this field, once the user changes spec.authoritativeAPI back, we lose the information about the original migration direction and cannot safely restore the system to its previous state.

Behavior

1. The migration controller sets status.synchronizedAPI to the current status.authoritativeAPI value before transitioning to Migrating
2. During migration, synchronizedAPI remains unchanged, preserving the source API
3. On successful migration completion, synchronizedAPI is updated to reflect the new authoritative API
4. If the user sets spec.authoritativeAPI back to match status.synchronizedAPI while in Migrating state, the migration controller detects this as a cancellation request, unpauses the appropriate resources, and returns to the previous state

Validation

• Once set, the field cannot be cleared (immutable non-empty rule on Machine CRD)
• Only valid values: MachineAPI, ClusterAPI

Implementation

The controller implementation is available at: openshift/cluster-capi-operator#376

[openshift-ci-robot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[openshift-ci-robot]

@RadekManak: This pull request references OCPCLOUD-2998 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Summary

This PR adds a new synchronizedAPI status field to Machine and MachineSet resources to support migration cancellation in the Machine API Migration feature.

New Field

• status.synchronizedAPI: Tracks the API that was last successfully synchronized before status.authoritativeAPI transitioned to Migrating. Valid values are MachineAPI and ClusterAPI.

Purpose

Currently, we determine the direction of migration by checking the value of spec.authoritativeAPI. This works for the base case, but it doesn't work when a migration becomes stuck in status.authoritativeAPI: Migrating and the user, to unblock the migration, changes spec.authoritativeAPI back to the original value.

At that point, we need to reliably determine which direction we were trying to migrate when we got stuck. The synchronizedAPI field captures this information, allowing us to:

1. Identify the source API of the migration (where we came from)
2. Detect when the user requests a rollback (spec.authoritativeAPI matches status.synchronizedAPI while in Migrating state)
3. Apply the correct rollback procedure to undo any partial migration steps (e.g., unpausing the correct resources)

Without this field, once the user changes spec.authoritativeAPI back, we lose the information about the original migration direction and cannot safely restore the system to its previous state.

Behavior

1. The migration controller sets status.synchronizedAPI to the current status.authoritativeAPI value before transitioning to Migrating
2. During migration, synchronizedAPI remains unchanged, preserving the source API
3. On successful migration completion, synchronizedAPI is updated to reflect the new authoritative API
4. If the user sets spec.authoritativeAPI back to match status.synchronizedAPI while in Migrating state, the migration controller detects this as a cancellation request, unpauses the appropriate resources, and returns to the previous state

Validation

• Once set, the field cannot be cleared (immutable non-empty rule on Machine CRD)
• Only valid values: MachineAPI, ClusterAPI

Implementation

The controller implementation is available at: openshift/cluster-capi-operator#376

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

Hello @RadekManak! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

[coderabbitai]

📝 Walkthrough

Walkthrough

Added a new exported string type SynchronizedAPI with constants MachineAPISynchronized and ClusterAPISynchronized. Introduced an optional synchronizedAPI field (type SynchronizedAPI) to MachineStatus and MachineSetStatus. Added kubebuilder/feature-gate/validation markers and updated generated Swagger/OpenAPI docs and schemas to include the new property.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding a synchronizedAPI field to Machine and MachineSet status resources.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, explaining the purpose, behavior, and validation of the new synchronizedAPI field.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 4019d49 and fa48e18.

⛔ Files ignored due to path filters (8)

• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machines.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machinesets.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**

📒 Files selected for processing (4)

• machine/v1beta1/types_machine.go
• machine/v1beta1/types_machineset.go
• machine/v1beta1/zz_generated.swagger_doc_generated.go
• openapi/generated_openapi/zz_generated.openapi.go

🚧 Files skipped from review as they are similar to previous changes (1)

• machine/v1beta1/types_machine.go

🧰 Additional context used

🧬 Code graph analysis (1)

machine/v1beta1/types_machineset.go (1)

machine/v1beta1/types_machine.go (1)

• SynchronizedAPI (190-190)

🔇 Additional comments (4)

machine/v1beta1/zz_generated.swagger_doc_generated.go (1)

629-629: LGTM!

