powerhome · fdpeiter · Sep 26, 2025 · Sep 22, 2025 · Sep 22, 2025 · Sep 22, 2025
@@ -54,7 +54,11 @@ The `pac-quota-controller` is a Kubernetes controller that extends Kubernetes wi
 10. **Cert-Manager:**
     - Cert-manager is used for webhook certificate management. The Helm chart includes options to install cert-manager or use an existing installation.
 
-11. **Instruction Maintenance:** After interactions where new project conventions, critical file paths, or development preferences are established or significantly clarified, I (GitHub Copilot) should be mindful of these changes. If these changes are persistent and generally applicable, I should suggest or, if requested, directly update this `copilot-instructions.md` file to ensure it remains current and accurately reflects the project's context. The user may also explicitly request updates to this file.
+12. **Feature Planning & Documentation:**
+    - For major features (such as the object count support for core/extended Kubernetes resources), maintain a detailed, step-by-step implementation plan in a Markdown file.
+    - Always follow and update this plan as the implementation progresses.
+    - Whenever the plan or project conventions evolve, update both the plan and this `copilot-instructions.md` to ensure alignment and accurate documentation.
+    - After finishing the implementation of the feature, cleanup the document from the docs folder.
 
 ## Workflow for Changes
 

@@ -1,19 +1,3 @@
-/*
-Copyright 2025.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
 package v1alpha1
 
 import (
@@ -26,11 +10,12 @@ type ResourceList corev1.ResourceList
 
 // ResourceQuotaStatus defines the enforced hard limits and observed use.
 type ResourceQuotaStatus struct {
-	// Hard is the set of enforced hard limits for each named resource.
+	// Hard is the set of enforced hard limits for each named resource (see ClusterResourceQuotaSpec for examples).
 	// +optional
 	Hard ResourceList `json:"hard,omitempty"`
 
 	// Used is the current observed total usage of the resource in the namespace.
+	// For object count quotas, this is the current count of each resource type (e.g., pods, services.loadbalancers, ingresses.nginx, etc.).
 	// +optional
 	Used ResourceList `json:"used,omitempty"`
 }
@@ -48,9 +33,13 @@ type ResourceQuotaStatusByNamespace struct {
 type ClusterResourceQuotaSpec struct {
 	// Hard is the set of desired hard limits for each named resource.
 	// For example:
-	// 'pods': '10'
-	// 'requests.cpu': '1'
-	// 'requests.memory': 1Gi
+	// 'pods': '10' (Pod count)
+	// 'services': '5' (Service count)
+	// 'services.loadbalancers': '2' (Service type=LoadBalancer count)
+	// 'ingresses': '3' (Ingress count)
+	// 'configmaps': '20' (ConfigMap count)
+	// ...and so on for all supported native and extended resource types.
+	// See documentation for the full list of supported resource keys.
 	// +optional
 	Hard ResourceList `json:"hard,omitempty"`
 

@@ -1,19 +1,3 @@
-/*
-Copyright 2025.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
 // Package v1alpha1 contains API Schema definitions for the quota v1alpha1 API group.
 package v1alpha1
 

@@ -1,21 +1,5 @@
 //go:build !ignore_autogenerated
 
-/*
-Copyright 2025.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
 package v1alpha1
 
 import (

@@ -2,8 +2,8 @@ apiVersion: v2
 name: pac-quota-controller
 description: A Helm chart for PAC Quota Controller - Managing cluster resource quotas across namespaces
 type: application
-version: 0.1.2
-appVersion: "0.1.2"
+version: 0.2.0
+appVersion: "0.2.0"
 maintainers:
   - name: PowerHome
     url: https://github.com/powerhome

@@ -1,6 +1,6 @@
 # pac-quota-controller
 
-![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.2](https://img.shields.io/badge/AppVersion-0.1.2-informational?style=flat-square)
+![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.0](https://img.shields.io/badge/AppVersion-0.2.0-informational?style=flat-square)
 
 A Helm chart for PAC Quota Controller - Managing cluster resource quotas across namespaces
 
@@ -18,12 +18,60 @@ This chart bootstraps a [PAC Quota Controller](https://github.com/powerhome/pac-
 
 The PAC Quota Controller extends Kubernetes with a ClusterResourceQuota custom resource that allows defining resource quotas that span multiple namespaces.
 
