READY pin provide no mechanism for recovering from a failed boot on the FPGA though. Any kind of slave port, be it JTAG or SPI, removes that point of failure as the SoC can recover the FPGA.
So? Most circuits involvings FPGAs are designed like that. How often does an FPGA config from external flash fails? Not a huge point of concern. As long as you can detect the failure.
And as I suggested above, the simplest, fastest (configuration time wise) approach overall and still most flexible would be to use an external SPI/QSPI flash AND still implement JTAG.
The host can monitor the Config ready pin. If it doesn't show a ready state after a given time-out, the host can then reflash it through JTAG and/or proceed to some other automated testing.
So as I said before, if config time was critical, I personally would favor this approach for large bitstreams. For the smaller FPGAs, SPI slave would be probably adequate. Then again, as the OP suggested using MachXO3, if again it should be ready in a very short time, I would just buy the flash version, and implement reprogramming for updates through JTAG probably.
Again it's all in the requirements and use cases!
If, OTOH, config time is not critical, but you needed to be able to reconfigure the FPGA very often (maybe even "on the fly" depending on the system's state), obviously the SPI or JTAG only approach would be favored. Can also be a mix of both, and you can certainly do both with my suggestion of external (or internal if supported) flash + JTAG, and mikeselectricstuff's suggestion to monitor the config ready pin is definitely a good idea.