The Swagger documentation for synchronizedAPI is correctly added to both MachineStatus and MachineSetStatus maps. The description accurately reflects the field's purpose for migration cancellation detection and restoration.

Also applies to: 733-733

machine/v1beta1/types_machineset.go (1)

171-178: LGTM! Enum validation is correctly defined on the SynchronizedAPI type.

The field is correctly added with appropriate feature gate annotation and documentation. The structure mirrors the Machine CRD implementation, with enum validation +kubebuilder:validation:Enum=MachineAPI;ClusterAPI defined on the type itself. Both Machine and MachineSet define the field identically with +optional and without explicit immutability constraints on the synchronizedAPI field itself. If an immutable non-empty validation rule is required, it should be added consistently to both CRDs via an XValidation rule.

openapi/generated_openapi/zz_generated.openapi.go (2)

42814-42820: LGTM — Generated schema correctly reflects the new synchronizedAPI field.

The OpenAPI schema for MachineSetStatus properly includes the new field with appropriate type (string) and documentation. The description accurately captures the field's purpose for migration cancellation detection.

Note: Enum validation for valid values (MachineAPI, ClusterAPI) is handled by kubebuilder validation markers on the source type rather than in the OpenAPI schema, which is the standard pattern for this codebase.

---

43006-43012: LGTM — Consistent synchronizedAPI addition to MachineStatus.

The schema update for MachineStatus mirrors the MachineSetStatus change, maintaining consistency across both resource types as expected for the migration feature.

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.5.0)

Error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented
The command is terminated due to an error: build linters: unable to load custom analyzer "kubeapilinter": tools/_output/bin/kube-api-linter.so, plugin: not implemented

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Fix all issues with AI agents

In @machine/v1beta1/types_machineset.go:
- Around line 171-179: Add the same immutability XValidation annotations used in
the Machine CRD to both MachineSetStatus.authoritativeAPI and
MachineSetStatus.synchronizedAPI so they cannot be cleared once set: apply
+kubebuilder:validation:XValidation:rule="oldSelf == '' || self !=
''",message="The <field> field must not be set empty once it has a value."
(replace <field> with authoritativeAPI and synchronizedAPI respectively) on the
corresponding fields (AuthoritativeAPI and SynchronizedAPI) to enforce the "once
set cannot be cleared" behavior.
- Around line 171-179: MachineSetStatus's synchronizedAPI field lacks the
XValidation immutability rule present on MachineStatus; add the same kubebuilder
XValidation annotation to the SynchronizedAPI field in MachineSetStatus so it
prevents clearing the field once set (use the rule: oldSelf == '' || self != ''
with the message "The synchronizedAPI field must not be set empty once it has a
value."), placing the annotation immediately above the SynchronizedAPI field
declaration so it applies to that field.

In @openapi/generated_openapi/zz_generated.openapi.go:
- Around line 42610-42616: The generated OpenAPI for the status.synchronizedAPI
string is missing the Enum entries even though the source types
(types_machineset.go / types_machine.go) include the kubebuilder enum marker;
confirm the exact marker `// +kubebuilder:validation:Enum=MachineAPI;ClusterAPI`
is placed on the field/type, upgrade/controller-gen to a version that supports
enum translation if needed, then re-run the openapi generation (controller-gen
or the repo's make generate) so the SchemaProps for synchronizedAPI (and the
other occurrence) include Enum: []interface{}{"MachineAPI","ClusterAPI"}; if
controller-gen is already current but still failing, check generator
config/hooks for filtering of validation tags and adjust so kubebuilder
validation markers are propagated into zz_generated.openapi.go.
- Around line 42802-42808: The OpenAPI schema for the synchronizedAPI property
is missing the Enum constraint; update the SchemaProps for "synchronizedAPI" in
zz_generated.openapi.go to include Enum: []interface{}{"MachineAPI",
"ClusterAPI"} (matching the +kubebuilder:validation:Enum marker) so the
generated schema enforces those values; ideally regenerate the OpenAPI with the
generator that respects kubebuilder tags, or directly add the Enum entry next to
Type/Format in the synchronizedAPI SchemaProps to match other enum fields.