+### Object Count Quotas (Native & Extended Resources)
+
+You can specify object count quotas for native and extended Kubernetes resources using the `hard` field in the ClusterResourceQuota spec.
+
+#### Supported object count resources
+
+- `pods`                                 (Pod count)
+- `services`                             (Service count)
+- `services.loadbalancers`               (Service type=LoadBalancer count)
+- `services.nodeports`                   (Service type=NodePort count)
+- `configmaps`                           (ConfigMap count)
+- `secrets`                              (Secret count)
+- `persistentvolumeclaims`               (PVC count)
+- `replicationcontrollers`               (ReplicationController count)
+- `deployments.apps`                     (Deployment count)
+- `statefulsets.apps`                    (StatefulSet count)
+- `daemonsets.apps`                      (DaemonSet count)
+- `jobs.batch`                           (Job count)
+- `cronjobs.batch`                       (CronJob count)
+- `horizontalpodautoscalers.autoscaling` (HPA count)
+- `ingresses.networking.k8s.io`          (Ingress count)
+
+Subtype quotas (e.g., `services.loadbalancers`) cannot exceed the total for the parent resource (e.g., `services`).
+
+Custom CRDs are not supported for object count quotas.
+
+#### Example
+
+```yaml
+spec:
+  hard:
+    pods: "10"                                 # Pod count
+    services: "5"                              # Service count
+    services.loadbalancers: "2"                # Service type=LoadBalancer count
+    services.nodeports: "3"                    # Service type=NodePort count
+    configmaps: "20"                           # ConfigMap count
+    secrets: "15"                              # Secret count
+    persistentvolumeclaims: "8"                # PVC count
+    replicationcontrollers: "4"                # ReplicationController count
+    deployments.apps: "6"                      # Deployment count
+    statefulsets.apps: "2"                     # StatefulSet count
+    daemonsets.apps: "2"                       # DaemonSet count
+    jobs.batch: "5"                            # Job count
+    cronjobs.batch: "3"                        # CronJob count
+    horizontalpodautoscalers.autoscaling: "2"  # HPA count
+    ingresses.networking.k8s.io: "3"           # Ingress count
+```
+
 ### Container Images
 
 This chart can use container images from GitHub Container Registry:
 
 ```console
-ghcr.io/powerhome/pac-quota-controller:0.1.2
+ghcr.io/powerhome/pac-quota-controller:0.2.0
 ```
 
 You can configure which registry to use by modifying the `controllerManager.container.image.repository` value.

