feat: Deployment MinReadySeconds progressive delivery strategy

[Xio-Shark]

Summary

Implement a MinReadySeconds-based progressive delivery strategy for native Kubernetes Deployments, as described in proposal #341.

Instead of pausing the Deployment controller (Recreate style), this approach inflates minReadySeconds and progressDeadlineSeconds to take control of the rollout pace, then progressively adjusts maxUnavailable to drive batch-by-batch updates — while the native Deployment controller remains active.

Key Design Decisions

• No new API fields — routed entirely by the MinReadySecondsStrategy feature gate (per review feedback)
• True availability calculation — uses the original minReadySeconds and pod Ready condition LastTransitionTime to count genuinely available replicas, not just Ready pods
• Inflation persistence — three-layer protection: Initialize(), ensureInflatedDeploymentStrategy() before each batch, and webhook enforceMinReadyInflation() on every Deployment mutation
• PDB compatible — Deployment controller stays active, so PodDisruptionBudgets work normally
• maxSurge preserved — user-configured maxSurge > 0 is respected; only maxUnavailable is driven by the controller

Changes

Core Controller (pkg/controller/batchrelease/control/partitionstyle/deployment/)

• minready_control.go — Initialize / UpgradeBatch / Finalize / CalculateBatchContext
• minready_batch_context.go — pod availability calculation with original minReadySeconds
• minready_constants.go — annotations, inflated values, constants

Status & Metrics

• minready_status.go — Rollout condition updates (MinReadyInitialized/Batching/Degraded/Finalized)
• metrics/minready_metrics.go — Prometheus metrics for batch progress and timing

Routing & Webhook

• batchrelease_executor.go — feature gate routing to MinReady controller
• workload_update_handler.go — skip Paused mutation, enforce inflation on external edits

Feature Gate

• MinReadySecondsStrategy (alpha, default off)

Tests

• Unit: 24 MinReady-specific tests + updated existing package tests
• Integration: batch lifecycle, concurrency, feature-gate fallback
• E2E: basic rollout, multi-batch, PDB compatibility, degraded drift detection

Commits

1. feat: add deployment MinReady strategy — core implementation
2. fix: correct MinReady batch-ready semantics and feature-gate fallback — fix pod counting and executor routing
3. fix: align MinReady implementation with proposal review — address review feedback
4. fix: write BatchReleaseControlAnnotation and clean up finalize labels — proper controller ownership marking

Test Plan

• go test ./pkg/... — all unit tests pass
• CI: golangci-lint, unit-tests, E2E (Deployment/CloneSet/StatefulSet/DaemonSet on K8s 1.24/1.26/1.28)
• Manual: verify batch progression with kubectl rollout status
• Manual: verify Finalize restores original Deployment fields

Related

• Proposal: #341
• GSoC 2026 Project

[kruise-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign zmberg for approval by writing /assign @zmberg in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

❌ Patch coverage is 69.71917% with 248 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.98%. Comparing base (56efb03) to head (95e8e80).
⚠️ Report is 2 commits behind head on master.

Files with missing lines	Patch %	Lines
...trol/partitionstyle/deployment/minready_control.go	65.20%	65 Missing and 30 partials ⚠️
...g/webhook/workload/mutating/minready_deployment.go	58.97%	28 Missing and 20 partials ⚠️
...tchrelease/control/partitionstyle/control_plane.go	78.26%	17 Missing and 3 partials ⚠️
pkg/util/parse_utils.go	40.62%	12 Missing and 7 partials ⚠️
...artitionstyle/deployment/minready_batch_context.go	48.38%	8 Missing and 8 partials ⚠️
...hrelease/control/partitionstyle/minready_status.go	82.05%	7 Missing and 7 partials ⚠️
...ontroller/batchrelease/metrics/minready_metrics.go	62.96%	5 Missing and 5 partials ⚠️
...ol/partitionstyle/deployment/minready_constants.go	76.92%	5 Missing and 4 partials ⚠️
...g/controller/batchrelease/batchrelease_executor.go	68.75%	4 Missing and 1 partial ⚠️
...bhook/workload/mutating/workload_update_handler.go	87.50%	3 Missing and 2 partials ⚠️
... and 2 more

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #343      +/-   ##
==========================================
+ Coverage   51.38%   52.98%   +1.60%     
==========================================
  Files          66       79      +13     
  Lines        8559     9693    +1134     
==========================================
+ Hits         4398     5136     +738     
- Misses       3575     3857     +282     
- Partials      586      700     +114     

