Fix runtime_config API semantics and validation

[slyt3]

Summary

Reopening closed PR #3772 and carries over the original runtime_config workload API work with the review feedback addressed.

The previous version changed runtime config merge behavior for all callers, including CLI, and allowed some invalid runtime_config cases to be ignored or fail later during image build. This update keeps the behavior scoped to the workload API, adds validation, and tightens the response/update round-trip behavior.

Fixes #3676

Type of change

• Bug fix
• New feature
• Refactoring (no behavior change)
• Dependency update
• Documentation
• Other (describe):

Test plan

• Unit tests (task test)
• E2E tests (task test-e2e)
• Linting (task lint-fix)
• Manual testing (describe below)

Manual testing:

• go test ./pkg/runner -run 'TestLoadRuntimeConfig_' -count=1
• go test ./pkg/api/v1 -run 'Test(RuntimeConfigFromRequest|RuntimeConfigForImageBuild|CreateWorkload|UpdateWorkload)$' -count=1
• go test ./pkg/api/v1 -run 'Test(RuntimeConfigForImageBuild|RunConfigToCreateRequest)$' -count=1

Changes

File	Change
pkg/runner/protocol.go	Restore runner/CLI replacement semantics for runtime overrides
pkg/runner/protocol_test.go	Update runtime config tests and assertion style
pkg/api/v1/workload_service.go	Add API-scoped merge and validation for runtime_config
pkg/api/v1/workload_service_test.go	Add validation and protocol-image edge-case coverage
pkg/api/v1/workload_types.go	Omit runtime_config from non-protocol response payloads
pkg/api/v1/workloads_test.go	Add create/update coverage for runtime_config behavior
pkg/api/v1/workloads_types_test.go	Add response conversion coverage for protocol vs non-protocol images
docs/server/docs.go	Update generated API docs
docs/server/swagger.json	Update generated API docs
docs/server/swagger.yaml	Update generated API docs

Does this introduce a user-facing change?

Yes. Invalid runtime_config input now fails early with a clear API validation error, and runtime_config is only accepted on create/update when image is a protocol URI.

Special notes for reviewers

This is intended as the replacement for #3772, not a separate feature. The main goal is to keep the runtime-config behavior scoped to the workload API without changing shared runner/CLI semantics.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8b498de6ad

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[JAORMX]

The merge conflicts must be solved.

[codecov]

Codecov Report

❌ Patch coverage is 83.75000% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 69.68%. Comparing base (11cd266) to head (2a5c1f6).
⚠️ Report is 11 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/api/v1/workload_service.go	82.19%	9 Missing and 4 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4435      +/-   ##
==========================================
+ Coverage   69.57%   69.68%   +0.11%     
==========================================
  Files         489      494       +5     
  Lines       50193    50523     +330     
==========================================
+ Hits        34920    35209     +289     
- Misses      12590    12618      +28     
- Partials     2683     2696      +13     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[slyt3]

@JAORMX Yeah I know I was rebasing and resolving conflicts; branch is now cleanly mergeable. I’m fixing the remaining docgen check now.

[slyt3]

@JAORMX Hi! This PR should be ready, one E2E test is failing but seems unrelated; I’d really appreciate your review when you have time, thank you :)

[JAORMX]

@slyt3 I'll be unavailable this week as I'm flying to MCP Dev Summit. Perhaps you can reach out in Discord and another maintainer can check this out?

[slyt3]

@JAORMX Got it, thanks for letting me know! Safe travels to the MCP Dev Summit. I will reach out on Discord and see if another maintainer can take a look.

[jerm-dro]

Thanks for the PR and for your patience through the review cycles — the scoping improvements over #3772 are clear (API-only merge semantics, input validation, protocol-scheme enforcement). Ozz's original feedback has been well addressed.

Requesting changes for the mixed-in behavioral changes that make the runtime_config additions harder to review in isolation. See inline comments.

[slyt3]

@jerm-dro i removed the unrelated changes from that PR and clarified the runtime_config API contract in the docs/comments

[jerm-dro]

Thanks for sticking with this through the review cycles and for cleanly scoping the changes to the API layer.