@@ -14,12 +14,61 @@
 helm install pac-quota-controller oci://ghcr.io/powerhome/pac-quota-controller --version <version> -n pac-quota-controller-system --create-namespace
 ```
 
+
 ## Introduction
 
 This chart bootstraps a [PAC Quota Controller](https://github.com/powerhome/pac-quota-controller) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 
 The PAC Quota Controller extends Kubernetes with a ClusterResourceQuota custom resource that allows defining resource quotas that span multiple namespaces.
 
+### Object Count Quotas (Native & Extended Resources)
+
+You can specify object count quotas for native and extended Kubernetes resources using the `hard` field in the ClusterResourceQuota spec.
+
+#### Supported object count resources
+
+- `pods`                                 (Pod count)
+- `services`                             (Service count)
+- `services.loadbalancers`               (Service type=LoadBalancer count)
+- `services.nodeports`                   (Service type=NodePort count)
+- `configmaps`                           (ConfigMap count)
+- `secrets`                              (Secret count)
+- `persistentvolumeclaims`               (PVC count)
+- `replicationcontrollers`               (ReplicationController count)
+- `deployments.apps`                     (Deployment count)
+- `statefulsets.apps`                    (StatefulSet count)
+- `daemonsets.apps`                      (DaemonSet count)
+- `jobs.batch`                           (Job count)
+- `cronjobs.batch`                       (CronJob count)
+- `horizontalpodautoscalers.autoscaling` (HPA count)
+- `ingresses.networking.k8s.io`          (Ingress count)
+
+Subtype quotas (e.g., `services.loadbalancers`) cannot exceed the total for the parent resource (e.g., `services`).
+
+Custom CRDs are not supported for object count quotas.
+
+#### Example
+
+```yaml
+spec:
+  hard:
+    pods: "10"                                 # Pod count
+    services: "5"                              # Service count
+    services.loadbalancers: "2"                # Service type=LoadBalancer count
+    services.nodeports: "3"                    # Service type=NodePort count
+    configmaps: "20"                           # ConfigMap count
+    secrets: "15"                              # Secret count
+    persistentvolumeclaims: "8"                # PVC count
+    replicationcontrollers: "4"                # ReplicationController count
+    deployments.apps: "6"                      # Deployment count
+    statefulsets.apps: "2"                     # StatefulSet count
+    daemonsets.apps: "2"                       # DaemonSet count
+    jobs.batch: "5"                            # Job count
+    cronjobs.batch: "3"                        # CronJob count
+    horizontalpodautoscalers.autoscaling: "2"  # HPA count
+    ingresses.networking.k8s.io: "3"           # Ingress count
+```
+
 ### Container Images
 
 This chart can use container images from GitHub Container Registry:

@@ -28,6 +28,25 @@ spec:
           ClusterResourceQuota is the Schema for the clusterresourcequotas API.
           It extends the standard Kubernetes ResourceQuota by allowing it to be applied across multiple
           namespaces that match a label selector.
+
+          Supported object count resources (for use in the 'hard' and 'used' fields):
+            - pods
+            - services
+            - services.loadbalancers
+            - services.nodeports
+            - configmaps
+            - secrets
+            - persistentvolumeclaims
+            - replicationcontrollers
+            - deployments.apps
+            - statefulsets.apps
+            - daemonsets.apps
+            - jobs.batch
+            - cronjobs.batch
+            - horizontalpodautoscalers.autoscaling
+            - ingresses.networking.k8s.io
+
+          You may specify quotas for any of these resources. See the Helm chart documentation for details and examples.
         properties:
           apiVersion:
             description: |-
@@ -59,9 +78,23 @@ spec:
                 description: |-
                   Hard is the set of desired hard limits for each named resource.
                   For example:
-                  'pods': '10'
-                  'requests.cpu': '1'
-                  'requests.memory': 1Gi
+                  'pods': '10' (Pod count)
+                  'services': '5' (Service count)
+                  'services.loadbalancers': '2' (Service type=LoadBalancer count)
+                  'services.nodeports': '3' (Service type=NodePort count)
+                  'configmaps': '20' (ConfigMap count)
+                  'secrets': '15' (Secret count)
+                  'persistentvolumeclaims': '8' (PVC count)
+                  'replicationcontrollers': '4' (ReplicationController count)
+                  'deployments.apps': '6' (Deployment count)
+                  'statefulsets.apps': '2' (StatefulSet count)
+                  'daemonsets.apps': '2' (DaemonSet count)
+                  'jobs.batch': '5' (Job count)
+                  'cronjobs.batch': '3' (CronJob count)
+                  'horizontalpodautoscalers.autoscaling': '2' (HPA count)
+                  'ingresses.networking.k8s.io': '3' (Ingress count)
+
+                  ...and so on for all supported native and extended resource types.
                 type: object
               namespaceSelector:
                 description: |-

@@ -16,6 +16,42 @@ rules:
   - pods
   - secrets
   - services
+  - replicationcontrollers
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - statefulsets
+  - daemonsets
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  - cronjobs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - autoscaling
+  resources:
+  - horizontalpodautoscalers
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - ingresses
   verbs:
   - get
   - list