Add comprehensive documentation for operator enablement features

Documentation for all four operator/controller features:

**Usage Guides (new section: Operators & Controllers):**
- Finalizers: Complete guide with operator patterns, best practices, cleanup
  examples, resource dependency management, and timeout protection
- Owner References: Parent-child relationships, controller ownership, garbage
  collection, multi-level ownership, reconciliation loops
- Status Updates: Status subresource operations, controller patterns, condition
  management, conflict handling, progressive updates

**Resource Documentation:**
- Lease: Leader election patterns, distributed locking, HA controllers,
  complete LeaderElection class example with acquire/renew logic

**Sidebar Updates:**
- Added "Operators & Controllers" section under Usage guide
- Added Lease to Cluster Resources section

All documentation includes:
- Comprehensive code examples with real-world use cases
- Best practices and common pitfalls
- Operator pattern implementations
- Attribution footer for fork

Documentation verified to build successfully with VitePress.

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>

Author: cuppett

docs/.vitepress/config.mjs

@@ -55,6 +55,14 @@ export default defineConfig({
             { text: 'Scaling', link: '/guide/usage/scaling' },
             { text: 'Custom Resources (CRDs)', link: '/guide/usage/custom-resources' }
           ]
+        },
+        {
+          text: 'Operators & Controllers',
+          items: [
+            { text: 'Finalizers', link: '/guide/usage/finalizers' },
+            { text: 'Owner References', link: '/guide/usage/owner-references' },
+            { text: 'Status Updates', link: '/guide/usage/status-updates' }
+          ]
         }
       ],
 
@@ -70,7 +78,8 @@ export default defineConfig({
           items: [
             { text: 'Namespace', link: '/resources/cluster/namespace' },
             { text: 'Node', link: '/resources/cluster/node' },
-            { text: 'Event', link: '/resources/cluster/event' }
+            { text: 'Event', link: '/resources/cluster/event' },
+            { text: 'Lease', link: '/resources/cluster/lease' }
           ]
         },
         {

