MG-66: Remove proxy config from CR

[praveencodes]

Removes spec.proxyConfig as a result of improvements discussed in openshift/enhancements#1903.

The operator will observe egress proxy behaviour inherited from OLM env vars directly as a result; operator users (who install through OLM) requiring customization may choose to override these env vars through Subscription.spec.config.env alternatively.

[openshift-ci-robot]

@praveencodes: This pull request references MG-66 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

Details

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

Walkthrough

This PR removes per-CR proxy configuration from the MustGather API and related artifacts; proxy settings are now read exclusively from environment variables (HTTP_PROXY, HTTPS_PROXY, NO_PROXY). Changes include API/type removals, CRD updates, controller simplification, test pruning, docs/examples removal, and generation flag updates.

Changes

Cohort / File(s)	Summary
API types & generated code api/v1alpha1/mustgather_types.go, api/v1alpha1/zz_generated.deepcopy.go, api/v1alpha1/zz_generated.openapi.go	Removed ProxySpec type and the ProxyConfig field on MustGatherSpec; deleted deepcopy/OpenAPI generation for ProxySpec.
CRD manifests deploy/crds/operator.openshift.io_mustgathers.yaml, bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml	Removed spec.proxyConfig and its httpProxy/httpsProxy/noProxy properties from CRD schemas; updated controller-gen version annotation in deploy manifest.
Controller logic controllers/mustgather/template.go	Replaced CR-based proxy handling with unconditional environment-based reads via proxy.ReadProxyVarsFromEnv; removed conditional fallback logic.
Controller tests controllers/mustgather/template_test.go	Deleted tests and helpers that validated CR-provided proxy behavior; cleaned up now-unused imports.
Documentation & examples README.md, CLAUDE.md, examples/mustgather_proxy.yaml	Removed Proxy Support docs and the example that showed per-CR proxy configuration; updated textual guidance to reflect env-var-based proxy inheritance.
Build/generation flags boilerplate/openshift/golang-osd-operator/standard.mk	Switched OpenAPI generation invocation to explicit output flags (--output-dir, --output-pkg, --output-file, --go-header-file, --report-filename) replacing legacy positional flags.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between d4f535a and 8a861fd.

📒 Files selected for processing (11)

• CLAUDE.md
• README.md
• api/v1alpha1/mustgather_types.go
• api/v1alpha1/zz_generated.deepcopy.go
• api/v1alpha1/zz_generated.openapi.go
• boilerplate/openshift/golang-osd-operator/standard.mk
• bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml
• controllers/mustgather/template.go
• controllers/mustgather/template_test.go
• deploy/crds/operator.openshift.io_mustgathers.yaml
• examples/mustgather_proxy.yaml

💤 Files with no reviewable changes (6)

• controllers/mustgather/template_test.go
• examples/mustgather_proxy.yaml
• api/v1alpha1/mustgather_types.go
• README.md
• bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml
• api/v1alpha1/zz_generated.deepcopy.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• deploy/crds/operator.openshift.io_mustgathers.yaml
• api/v1alpha1/zz_generated.openapi.go
• controllers/mustgather/template.go
• CLAUDE.md
• boilerplate/openshift/golang-osd-operator/standard.mk

🔇 Additional comments (7)

api/v1alpha1/zz_generated.openapi.go (1)

12-13: LGTM - Generated code reflects API changes correctly.

The empty map return is expected since ProxySpec has been removed from the API. The generated code correctly reflects the removal of proxy configuration from the Custom Resource.

controllers/mustgather/template.go (1)

57-71: LGTM - Proxy configuration correctly migrated to environment variables.

The proxy handling now correctly reads from the operator's environment variables (HTTP_PROXY, HTTPS_PROXY, NO_PROXY) via proxy.ReadProxyVarsFromEnv(). The empty string initialization is safe since lines 279-287 only inject non-empty values into the upload container.