🧹 Nitpick comments (2)

machine/v1beta1/types_machine.go (2)

415-415: LGTM! Validation logic correctly prevents clearing the field.

The immutable-non-empty validation rule is implemented correctly and aligns with the PR requirements. The logic properly allows initial setting while preventing the field from being cleared once it has a value.

Minor style suggestion for consistency

For consistency with the validation rule on line 414, consider adding a space after the || operator:

-	// +kubebuilder:validation:XValidation:rule="oldSelf == ''|| self != ''",message="The authoritativeAPI field must not be set empty once it has a value."
+	// +kubebuilder:validation:XValidation:rule="oldSelf == '' || self != ''",message="The authoritativeAPI field must not be set empty once it has a value."

---

420-429: LGTM! Well-documented field with correct validation constraints.

The synchronizedAPI field is properly implemented with:

• Clear, comprehensive documentation explaining its purpose and lifecycle
• Correct enum validation allowing only stable states (MachineAPI, ClusterAPI) - appropriately excluding "Migrating"
• Immutable-non-empty validation preventing the field from being cleared once set
• Proper type safety using the custom SynchronizedAPI type
• Appropriate feature gating

The implementation correctly addresses all requirements from the PR description for migration cancellation support.

Minor style suggestion for consistency

For consistency with the validation rule on line 414, consider adding a space after the || operator:

-	// +kubebuilder:validation:XValidation:rule="oldSelf == ''|| self != ''",message="The synchronizedAPI field must not be set empty once it has a value."
+	// +kubebuilder:validation:XValidation:rule="oldSelf == '' || self != ''",message="The synchronizedAPI field must not be set empty once it has a value."

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 6d35063 and 8d088e5.

⛔ Files ignored due to path filters (8)

• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machines.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machinesets.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**

📒 Files selected for processing (4)

• machine/v1beta1/types_machine.go
• machine/v1beta1/types_machineset.go
• machine/v1beta1/zz_generated.swagger_doc_generated.go
• openapi/generated_openapi/zz_generated.openapi.go

🧰 Additional context used

🧬 Code graph analysis (1)

machine/v1beta1/types_machineset.go (1)

machine/v1beta1/types_machine.go (1)

• SynchronizedAPI (188-188)

🔇 Additional comments (3)

machine/v1beta1/zz_generated.swagger_doc_generated.go (1)

629-629: LGTM: Generated documentation is consistent.

The Swagger documentation entries for synchronizedAPI in both MachineStatus (line 629) and MachineSetStatus (line 733) are consistent and accurately reflect the field semantics described in the type definitions.

Note: This is an auto-generated file (as indicated by line 11), so these entries will be regenerated if the source comments change.

Also applies to: 733-733

machine/v1beta1/types_machineset.go (1)

179-179: SynchronizedAPI type definition is correct.

The type is properly defined in machine/v1beta1/types_machine.go with both required constants (MachineAPISynchronized and ClusterAPISynchronized) correctly typed and valued, matching the enum validation (Enum=MachineAPI;ClusterAPI) specified on the field.

machine/v1beta1/types_machine.go (1)

188-196: LGTM! Clean type definition with clear constants.

The new SynchronizedAPI type and constants are well-structured and follow the existing pattern of MachineAuthority. The string values correctly match the enum validation used in the field definition, and the documentation clearly explains each constant's purpose.

[RadekManak]

/assign @JoelSpeed

[JoelSpeed]

Probably better to add this on the type itself

[JoelSpeed]

What's the motivation on this one? Empty isn't actually a valid value so it would be rejected anyway?

