doc: helm chart readme

Update helm chart readme.

CONTRIBUTING.md

@@ -0,0 +1,16 @@
+# Contributing
+
+## Developer Certificate of Origin
+
+All commits require a [DCO](https://developercertificate.org/) sign-off.
+This is done by committing with the `--signoff` flag.
+
+## Development
+
+The build process for this project is designed to run entirely in containers.
+To get started, run `make help` and follow the instructions.
+
+## Conformance
+
+To verify conformance status, run `make conformance`.
+This runs a series of tests on the working tree and is required to pass before a contribution is accepted.

Makefile

@@ -85,12 +85,13 @@ helm-unit: ## Helm Unit Tests
 docs:
 	helm template -n kube-system proxmox-cloud-controller-manager \
 		-f charts/proxmox-cloud-controller-manager/values.edge.yaml \
+		--set-string image.tag=$(TAG) \
 		charts/proxmox-cloud-controller-manager > docs/deploy/cloud-controller-manager.yml
 	helm template -n kube-system proxmox-cloud-controller-manager \
 		-f charts/proxmox-cloud-controller-manager/values.talos.yaml \
 		--set-string image.tag=$(TAG) \
 		charts/proxmox-cloud-controller-manager > docs/deploy/cloud-controller-manager-talos.yml
-	helm-docs charts/proxmox-cloud-controller-manager
+	helm-docs --sort-values-order=file charts/proxmox-cloud-controller-manager
 
 release-update:
 	git-chglog --config hack/chglog-config.yml -o CHANGELOG.md

README.md

@@ -74,26 +74,10 @@ pveum user token add kubernetes@pve ccm -privsep 0
 
 ## Deploy CCM
 
-### Method 1: kubectl
+Create the proxmox credentials
-
-Deploy Proxmox CCM
-
-```shell
-kubectl apply -f https://raw.githubusercontent.com/sergelogvinov/proxmox-cloud-controller-manager/main/docs/deploy/cloud-controller-manager.yml
-```
-
-Change the proxmox credentials
-
-```shell
-kubectl -n kube-system edit secrets proxmox-cloud-controller-manager
-```
-
-### Method 2: helm chart
-
-Set the proxmox credentials
 
 ```yaml
-# clusters.yaml
+# config.yaml
 config:
   clusters:
     - url: https://cluster-api-1.exmple.com:8006/api2/json
@@ -103,8 +87,52 @@ config:
       region: cluster-1
 ```
 
+Upload it to the kubernetes:
+
+```shell
+kubectl -n kube-system create secret proxmox-cloud-controller-manager --from-file=config.yaml
+```
+
+### Method 1: kubectl
+
+Deploy Proxmox CCM with `cloud-node,cloud-node-lifecycle` controllers
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/sergelogvinov/proxmox-cloud-controller-manager/main/docs/deploy/cloud-controller-manager.yml
+```
+
+Deploy Proxmox CCM with `cloud-node-lifecycle` controller (for Talos)
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/sergelogvinov/proxmox-cloud-controller-manager/main/docs/deploy/cloud-controller-manager-talos.yml
+```
+
+### Method 2: helm chart
+
 Deploy Proxmox CCM
 
 ```shell
-helm upgrade -i --namespace=kube-system -f clusters.yaml proxmox-cloud-controller-manager charts/proxmox-cloud-controller-manager
+helm upgrade -i --namespace=kube-system -f proxmox-ccm.yaml \
+		proxmox-cloud-controller-manager charts/proxmox-cloud-controller-manager
 ```
+
+More options can find [here](charts/proxmox-cloud-controller-manager)
+
+## Contributing
+
+Contributions are welcomed and appreciated!
+See [Contributing](CONTRIBUTING.md) for our guidelines.
+
+## License
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+[http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

charts/proxmox-cloud-controller-manager/Chart.yaml

@@ -10,6 +10,7 @@ keywords:
 - ccm
 maintainers:
 - name: sergelogvinov
+  url: https://github.com/sergelogvinov
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.

charts/proxmox-cloud-controller-manager/README.md

@@ -10,38 +10,72 @@ A Helm chart for Kubernetes
 
 | Name | Email | Url |
 | ---- | ------ | --- |
-| sergelogvinov |  |  |
+| sergelogvinov |  | <https://github.com/sergelogvinov> |
 