This is a breaking change: users who previously configured proxy settings in the MustGather CR must now set these environment variables in the operator's deployment instead.

deploy/crds/operator.openshift.io_mustgathers.yaml (1)

6-6: CRD correctly updated to remove proxy configuration.

The controller-gen version bump and removal of the proxyConfig field (including nested httpProxy, httpsProxy, noProxy) correctly reflect the API changes.

This is a breaking API change: existing MustGather resources using spec.proxyConfig will need to be updated, and the operator deployment must have the proxy environment variables configured instead.

CLAUDE.md (4)

71-71: Documentation correctly updated to reflect API changes.

The removal of proxyConfig from the key fields list accurately reflects the API changes in this PR.

---

97-97: Initialization flow correctly documented.

The reconciliation flow description now accurately reflects that only ServiceAccountRef is initialized from the cluster, with proxy configuration removed.

---

117-117: Proxy configuration approach clearly documented.

The design decision now clearly states that proxy settings are inherited from environment variables rather than configured per-CR, which aligns with the implementation changes.

---

136-136: Environment variables correctly documented.

The proxy environment variables (HTTP_PROXY, HTTPS_PROXY, NO_PROXY) are appropriately listed in the optional section since the operator can function without them.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[praveencodes]

/cc @swghosh @shivprakashmuley

[codecov-commenter]

Codecov Report

❌ Patch coverage is 11.11111% with 8 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.49%. Comparing base (130bc8a) to head (8a861fd).
⚠️ Report is 13 commits behind head on master.

Files with missing lines	Patch %	Lines
controllers/mustgather/template.go	11.11%	7 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #313      +/-   ##
==========================================
- Coverage   70.98%   68.49%   -2.49%     
==========================================
  Files           7        7              
  Lines         479      473       -6     
==========================================
- Hits          340      324      -16     
- Misses        136      144       +8     
- Partials        3        5       +2     

Files with missing lines	Coverage Δ
api/v1alpha1/mustgather_types.go	100.00% <ø> (ø)
controllers/mustgather/template.go	93.02% <11.11%> (-5.86%)	⬇️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

boilerplate/openshift/golang-osd-operator/standard.mk (1)

216-226: Per-directory OpenAPI generation LGTM; watch for future non-API dirs under ./api.

The updated openapi-generate target correctly runs openapi-gen per API subdirectory and writes zz_generated.openapi.go in place, which matches the new api/v1alpha1 output. Just be aware this will also pick up any future non-Go/non-API directories under ./api and try to run openapi-gen there; if that ever becomes an issue, consider narrowing the find to known API package paths.

CLAUDE.md (1)

69-72: Proxy documentation matches the new env-based behavior; consider aligning the service account field name with the actual API.

The updated prose correctly describes proxy handling as inheriting HTTP_PROXY/HTTPS_PROXY/NO_PROXY from the environment, which matches the controller and CRD changes. One small follow-up for accuracy: the spec field is serviceAccountName in both Go types and the CRD, but this doc still calls it serviceAccountRef and mentions “ServiceAccountRef from cluster”. Renaming those references to serviceAccountName would keep this guide in sync with the actual API surface.

Also applies to: 81-87, 110-118, 128-137

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 7d9c76d and d4f535a.

📒 Files selected for processing (11)

• CLAUDE.md (4 hunks)
• README.md (0 hunks)
• api/v1alpha1/mustgather_types.go (0 hunks)
• api/v1alpha1/zz_generated.deepcopy.go (0 hunks)
• api/v1alpha1/zz_generated.openapi.go (1 hunks)
• boilerplate/openshift/golang-osd-operator/standard.mk (1 hunks)
• bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml (0 hunks)
• controllers/mustgather/template.go (1 hunks)
• controllers/mustgather/template_test.go (0 hunks)
• deploy/crds/operator.openshift.io_mustgathers.yaml (1 hunks)
• examples/mustgather_proxy.yaml (0 hunks)