Were you trying to make sure it cannot be removed once set? If so, you need a CEL rule on the parent struct, not on the field itself

[RadekManak]

I wanted to make sure a hypothetical error in the controller does not remove the value by accident. Removed this as it is not required.

[JoelSpeed]

Having a rule to prevent it from being removed makes sense, it was just in the wrong place, lets add one to the parent struct that prevents this child from being removed in an update

[JoelSpeed]

Omitted doesn't actually mean an empty value, it means the key isn't present

[JoelSpeed]

Source of the last successful synchronization wasn't it?

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

machine/v1beta1/types_machine.go (1)

330-435: Missing validation to enforce "cannot be cleared once set" for status.synchronizedAPI.

Both MachineStatus and MachineSetStatus are missing validation to prevent synchronizedAPI from being cleared after it is initially set. The field is marked +optional, allowing it to be dropped on full-object updates. The PR objectives require this field to remain non-clearable once set.

While synchronizedGeneration has appropriate FeatureGateAwareXValidation in place, an equivalent rule is needed for synchronizedAPI:

Proposed fix (FeatureGate-aware XValidation)

 // MachineStatus defines the observed state of Machine
 // +openshift:validation:FeatureGateAwareXValidation:featureGate=MachineAPIMigration,rule="!has(oldSelf.synchronizedGeneration) || (has(self.synchronizedGeneration) && self.synchronizedGeneration >= oldSelf.synchronizedGeneration) || (oldSelf.authoritativeAPI == 'Migrating' && self.authoritativeAPI != 'Migrating')",message="synchronizedGeneration must not decrease unless authoritativeAPI is transitioning from Migrating to another value"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=MachineAPIMigration,rule="!has(oldSelf.synchronizedAPI) || has(self.synchronizedAPI)",message="synchronizedAPI cannot be cleared once set"
 type MachineStatus struct {

Apply the same fix to MachineSetStatus in types_machineset.go.

🧹 Nitpick comments (1)

machine/v1beta1/types_machine.go (1)

188-198: New SynchronizedAPI type/enum is fine; consider constant naming alignment (optional).
The Enum + two constants are clear. Optionally, consider names that mirror MachineAuthority* style (e.g., SynchronizedAPIMachineAPI, SynchronizedAPIClusterAPI) for scan-ability.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 8d088e5 and 4019d49.

⛔ Files ignored due to path filters (8)

• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machines-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-CustomNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-DevPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.crd-manifests/0000_10_machine-api_01_machinesets-TechPreviewNoUpgrade.crd.yaml is excluded by !**/zz_generated.crd-manifests/*
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machines.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**
• machine/v1beta1/zz_generated.featuregated-crd-manifests/machinesets.machine.openshift.io/MachineAPIMigration.yaml is excluded by !**/zz_generated.featuregated-crd-manifests/**

📒 Files selected for processing (4)

• machine/v1beta1/types_machine.go
• machine/v1beta1/types_machineset.go
• machine/v1beta1/zz_generated.swagger_doc_generated.go
• openapi/generated_openapi/zz_generated.openapi.go

🚧 Files skipped from review as they are similar to previous changes (1)

• machine/v1beta1/types_machineset.go

🔇 Additional comments (2)

machine/v1beta1/zz_generated.swagger_doc_generated.go (2)

617-631: MachineStatus.synchronizedAPI swagger doc looks consistent with the new field semantics.
Doc describes “last stable authoritativeAPI”, cancellation/restore intent, allowed values, and “omitted” behavior.

---

723-735: MachineSetStatus.synchronizedAPI swagger doc looks consistent with the new field semantics.
Same semantics as MachineStatus; wording and allowed values match the intended contract.

[RadekManak]

Added the suggested changes and rewrote the description to be simpler and without implementation details.

[JoelSpeed]

/lgtm

This is fine as is, we may still want the removal protection thing we discussed but can follow up for that one

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JoelSpeed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [JoelSpeed]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@RadekManak: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.