Skip to content

feat: provision helm chart#128

Open
knechtionscoding wants to merge 5 commits intokubernetes-sigs:mainfrom
knechtionscoding:feat/helm-chart
Open

feat: provision helm chart#128
knechtionscoding wants to merge 5 commits intokubernetes-sigs:mainfrom
knechtionscoding:feat/helm-chart

Conversation

@knechtionscoding
Copy link
Contributor

@knechtionscoding knechtionscoding commented Feb 11, 2026
edited
Loading

Description

This PR creates the base helm chart to match the existing rendered manifests. I used helm create node-readiness-controller to generate the initial chart:

version.BuildInfo{Version:"v4.1.1", GitCommit:"5caf0044d4ef3d62a955440272999e139aafbbed", GitTreeState:"clean", GoVersion:"go1.25.7", KubeClientVersion:"v1.35"}

Then modified to match the existing manifests.

Changes detailed:

  • I left out the namespace per general best practices
  • I moved the nodeSelector and toleration for control-plane nodes to commented out optional values
  • I used a short name for the rbac. nrr wasn't guaranteed to be unique or descriptive, so I used the same type of logic that fullname does but chopped it even more.

This PR also adds two helm chart github actions that I have found very helpful in the past (both can be run as pre-commit and can commit back to the branch if we don't want to force local running of the tool)

  1. Helm-Schema-gen that generates values.schema.json
  2. Helm-docs which generates a readme.md that is nice and clean. We can also modify the template for if we desire by creating README.md.gotmpl

Diff below (generated via: helm template test . > helm-template.yaml && diff helm-template.yaml ../../dist/install.yaml > template.diff)