💤 Files with no reviewable changes (6)

• api/v1alpha1/mustgather_types.go
• README.md
• api/v1alpha1/zz_generated.deepcopy.go
• controllers/mustgather/template_test.go
• examples/mustgather_proxy.yaml
• bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• api/v1alpha1/zz_generated.openapi.go
• boilerplate/openshift/golang-osd-operator/standard.mk
• deploy/crds/operator.openshift.io_mustgathers.yaml
• CLAUDE.md
• controllers/mustgather/template.go

🔇 Additional comments (3)

api/v1alpha1/zz_generated.openapi.go (1)

8-14: Empty OpenAPI definition map is consistent with removing ProxySpec.

With Proxy-related types removed from the API, returning an empty map from GetOpenAPIDefinitions is expected and keeps the generated file minimal. As long as no external component depends on the old ProxySpec OpenAPI schema (which this PR is explicitly removing), this change is fine.

deploy/crds/operator.openshift.io_mustgathers.yaml (1)

5-7: CRD schema update correctly drops spec.proxyConfig; behavior change is coherent with API/controller updates.

The CRD now reflects the removal of spec.proxyConfig and still enforces spec immutability via the existing validation rule, which is consistent with MustGather’s “create-and-let-run” model. This does mean any workloads that previously relied on per-CR proxy settings must now use cluster/operator-level proxy configuration only, but that matches the stated PR goal.

Also applies to: 40-174

controllers/mustgather/template.go (1)

54-107: Proxy configuration now sourced solely from operator env; implementation looks consistent with the new API surface.

getJobTemplate now always derives httpProxy, httpsProxy, and noProxy from the operator’s own environment variables and threads those into getUploadContainer, which only injects them into the upload container when non-empty. This cleanly removes per-CR proxy behavior in favor of a single operator-wide proxy configuration, matching the CRD/API removals and keeping the upload path behavior straightforward.

If you haven’t already, it’s worth re-running the existing template tests (or adding a focused case) to assert that when the operator pod has HTTP_PROXY/HTTPS_PROXY/NO_PROXY set, the generated upload container gets the lower-case http_proxy/https_proxy/no_proxy env vars as expected, and that CR-provided values are no longer honored.

Also applies to: 205-287

[swghosh]

generally LGTM

[swghosh]

If we run a boilerplate-update, does this get reverted? I k it's needed, so alternatively we can add another make target in Makefile.

[swghosh]

/override ci/prow/e2e-gcp-operator
the e2e test will pass after #311 is merged.

[openshift-ci]

@swghosh: Overrode contexts on behalf of swghosh: ci/prow/e2e-gcp-operator

Details

In response to this:

/override ci/prow/e2e-gcp-operator
the e2e test will pass after #311 is merged.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[shivprakashmuley]

@praveencodes please resole the conflicts.

[openshift-ci]

@praveencodes: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/validate-boilerplate	8a861fd	link	false	/test validate-boilerplate

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[shivprakashmuley]

We'll try to merge this once openshift/enhancements#1903 is approved.

[swghosh]

/lgtm
/approve

/label no-qe
@KeenonLee let's can test this collectively with #312.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: praveencodes, swghosh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [swghosh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@praveencodes: This pull request references MG-66 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Removes spec.proxyConfig as a result of improvements discussed in openshift/enhancements#1903.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@praveencodes: This pull request references MG-66 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Removes spec.proxyConfig as a result of improvements discussed in openshift/enhancements#1903.

The operator will observe egress proxy behaviour inherited from OLM env vars directly as a result; operator users (who install through OLM) requiring customization may choose to override these env vars through Subscription.spec.config.env alternatively.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[swghosh]

/label no-qe
let's can test this collectively with #312.

/verified bypass

[openshift-ci-robot]

@swghosh: The verified label has been added.

Details

In response to this:

/verified bypass

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.