Migrate Remaining VirtualMCPServer Fields to spec.config

[jerm-dro]

Summary

This PR completes the migration of VirtualMCPServer CRD fields from the top-level spec into the nested spec.config structure, aligning with the platform-agnostic configuration model and consolidating validation logic.

Fixes #3125

Large PR Justification

Please review this PR commit-by-commit (10 commits total). Each commit is self-contained with its own tests, documentation updates, and CRD regeneration. The changes build upon each other progressively.

Changes

This PR addresses several goals:

1. Configuration Consolidation: Move CRD-specific fields into config.Config to eliminate duplication and establish a single source of truth
2. Validation Unification: Consolidate scattered validation logic into shared, reusable functions
3. Type Simplification: Remove redundant CRD-to-config conversion functions by embedding config types directly in CRDs
4. Bug Fixes: Fix telemetry config field loss during CRD conversion
5. Documentation: Clarify field precedence and add proper kubebuilder annotations

---

Commit-by-Commit Breakdown

1. b1c52a3 - docs(vmcp): clarify IncomingAuth precedence between CRD spec and config

What: Documentation-only change

• Clarifies that spec.IncomingAuth takes precedence over config.IncomingAuth
• Marks config.IncomingAuth as optional since CRD field is authoritative
• Explains that converter populates config field from CRD spec, not vice versa
• Regenerates CRD manifests

2. d37a88f - docs(vmcp): clarify auth config precedence between CRD spec and config

What: Extends auth documentation to outgoing auth

• Adds same precedence documentation for OutgoingAuth fields
• Explains why CRD spec fields should be preferred (Kubernetes-native secret references)
• Regenerates CRD manifests and documentation

3. 39f6357 - feat(operator): migrate Aggregation from VirtualMCPServerSpec to spec.config

What: Moves Aggregation field to spec.config

• Deletes AggregationConfig, ConflictResolutionConfig, WorkloadToolConfig from CRD types
• Adds kubebuilder annotations to config.AggregationConfig
• Updates converter, webhook validation, controller, examples, and tests
• BREAKING CHANGE: Must use spec.config.aggregation path
• Regenerates CRD manifests and documentation

4. 6de62aa - refactor(operator): migrate CompositeTools and CompositeToolRefs to spec.config

What: Moves composite tool definitions to spec.config

• Deletes CompositeToolSpec from VirtualMCPServer CRD
• Adds CompositeToolRef type to pkg/vmcp/config for Kubernetes references
• Changes from pointer slices to value slices ([]*T → []T)
• Simplifies converter to pass through config fields directly
• Updates all tests and documentation

5. 7525cc8 - refactor(operator): embed config.CompositeToolConfig in VirtualMCPCompositeToolDefinitionSpec

What: Simplifies VirtualMCPCompositeToolDefinition CRD structure

• Embeds config.CompositeToolConfig directly instead of duplicating types
• Removes 5 redundant conversion functions (convertCompositeToolSpec, convertWorkflowSteps, etc.)
• Updates webhook validation to use config types directly
• Updates all tests for new embedded structure

6. 0e5ca70 - refactor(validation): consolidate composite tool validation in pkg/vmcp/config

What: Centralizes all composite tool validation logic

• Creates pkg/vmcp/config/composite_validation.go with shared functions
• Moves workflow validation from scattered locations to single source of truth
• Both CRD webhooks and config validator now use same validation code
• Deletes redundant workflow_validation.go from v1alpha1 package
• Adds comprehensive tests for shared validation

7. 63bbc2a - refactor(operator): migrate Operational config from spec to spec.config

What: Moves Operational field to spec.config

• Adds LogLevel field to config.OperationalConfig
• Adds kubebuilder annotations to timeout/failure handling/circuit breaker configs
• Deletes 4 config types from CRD (OperationalConfig, TimeoutConfig, etc.)
• Updates converter, controller, docs, examples, and tests
• Regenerates CRD manifests

8. 82c92d2 - fix(telemetry): add optional annotations and defaults to telemetry.Config

What: Improves telemetry configuration ergonomics

• Makes ServiceName, ServiceVersion, and Endpoint optional
• Adds kubebuilder defaults:
  • TracingEnabled: false
  • MetricsEnabled: false
  • SamplingRate: "0.05"
  • Insecure: false
  • EnablePrometheusMetricsPath: false
• Documents default behaviors for optional fields
• Regenerates CRD manifests

9. 3b9e20d - fix(operator): preserve all telemetry config fields during CRD conversion

What: Fixes critical bug in telemetry config conversion

• Bug: CustomAttributes, ServiceVersion, EnvironmentVariables were silently dropped
• Root Cause: Unnecessary round-trip conversion through intermediate format
• Solution:
  • Creates spectoconfig.NormalizeTelemetryConfig() as shared normalization logic
  • Eliminates lossy conversion path
  • Refactors both converters to use shared function
• Testing: Adds 5 new test suites with comprehensive coverage:
  • TestConverter_TelemetryConfigPreserved - field preservation
  • TestConverter_TelemetryDefaults - default behavior
  • TestConverter_TelemetryEndpointPrefixStripping - normalization
  • TestNormalizeTelemetryConfig - 8 test cases
  • TestConvertTelemetryConfig_UsesNormalization - integration
  • New E2E test virtualmcp_telemetry_test.go

10. 49b9da0 - chore: bump operator-crds chart version to 0.0.95 and regenerate docs

What: Version bump and final regeneration

• Bumps operator-crds chart from 0.0.94 to 0.0.95
• Regenerates all swagger API documentation
• Updates version badges in README

[github-actions]

Large PR Detected

This PR exceeds 1000 lines of changes and requires justification before it can be reviewed.

How to unblock this PR:

Add a section to your PR description with the following format:

## Large PR Justification

[Explain why this PR must be large, such as:]
- Generated code that cannot be split
- Large refactoring that must be atomic
- Multiple related changes that would break if separated
- Migration or data transformation

Alternative:

Consider splitting this PR into smaller, focused changes (< 1000 lines each) for easier review and reduced risk.

See our Contributing Guidelines for more details.

---

This review will be automatically dismissed once you add the justification section.

[codecov]

Codecov Report

❌ Patch coverage is 81.26464% with 80 lines in your changes missing coverage. Please review.
✅ Project coverage is 63.70%. Comparing base (92b08b7) to head (32f192e).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/vmcp/config/composite_validation.go	80.06%	32 Missing and 28 partials ⚠️
pkg/vmcp/config/validator.go	41.17%	9 Missing and 1 partial ⚠️
...perator/controllers/virtualmcpserver_controller.go	33.33%	6 Missing ⚠️
...lpha1/virtualmcpcompositetooldefinition_webhook.go	25.00%	3 Missing ⚠️
...-operator/api/v1alpha1/virtualmcpserver_webhook.go	96.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3242      +/-   ##
==========================================
+ Coverage   63.66%   63.70%   +0.04%     
==========================================
  Files         362      362              
  Lines       35521    35209     -312     
==========================================
- Hits        22613    22431     -182     
+ Misses      11089    10974     -115     
+ Partials     1819     1804      -15     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[jhrozek]

I only had some nits. Since this is a very large PR, feel free to ignore and merge, I'm acking