Flag	Coverage Δ
unittests	52.98% <69.71%> (+1.60%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[furykerry]

L78, L106, L133, L269 — Every mc.client.Patch(context.TODO(), ...) in Initialize, UpgradeBatch, Finalize, and ensureInflatedDeploymentStrategy uses context.TODO() instead of the reconcile context, consider refactor the code to accept the context parameter

[furykerry]

recordMinReadyNormal/recordMinReadyDegraded fire for ALL partition-style releases, not just MinReady. While isMinReadyRelease() guards inside these methods, the check adds unnecessary overhead and recognition burden, consider moving the recording inside Initialize/UpgradeBatch/Finalize method, and remove other calling of recordMinReadyNormal/recordMinReadyDegraded by simply logging some informations

[furykerry]

Use klog.WarningS with structured key-value pairs: klog.WarningS(nil, "MinReady maxUnavailable exceeds target, reducing", "batch", ctx.CurrentBatch, "deployment", klog.KObj(mc.object), "maxUnavailable", current, "target", target). Note: the existing control_plane.go uses klog.Infof/klog.Warningf too, so this is a pre-existing pattern, but new code should aim higher.

[furykerry]

When the gate is OFF and a MinReady rollout is in progress, the executor correctly routes to MinReady (via annotation fallback), but the webhook's shouldSkipRecreateMutationForMinReady only checks the feature gate

consider also checking with DeploymentStrategyAnnotation symmetric with the executor:

[furykerry]

writeOriginalAnnotations already check for hasAnyOriginalAnnotation, consider extract the hasAnyOriginalAnnotation logic out of writeOriginalAnnotations

[furykerry]

per discussion in the proposal, it is not necessary to hack the maxSurge

[furykerry]

Before(now) || Equal(now) computes the same time.Time addition twice. Consider simplify to !After(now)

[furykerry]

it is not necessary to deepcopy the original object.

[furykerry]

it is not necessary to deepcopy the original object.

[furykerry]

it is not necessary to deepcopy the original object.

[furykerry]

is this func really necessary? parseOriginalInt32 will return error anyway if required key does not exist

[furykerry]

consider organizing related tests files in a sub-packages

[Xio-Shark]

Kept these tests in the existing e2e package for this PR. test/e2e currently uses a shared suite/client/helper setup and all existing workflows execute the flat test/e2e package; moving MinReady into a sub-package would require a broader e2e harness refactor. I think that is better handled separately from this feature fix.

[furykerry]

is it possible to reuse existing rollout condition such as RolloutConditionProgressing, RolloutConditionSucceeded and RolloutConditionTerminating

[furykerry]

minReadyUpdatedReadyReplicas also listownedpods, consider list only once.

[furykerry]

ReconcileMaxUnavailableDrift duplicates with UpgradeBatch for MinReadyControl, is it necessary to call ReconcileMaxUnavailableDrift in VerifyingBatchState phase ?

[furykerry]

we don't have to wait for the whole window to be updated and ready

[furykerry]

there is a pre existing bug in SetDefaultDeploymentStrategy, consider revise it

if strategy.RollingUpdate.MaxSurge == nil {
    maxSurge := intstr.FromString("25%")
    strategy.RollingUpdate.MaxUnavailable = &maxSurge  // BUG: should be MaxSurge
}

[furykerry]

this func is used for both progressdeadlineseconds and MinReadySeconds, so assign the DefaultProgressDeadlineSeconds to MinReadySeconds is wrong (kubernetes default is 0 for min readyseconds), consider pass the default value to the func instead

[furykerry]

The webhook now imports partitionstyle/deployment for EnrollMinReadyDeployment/Inflated* constants. There is no import cycle (the controller package does not import webhook), but it inverts the usual layering (webhook depending on controller internals).

Consider move EnrollMinReadyDeployment func and related UT directly to the webhook pacakge

[furykerry]

The warningS helper formats structured key-value pairs into a flat string and calls klog.Warning(). This loses the structured logging benefits of klog.ErrorS/klog.InfoS (JSON output, log level filtering). klog.V(0).InfoS with err=... achieves similar Warning output with proper structure.

Consider using klog.ErrorS(err, msg, keysAndValues...) for true structured output (errors at error verbosity, warnings via klog.V(n).InfoS).

[furykerry]

is it possible to do the logging and metric calculation in the callee using defer, so that the report logic does not influence other control