Skip to content

fix: Adding support for generic env variables #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
legacyrj merged 1 commit into from
Jan 27, 2026
Merged

fix: Adding support for generic env variables #178

legacyrj merged 1 commit into from
Jan 27, 2026
+11 −1

Conversation

@legacyrj
Copy link
Collaborator

@legacyrj legacyrj commented Jan 23, 2026

fix: Adding support for generic env variables

JIra: https://jira.nutanix.com/browse/NCN-111820

Test:

VALUES.YAML:

cat /tmp/test-extraenv.yaml
extraEnv:
  - name: KUBERNETES_SERVICE_HOST
    value: "10.10.10.10"
  - name: KUBERNETES_SERVICE_PORT
    value: "6443"

Template generation:

helm template test-release . -f /tmp/test-extraenv.yaml                              
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /Users/raj.surve/.raj_k9s/boot.kubeconfig
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /Users/raj.surve/.raj_k9s/boot.kubeconfig
---
# Source: nutanix-cloud-provider/templates/rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: cloud-controller-manager
  namespace: default
---
# Source: nutanix-cloud-provider/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: nutanix-creds
  namespace: default
stringData:
  credentials: |
    [
      {
        "type": "basic_auth", 
        "data": { 
          "prismCentral":{
            "username": "admin",
            "password": ""
          },
          "prismElements": null
        }
      }
    ]
---
# Source: nutanix-cloud-provider/templates/cm.yaml
kind: ConfigMap
apiVersion: v1
metadata:
  name: nutanix-config
  namespace: default
data:
  nutanix_config.json: |-
    {
      "prismCentral": {
        "address": "",
        "port": 9440,
        "insecure": false,
        "credentialRef": {
          "kind": "secret",
          "name": "nutanix-creds",
          "namespace": "default"
        },
        "additionalTrustBundle": {
          "kind": "ConfigMap",
          "name": "user-ca-bundle",
          "namespace": "default"
        }

      },
      "enableCustomLabeling": false,
      "topologyDiscovery": {
        "type": "Prism"
      }
    }
---
# Source: nutanix-cloud-provider/templates/cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: user-ca-bundle
  namespace: default
binaryData:
  ca.crt:
---
# Source: nutanix-cloud-provider/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  name: system:cloud-controller-manager
rules:
  - apiGroups:
      - ""
    resources:
      - secrets
      - configmaps
      - services
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - events
    verbs:
      - create
      - patch
      - update
  - apiGroups:
      - ""
    resources:
      - nodes
    verbs:
      - "*"
  - apiGroups:
      - ""
    resources:
      - nodes/status
    verbs:
      - patch
  - apiGroups:
      - ""
    resources:
      - serviceaccounts
    verbs:
      - create
  - apiGroups:
      - ""
    resources:
      - endpoints
    verbs:
      - create
      - get
      - list
      - watch
      - update
  - apiGroups:
      - coordination.k8s.io
    resources:
      - leases
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - patch
      - delete
---
# Source: nutanix-cloud-provider/templates/rbac.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: system:cloud-controller-manager
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:cloud-controller-manager
subjects:
  - kind: ServiceAccount
    name: cloud-controller-manager
    namespace: default
---
# Source: nutanix-cloud-provider/templates/cloud-provider-nutanix-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: nutanix-cloud-controller-manager
  name: nutanix-cloud-controller-manager
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: nutanix-cloud-controller-manager
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        k8s-app: nutanix-cloud-controller-manager
    spec:
      hostNetwork: true
      priorityClassName: system-cluster-critical
      nodeSelector:
        node-role.kubernetes.io/control-plane: ""
      serviceAccountName: cloud-controller-manager
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchLabels:
                k8s-app: nutanix-cloud-controller-manager
            topologyKey: kubernetes.io/hostname
      dnsPolicy: Default
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/master
          operator: Exists
        - effect: NoSchedule
          key: node-role.kubernetes.io/control-plane
          operator: Exists
        - effect: NoExecute
          key: node.kubernetes.io/unreachable
          operator: Exists
          tolerationSeconds: 120
        - effect: NoExecute
          key: node.kubernetes.io/not-ready
          operator: Exists
          tolerationSeconds: 120
        - effect: NoSchedule
          key: node.cloudprovider.kubernetes.io/uninitialized
          operator: Exists
        - effect: NoSchedule
          key: node.kubernetes.io/not-ready
          operator: Exists
      containers:
        - image: "ghcr.io/nutanix-cloud-native/cloud-provider-nutanix/controller:v0.6.0"
          imagePullPolicy: IfNotPresent
          name: nutanix-cloud-controller-manager
          env:
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: KUBERNETES_SERVICE_HOST
              value: 10.10.10.10
            - name: KUBERNETES_SERVICE_PORT
              value: "6443"
          args:
            - "--leader-elect=true"
            - "--cloud-config=/etc/cloud/nutanix_config.json"
            - "--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
          resources:
            requests:
              cpu: 100m
              memory: 50Mi
          volumeMounts:
            - mountPath: /etc/cloud
              name: nutanix-config-volume
              readOnly: true
      volumes:
        - name: nutanix-config-volume
          configMap:
            name: nutanix-config

tuxtof
tuxtof reviewed Jan 24, 2026
View reviewed changes
Copy link
Collaborator

@tuxtof tuxtof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

abhay-nutanix
abhay-nutanix approved these changes Jan 27, 2026
View reviewed changes
Copy link
Collaborator

@abhay-nutanix abhay-nutanix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@legacyrj legacyrj merged commit 37ccad6 into master Jan 27, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tuxtof tuxtof tuxtof left review comments

@thunderboltsid thunderboltsid thunderboltsid approved these changes

@abhay-nutanix abhay-nutanix abhay-nutanix approved these changes

+1 more reviewer

@dkoshkin dkoshkin dkoshkin approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@legacyrj @tuxtof @dkoshkin @thunderboltsid @abhay-nutanix