docs/guide/usage/finalizers.md

@@ -0,0 +1,222 @@
+# Finalizers
+
+Finalizers allow resources to perform cleanup operations before deletion. They're essential for building Kubernetes operators and controllers that manage dependent resources.
+
+## What are Finalizers?
+
+Finalizers are strings in `metadata.finalizers` that prevent a resource from being fully deleted until all finalizers are removed. When a resource with finalizers is deleted:
+
+1. Kubernetes sets `metadata.deletionTimestamp`
+2. The resource enters "Terminating" state
+3. Controllers remove their finalizers after cleanup
+4. Once all finalizers are removed, the resource is deleted
+
+## Managing Finalizers
+
+### Get Finalizers
+
+```php
+$configMap = $cluster->getConfigMapByName('my-config', 'default');
+
+$finalizers = $configMap->getFinalizers();
+// Returns: ['example.com/cleanup', 'example.com/backup']
+```
+
+### Set Finalizers
+
+```php
+$configMap->setFinalizers([
+    'example.com/cleanup',
+    'example.com/backup',
+]);
+```
+
+### Add a Finalizer
+
+The `addFinalizer()` method is idempotent - adding the same finalizer twice has no effect:
+
+```php
+$configMap->addFinalizer('example.com/cleanup');
+
+// Safe to call multiple times
+$configMap->addFinalizer('example.com/cleanup');
+```
+
+### Remove a Finalizer
+
+```php
+$configMap->removeFinalizer('example.com/cleanup');
+```
+
+### Check for a Finalizer
+
+```php
+if ($configMap->hasFinalizer('example.com/cleanup')) {
+    echo "Cleanup finalizer is present";
+}
+```
+
+## Operator Pattern Example
+
+Here's a complete example of using finalizers in an operator:
+
+```php
+use RenokiCo\PhpK8s\KubernetesCluster;
+
+$cluster = new KubernetesCluster('http://127.0.0.1:8080');
+$finalizerName = 'example.com/database-backup';
+
+// When creating a resource
+$configMap = $cluster->configMap()
+    ->setName('database-config')
+    ->setNamespace('production')
+    ->setData(['connection' => 'postgresql://...'])
+    ->addFinalizer($finalizerName)
+    ->create();
+
+// Later, in your reconciliation loop...
+$configMap = $cluster->getConfigMapByName('database-config', 'production');
+
+if ($configMap->getAttribute('metadata.deletionTimestamp')) {
+    // Resource is being deleted
+    echo "Performing cleanup before deletion...\n";
+
+    // Do your cleanup (backup database, etc.)
+    performDatabaseBackup($configMap);
+
+    // Remove finalizer to allow deletion
+    // IMPORTANT: Use jsonMergePatch, not update(), on resources being deleted
+    $configMap->jsonMergePatch([
+        'metadata' => [
+            'finalizers' => array_values(
+                array_filter(
+                    $configMap->getFinalizers(),
+                    fn($f) => $f !== $finalizerName
+                )
+            ),
+        ],
+    ]);
+
+    echo "Cleanup complete, resource will be deleted\n";
+} else {
+    // Normal reconciliation
+    echo "Resource is active\n";
+}
+```
+
+## Best Practices
+
+### Finalizer Naming
+
+Use domain-prefixed names to avoid conflicts:
+
+```php
+// Good
+$pod->addFinalizer('mycompany.com/cleanup');
+$pod->addFinalizer('myoperator.io/backup');
+
+// Avoid
+$pod->addFinalizer('cleanup');  // Too generic
+```
+
+### Removing Finalizers During Deletion
+
+When a resource is being deleted (has `deletionTimestamp`), you **cannot** use `update()`. Use `jsonMergePatch()` instead:
+
+```php
+// ❌ WRONG - will fail with 400 Bad Request
+$resource->removeFinalizer('my-finalizer')->update();
+
+// ✅ CORRECT - use patch operations
+$resource->jsonMergePatch([
+    'metadata' => [
+        'finalizers' => [],  // Or array without your finalizer
+    ],
+]);
+```
+
+### Idempotent Cleanup
+
+Make your cleanup operations idempotent - they should be safe to run multiple times:
+
+```php
+function performCleanup($resource) {
+    $backupId = $resource->getLabel('backup-id');
+
+    if ($backupId && backupExists($backupId)) {
+        deleteBackup($backupId);
+    }
+
+    // Safe to call even if backup doesn't exist
+}
+```
+
+### Timeout Protection
+
+Add timeouts to prevent stuck resources:
+
+```php
+$deletionTime = strtotime($configMap->getAttribute('metadata.deletionTimestamp'));
+$gracePeriod = 300; // 5 minutes
+
+if (time() - $deletionTime > $gracePeriod) {
+    // Force remove finalizer after grace period
+    $configMap->jsonMergePatch([
+        'metadata' => ['finalizers' => []],
+    ]);
+}
+```
+
+## Common Use Cases
+
+### Resource Dependency Management
+
+```php
+// Parent resource manages child lifecycle
+$parent = $cluster->configMap()
+    ->setName('parent-config')
+    ->addFinalizer('example.com/delete-children')
+    ->create();
+
+// On deletion, clean up children
+if ($parent->getAttribute('metadata.deletionTimestamp')) {
+    $children = $cluster->getAllConfigMaps()->filter(function ($cm) use ($parent) {
+        return $cm->getLabel('parent') === $parent->getName();
+    });
+
+    foreach ($children as $child) {
+        $child->delete();
+    }
+
+    $parent->removeFinalizer('example.com/delete-children');
+    $parent->jsonMergePatch([
+        'metadata' => ['finalizers' => $parent->getFinalizers()],
+    ]);
+}
+```
+
+### External Resource Cleanup
+
+```php
+// Clean up external resources (S3 buckets, databases, etc.)
+$backup = $cluster->configMap()
+    ->setName('backup-config')
+    ->addFinalizer('example.com/s3-cleanup')
+    ->create();
+
+if ($backup->getAttribute('metadata.deletionTimestamp')) {
+    $bucketName = $backup->getData('s3-bucket');
+
+    // Delete S3 bucket
+    $s3Client->deleteBucket(['Bucket' => $bucketName]);
+
+    // Remove finalizer
+    $backup->jsonMergePatch([
+        'metadata' => ['finalizers' => []],
+    ]);
+}
+```
+
+---
+
+*Documentation for cuppett/php-k8s fork*