0a1,8
> apiVersion: v1
> kind: Namespace
> metadata:
>   labels:
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>     control-plane: controller-manager
>   name: nrr-system
2d9
< # Source: node-readiness-controller/templates/serviceaccount.yaml
6d12
<   name: test-node-readiness-controller
8,13c14,17
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
< automountServiceAccountToken: true
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-controller-manager
>   namespace: nrr-system
15d18
< # Source: node-readiness-controller/templates/rbac.yaml
17c20
< kind: ClusterRole
---
> kind: Role
20,25c23,63
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-manager-role
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-leader-election-role
>   namespace: nrr-system
> rules:
> - apiGroups:
>   - ""
>   resources:
>   - configmaps
>   verbs:
>   - get
>   - list
>   - watch
>   - create
>   - update
>   - patch
>   - delete
> - apiGroups:
>   - coordination.k8s.io
>   resources:
>   - leases
>   verbs:
>   - get
>   - list
>   - watch
>   - create
>   - update
>   - patch
>   - delete
> - apiGroups:
>   - ""
>   resources:
>   - events
>   verbs:
>   - create
>   - patch
> ---
> apiVersion: rbac.authorization.k8s.io/v1
> kind: ClusterRole
> metadata:
>   name: nrr-manager-role
79d116
< ...
81d117
< # Source: node-readiness-controller/templates/rbac.yaml
85,91c121
<   labels:
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-metrics-auth-role
---
>   name: nrr-metrics-auth-role
105d134
< ...
107d135
< # Source: node-readiness-controller/templates/rbac.yaml
111,117c139
<   labels:
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-metrics-reader
---
>   name: nrr-metrics-reader
124d145
< # Source: node-readiness-controller/templates/rbac.yaml
129,134c150,152
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-nodereadinessrule-admin-role
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-nodereadinessrule-admin-role
149d166
< # Source: node-readiness-controller/templates/rbac.yaml
154,159c171,173
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-nodereadinessrule-editor-role
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-nodereadinessrule-editor-role
180d193
< # Source: node-readiness-controller/templates/rbac.yaml
185,190c198,200
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-nodereadinessrule-viewer-role
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-nodereadinessrule-viewer-role
207d216
< # Source: node-readiness-controller/templates/rbac.yaml
209c218
< kind: ClusterRoleBinding
---
> kind: RoleBinding
212,217c221,224
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-manager-rolebinding
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-leader-election-rolebinding
>   namespace: nrr-system
220,221c227,228
<   kind: ClusterRole
<   name: test-node-readiness-controller-manager-role
---
>   kind: Role
>   name: nrr-leader-election-role
224,225c231,232
<   name: test-node-readiness-controller-controller-manager
<   namespace: test-node-readiness-controller-system
---
>   name: nrr-controller-manager
>   namespace: nrr-system
227d233
< # Source: node-readiness-controller/templates/rbac.yaml
232,237c238,240
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-metrics-auth-rolebinding
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>   name: nrr-manager-rolebinding
241c244
<   name: test-node-readiness-controller-metrics-auth-role
---
>   name: nrr-manager-role
244,245c247,248
<   name: test-node-readiness-controller-controller-manager
<   namespace: test-node-readiness-controller-system
---
>   name: nrr-controller-manager
>   namespace: nrr-system
247d249
< # Source: node-readiness-controller/templates/rbac.yaml
249,295c251
< kind: Role
< metadata:
<   labels:
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-leader-election-role
<   namespace: default
< rules:
< - apiGroups:
<   - ""
<   resources:
<   - configmaps
<   verbs:
<   - get
<   - list
<   - watch
<   - create
<   - update
<   - patch
<   - delete
< - apiGroups:
<   - coordination.k8s.io
<   resources:
<   - leases
<   verbs:
<   - get
<   - list
<   - watch
<   - create
<   - update
<   - patch
<   - delete
< - apiGroups:
<   - ""
<   resources:
<   - events
<   verbs:
<   - create
<   - patch
< ...
< ---
< # Source: node-readiness-controller/templates/rbac.yaml
< apiVersion: rbac.authorization.k8s.io/v1
< kind: RoleBinding
---
> kind: ClusterRoleBinding
297,304c253
<   labels:
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
<   name: test-node-readiness-controller-leader-election-rolebinding
<   namespace: test-node-readiness-controller-system
---
>   name: nrr-metrics-auth-rolebinding
307,308c256,257
<   kind: Role
<   name: test-node-readiness-controller-leader-election-role
---
>   kind: ClusterRole
>   name: nrr-metrics-auth-role
311,312c260,261
<   name: test-node-readiness-controller-controller-manager
<   namespace: test-node-readiness-controller-system
---
>   name: nrr-controller-manager
>   namespace: nrr-system
314d262
< # Source: node-readiness-controller/templates/deployment.yaml
318d265
<   name: test-node-readiness-controller
320,324c267,271
<     helm.sh/chart: node-readiness-controller-0.1.0
<     app.kubernetes.io/name: node-readiness-controller
<     app.kubernetes.io/instance: test
<     app.kubernetes.io/version: "1.16.0"
<     app.kubernetes.io/managed-by: Helm
---
>     app.kubernetes.io/managed-by: kustomize
>     app.kubernetes.io/name: nrrcontroller
>     control-plane: controller-manager
>   name: nrr-controller-manager
>   namespace: nrr-system
329,330c276,277
<       app.kubernetes.io/name: node-readiness-controller
<       app.kubernetes.io/instance: test
---
>       app.kubernetes.io/name: nrrcontroller
>       control-plane: controller-manager
332a280,281
>       annotations:
>         kubectl.kubernetes.io/default-container: manager
334,338c283,284
<         helm.sh/chart: node-readiness-controller-0.1.0
<         app.kubernetes.io/name: node-readiness-controller
<         app.kubernetes.io/instance: test
<         app.kubernetes.io/version: "1.16.0"
<         app.kubernetes.io/managed-by: Helm
---
>         app.kubernetes.io/name: nrrcontroller
>         control-plane: controller-manager
340c286,325
<       serviceAccountName: test-node-readiness-controller
---
>       containers:
>       - args:
>         - --leader-elect
>         - --health-probe-bind-address=:8081
>         - --enable-webhook=false
>         command:
>         - /manager
>         image: controller:latest
>         imagePullPolicy: IfNotPresent
>         livenessProbe:
>           httpGet:
>             path: /healthz
>             port: 8081
>           initialDelaySeconds: 15
>           periodSeconds: 20
>         name: manager
>         ports: []
>         readinessProbe:
>           httpGet:
>             path: /readyz
>             port: 8081
>           initialDelaySeconds: 5
>           periodSeconds: 10
>         resources:
>           limits:
>             cpu: 500m
>             memory: 128Mi
>           requests:
>             cpu: 10m
>             memory: 64Mi
>         securityContext:
>           allowPrivilegeEscalation: false
>           capabilities:
>             drop:
>             - ALL
>           readOnlyRootFilesystem: true
>         volumeMounts: []
>       nodeSelector:
>         node-role.kubernetes.io/control-plane: ""
>       priorityClassName: system-cluster-critical
345,375c330,335
<       containers:
<         - name: manager
<           securityContext:
<             allowPrivilegeEscalation: false
<             capabilities:
<               drop:
<               - ALL
<             readOnlyRootFilesystem: true
<           image: "controller:1.16.0"
<           imagePullPolicy: IfNotPresent
<           args:
<             - --leader-elect
<             - --health-probe-bind-address=:8081
<             - --enable-webhook=false
<           ports:
<             - name: http
<               containerPort: 8081
<               protocol: TCP
<           livenessProbe:
<             httpGet:
<               initialDelaySeconds: 15
<               path: /healthz
<               periodSeconds: 20
<               port: http
<           readinessProbe:
<             httpGet:
<               initialDelaySeconds: 5
<               path: /healthz
<               periodSeconds: 10
<               port: http
<       priorityClassName: system-cluster-critical
---
>       serviceAccountName: nrr-controller-manager
>       terminationGracePeriodSeconds: 10
>       tolerations:
>       - key: node-role.kubernetes.io/control-plane
>         operator: Exists
>       volumes: []

Related Issue

Fixes #26

Type of Change

/kind feature

Testing

Checklist

  • make test passes
  • make lint passes

Installed into a kind cluster for testing

Does this PR introduce a user-facing change?

Doc #37

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/feature Categorizes issue or PR as related to a new feature. labels Feb 11, 2026
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Feb 11, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: knechtionscoding
Once this PR has been reviewed and has the lgtm label, please assign ajaysundark for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@netlify
Copy link

netlify bot commented Feb 11, 2026
edited
Loading

Deploy Preview for node-readiness-controller canceled.

Name Link
🔨 Latest commit 1106dd8
🔍 Latest deploy log https://app.netlify.com/projects/node-readiness-controller/deploys/698ca524b6d24f0008001326

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Feb 11, 2026
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Feb 11, 2026

Hi @knechtionscoding. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Feb 11, 2026
@knechtionscoding knechtionscoding changed the title Feat/helm chart feat: provision helm chart Feb 11, 2026
@knechtionscoding knechtionscoding marked this pull request as ready for review February 11, 2026 15:50
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 11, 2026
@knechtionscoding
Copy link
Contributor Author

knechtionscoding commented Feb 11, 2026

Note: The image repo and tag will need to be updated afterwards, it currently only works with the locally pushed container

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@haircommander haircommander Awaiting requested review from haircommander

@mrunalp mrunalp Awaiting requested review from mrunalp

@ajaysundark ajaysundark Awaiting requested review from ajaysundark

Assignees

No one assigned

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Helm chart for Node-Readiness-Controller

2 participants

@knechtionscoding @k8s-ci-robot