Skip to content

fix: fix helm-docs and do various helm improvements#615

Merged
talos-bot merged 1 commit into
siderolabs:mainfrom
utkuozdemir:fix/helm-improvements
Jan 30, 2026
Merged

fix: fix helm-docs and do various helm improvements#615
talos-bot merged 1 commit into
siderolabs:mainfrom
utkuozdemir:fix/helm-improvements

Conversation

@utkuozdemir

@utkuozdemir utkuozdemir commented Jan 30, 2026

Copy link
Copy Markdown
Member
  • Add valuesFiles option to HelmTemplate config for passing additional values files to helm template command
  • Remove redundant -f values.yaml flag from helm template (chart's default values.yaml is used automatically)
  • Remove --template-files flag with typo from helm-docs (default README.md.gotmpl is correct)
  • Add buildx setup step to helm workflow to fix CI hang (was missing remote buildkit driver)
  • Extract SetupBuildxStep() to avoid code duplication
  • Add test helm chart to validate helm CI flow
  • Fix the workdir of helm-docs

Signed-off-by: Utku Ozdemir utku.ozdemir@siderolabs.com

@utkuozdemir utkuozdemir self-assigned this Jan 30, 2026
@utkuozdemir utkuozdemir force-pushed the fix/helm-improvements branch 4 times, most recently from 7e95617 to 7a1c6e2 Compare January 30, 2026 10:49
@utkuozdemir utkuozdemir requested a review from Copilot January 30, 2026 10:50
@utkuozdemir utkuozdemir marked this pull request as ready for review January 30, 2026 10:50
@talos-bot talos-bot moved this to In Review in Planning Jan 30, 2026
@utkuozdemir utkuozdemir changed the title feat: add valuesFiles support for helm template and cleanup flags fix: fix helm-docs and do various helm improvements Jan 30, 2026
@utkuozdemir utkuozdemir force-pushed the fix/helm-improvements branch from 7a1c6e2 to e27c601 Compare January 30, 2026 10:51

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for specifying additional values files for Helm chart templating and cleans up redundant flags in the Helm build pipeline. It also introduces a test Helm chart to validate the CI flow for Helm charts.

Changes:

  • Added valuesFiles option to HelmTemplate configuration for passing additional values files to helm template command
  • Removed redundant -f values.yaml flag from helm template (Helm automatically uses the chart's default values.yaml)
  • Removed --template-files flag with typo from helm-docs command (default behavior is correct)
  • Refactored SetupBuildxStep into a reusable function
  • Optimized helm-toolchain Docker stage to use TOOLCHAIN directly instead of base stage
  • Added a complete test Helm chart in test/test-helm-chart with templates, values, schema, and documentation

Reviewed changes

Copilot reviewed 18 out of 18 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
internal/project/auto/config.go Added ValuesFiles field to HelmTemplate struct
internal/project/auto/helm.go Implemented processing of valuesFiles to generate helm template flags
internal/project/helm/build.go Removed redundant -f values.yaml flag, removed --template-files flag, optimized helm-toolchain stage
internal/output/ghworkflow/gh_workflow.go Extracted SetupBuildxStep into reusable function
.kres.yaml Added Helm configuration with valuesFiles pointing to ci-values.yaml
test/test-helm-chart/* Added complete test Helm chart with Chart.yaml, values, templates, schema, and documentation
.github/workflows/helm.yaml Generated workflow for Helm chart CI with lint, template, test, and release steps
Makefile Added helm-related targets and updated all target to include helm
Dockerfile Generated helm-toolchain and helm-docs-run stages
.dockerignore Added test/test-helm-chart to allowed paths

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread Makefile
Comment on lines +278 to +279
-helm plugin install https://github.com/helm-unittest/helm-unittest.git --verify=false --version=v1.0.3
-helm plugin install https://github.com/losisin/helm-values-schema-json.git --verify=false --version=v2.3.1

Copilot AI Jan 30, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The helm plugin install commands here download and execute third-party Helm plugins directly from GitHub using a mutable tag and --verify=false, which creates a supply chain risk if the upstream repositories or tags are compromised. An attacker controlling https://github.com/helm-unittest/helm-unittest.git or https://github.com/losisin/helm-values-schema-json.git at the specified versions could execute arbitrary code in your CI or developer environment (with access to kubeconfig, registry credentials, etc.). To reduce this risk, pin these plugins to immutable identifiers (e.g., specific commit SHAs or verified release artifacts) and enable integrity verification or vendor them into a trusted location instead of installing from a mutable remote Git repo.

Copilot uses AI. Check for mistakes.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for your opinion

@github-project-automation github-project-automation Bot moved this from In Review to Approved in Planning Jan 30, 2026
Comment thread Makefile Outdated
- Add valuesFiles option to HelmTemplate config for passing additional values files to helm template command
- Remove redundant -f values.yaml flag from helm template (chart's default values.yaml is used automatically)
- Remove --template-files flag with typo from helm-docs (default README.md.gotmpl is correct)
- Add buildx setup step to helm workflow to fix CI hang (was missing remote buildkit driver)
- Extract SetupBuildxStep() to avoid code duplication
- Add test helm chart to validate helm CI flow
- Fix the workdir of helm-docs

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
@utkuozdemir utkuozdemir force-pushed the fix/helm-improvements branch from e27c601 to dc032d7 Compare January 30, 2026 11:14
@utkuozdemir

Copy link
Copy Markdown
Member Author

/m

@talos-bot talos-bot merged commit dc032d7 into siderolabs:main Jan 30, 2026
16 checks passed
@github-project-automation github-project-automation Bot moved this from Approved to Done in Planning Jan 30, 2026
@utkuozdemir utkuozdemir deleted the fix/helm-improvements branch January 30, 2026 11:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

6 participants