 ## Source Code
 
 * <https://github.com/sergelogvinov/proxmox-cloud-controller-manager>
 
+Example:
+
+```yaml
+# proxmox-ccm.yaml
+
+config:
+  clusters:
+    - url: https://cluster-api-1.exmple.com:8006/api2/json
+      insecure: false
+      token_id: "kubernetes@pve!csi"
+      token_secret: "key"
+      region: cluster-1
+
+enabledControllers:
+  # Remove `cloud-node` if you use it with Talos CCM
+  - cloud-node
+  - cloud-node-lifecycle
+
+# Deploy CCM only on control-plane nodes
+nodeSelector:
+  node-role.kubernetes.io/control-plane: ""
+tolerations:
+  - key: node-role.kubernetes.io/control-plane
+    effect: NoSchedule
+```
+
+Deploy chart:
+
+```shell
+helm upgrade -i --namespace=kube-system -f proxmox-ccm.yaml \
+		proxmox-cloud-controller-manager charts/proxmox-cloud-controller-manager
+```
+
 ## Values
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| affinity | object | `{}` | Affinity for data pods assignment. ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity |
+| replicaCount | int | `1` |  |
-| config.clusters | list | `[]` |  |
+| image.repository | string | `"ghcr.io/sergelogvinov/proxmox-cloud-controller-manager"` | Proxmox CCM image. |
-| enabledControllers | list | `["cloud-node","cloud-node-lifecycle"]` | List of controllers should be enabled. Use '*' to enable all controllers. Support only `cloud-node,cloud-node-lifecycle` controllers. |
+| image.pullPolicy | string | `"IfNotPresent"` | Always or IfNotPresent |
-| extraArgs | list | `[]` | Any extra arguments for talos-cloud-controller-manager |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
-| fullnameOverride | string | `""` |  |
-| image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.repository | string | `"ghcr.io/sergelogvinov/proxmox-cloud-controller-manager"` |  |
-| image.tag | string | `""` |  |
 | imagePullSecrets | list | `[]` |  |
-| logVerbosityLevel | int | `2` | Log verbosity level. See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md for description of individual verbosity levels. |
 | nameOverride | string | `""` |  |
-| nodeSelector | object | `{}` | Node labels for data pods assignment. ref: https://kubernetes.io/docs/user-guide/node-selection/ |
+| fullnameOverride | string | `""` |  |
+| extraArgs | list | `[]` | Any extra arguments for talos-cloud-controller-manager |
+| enabledControllers | list | `["cloud-node","cloud-node-lifecycle"]` | List of controllers should be enabled. Use '*' to enable all controllers. Support only `cloud-node,cloud-node-lifecycle` controllers. |
+| logVerbosityLevel | int | `2` | Log verbosity level. See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md for description of individual verbosity levels. |
+| existingConfigSecret | string | `nil` | Proxmox cluster config stored in secrets. |
+| existingConfigSecretKey | string | `"config.yaml"` | Proxmox cluster config stored in secrets key. |
+| config | object | `{"clusters":[]}` | Proxmox cluster config. |
+| serviceAccount | object | `{"annotations":{},"create":true,"name":""}` | Pods Service Account. ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ |
+| priorityClassName | string | `"system-cluster-critical"` | CCM pods' priorityClassName. |
 | podAnnotations | object | `{}` | Annotations for data pods. ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ |
 | podSecurityContext | object | `{"fsGroup":10258,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":10258,"runAsNonRoot":true,"runAsUser":10258}` | Pods Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod |
-| priorityClassName | string | `"system-cluster-critical"` | CCM pods' priorityClassName. |
-| replicaCount | int | `1` |  |
-| resources.requests.cpu | string | `"10m"` |  |
-| resources.requests.memory | string | `"32Mi"` |  |
 | securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"seccompProfile":{"type":"RuntimeDefault"}}` | Container Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod |
-| serviceAccount | object | `{"annotations":{},"create":true,"name":""}` | Pods Service Account. ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ |
+| resources | object | `{"requests":{"cpu":"10m","memory":"32Mi"}}` | Resizer resource requests and limits. ref: https://kubernetes.io/docs/user-guide/compute-resources/ |
-| tolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/control-plane","operator":"Exists"},{"effect":"NoSchedule","key":"node.cloudprovider.kubernetes.io/uninitialized","operator":"Exists"}]` | Tolerations for data pods assignment. ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ |
 | updateStrategy | object | `{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"}` | Deployment update stategy type. ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment |
+| nodeSelector | object | `{}` | Node labels for data pods assignment. ref: https://kubernetes.io/docs/user-guide/node-selection/ |
+| tolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/control-plane","operator":"Exists"},{"effect":"NoSchedule","key":"node.cloudprovider.kubernetes.io/uninitialized","operator":"Exists"}]` | Tolerations for data pods assignment. ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ |
+| affinity | object | `{}` | Affinity for data pods assignment. ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity |
 
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)

charts/proxmox-cloud-controller-manager/README.md.gotmpl

@@ -0,0 +1,52 @@
+{{ template "chart.header" . }}
+
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.badgesSection" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersSection" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+Example:
+
+```yaml
+# proxmox-ccm.yaml
+
+config:
+  clusters:
+    - url: https://cluster-api-1.exmple.com:8006/api2/json
+      insecure: false
+      token_id: "kubernetes@pve!csi"
+      token_secret: "key"
+      region: cluster-1
+
+enabledControllers:
+  # Remove `cloud-node` if you use it with Talos CCM
+  - cloud-node
+  - cloud-node-lifecycle
+
+# Deploy CCM only on control-plane nodes
+nodeSelector:
+  node-role.kubernetes.io/control-plane: ""
+tolerations:
+  - key: node-role.kubernetes.io/control-plane
+    effect: NoSchedule
+```
+
+Deploy chart:
+
+```shell
+helm upgrade -i --namespace=kube-system -f proxmox-ccm.yaml \
+		proxmox-cloud-controller-manager charts/proxmox-cloud-controller-manager
+```
+
+{{ template "chart.valuesSection" . }}
+
+{{ template "helm-docs.versionFooter" . }}

charts/proxmox-cloud-controller-manager/templates/deployment.yaml

@@ -80,7 +80,17 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       volumes:
+        {{- if .Values.existingConfigSecret }}
+        - name: cloud-config
+          secret:
+            secretName: {{ .Values.existingConfigSecret }}
+            items:
+              - key: {{ .Values.existingConfigSecretKey }}
+                path: config.yaml
+            defaultMode: 416
+        {{- else }}
         - name: cloud-config
           secret:
             secretName: {{ include "proxmox-cloud-controller-manager.fullname" . }}
-            defaultMode: 416 # 0640
+            defaultMode: 416
+        {{- end }}

charts/proxmox-cloud-controller-manager/templates/secrets.yaml

@@ -1,3 +1,4 @@
+{{- if ne (len .Values.config.clusters) 0 }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -7,3 +8,4 @@ metadata:
   namespace: {{ .Release.Namespace }}
 data:
   config.yaml: {{ toYaml .Values.config | b64enc | quote }}
+{{- end }}

charts/proxmox-cloud-controller-manager/values.yaml

@@ -5,9 +5,11 @@
 replicaCount: 1
 
 image:
+  # -- Proxmox CCM image.
   repository: ghcr.io/sergelogvinov/proxmox-cloud-controller-manager
+  # -- Always or IfNotPresent
   pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
+  # -- Overrides the image tag whose default is the chart appVersion.
   tag: ""
 
 imagePullSecrets: []
@@ -31,6 +33,12 @@ enabledControllers:
 # for description of individual verbosity levels.
 logVerbosityLevel: 2
 
+# -- Proxmox cluster config stored in secrets.
+existingConfigSecret: ~
+# -- Proxmox cluster config stored in secrets key.
+existingConfigSecretKey: config.yaml
+
+# -- Proxmox cluster config.
 config:
   clusters: []
   #   - url: https://cluster-api-1.exmple.com:8006/api2/json
@@ -76,6 +84,8 @@ securityContext:
   seccompProfile:
     type: RuntimeDefault
 
+# -- Resizer resource requests and limits.
+# ref: https://kubernetes.io/docs/user-guide/compute-resources/
 resources:
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little

docs/deploy/cloud-controller-manager-talos.yml

@@ -12,21 +12,6 @@ metadata:
     app.kubernetes.io/managed-by: Helm
   namespace: kube-system
 ---
-# Source: proxmox-cloud-controller-manager/templates/secrets.yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: proxmox-cloud-controller-manager
-  labels:
-    helm.sh/chart: proxmox-cloud-controller-manager-0.1.2
-    app.kubernetes.io/name: proxmox-cloud-controller-manager
-    app.kubernetes.io/instance: proxmox-cloud-controller-manager
-    app.kubernetes.io/version: "v0.0.1"
-    app.kubernetes.io/managed-by: Helm
-  namespace: kube-system
-data:
-  config.yaml: "Y2x1c3RlcnM6IFtd"
----
 # Source: proxmox-cloud-controller-manager/templates/role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -201,4 +186,4 @@ spec:
         - name: cloud-config
           secret:
             secretName: proxmox-cloud-controller-manager
-            defaultMode: 416 # 0640
+            defaultMode: 416

docs/deploy/cloud-controller-manager.yml

@@ -12,21 +12,6 @@ metadata:
     app.kubernetes.io/managed-by: Helm
   namespace: kube-system
 ---
-# Source: proxmox-cloud-controller-manager/templates/secrets.yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: proxmox-cloud-controller-manager
-  labels:
-    helm.sh/chart: proxmox-cloud-controller-manager-0.1.2
-    app.kubernetes.io/name: proxmox-cloud-controller-manager
-    app.kubernetes.io/instance: proxmox-cloud-controller-manager
-    app.kubernetes.io/version: "v0.0.1"
-    app.kubernetes.io/managed-by: Helm
-  namespace: kube-system
-data:
-  config.yaml: "Y2x1c3RlcnM6IFtd"
----
 # Source: proxmox-cloud-controller-manager/templates/role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -161,7 +146,7 @@ spec:
               - ALL
             seccompProfile:
               type: RuntimeDefault
-          image: "ghcr.io/sergelogvinov/proxmox-cloud-controller-manager:edge"
+          image: "ghcr.io/sergelogvinov/proxmox-cloud-controller-manager:v0.0.1"
           imagePullPolicy: Always
           command: ["/proxmox-cloud-controller-manager"]
           args:
@@ -201,4 +186,4 @@ spec:
         - name: cloud-config
           secret:
             secretName: proxmox-cloud-controller-manager
-            defaultMode: 416 # 0640
+            defaultMode: 416