Skip to content

Update default Helm version to 4.2.0 in CI/CD workflows #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
omarghatasheh merged 2 commits into from
Jun 10, 2026
Merged

Update default Helm version to 4.2.0 in CI/CD workflows #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a3f8a75
chore: update default helm-version to 4.2.0 in CI/CD workflows
MusaMisto Jun 10, 2026
67f9e29
chore: update Helm CLI version to v4.2.0 in workflows and documentation
MusaMisto Jun 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/helm-generic/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@ runs:
- name: Install Helm
uses: azure/setup-helm@v5
with:
version: v3.21.0
version: v4.2.0

- name: Install kubectl
uses: azure/setup-kubectl@v5
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ci-helm.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ jobs:
- name: Install Helm
uses: azure/setup-helm@v5
with:
version: v3.21.0
version: v4.2.0

- name: Helm upgrade / install
shell: bash
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/generic-gateway-chart-cicd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:
helm-version:
description: Helm version to use for lint/template/package
required: false
default: "3.2.4"
default: "4.2.0"
type: string
Comment on lines +19 to 20

@coderabbitai coderabbitai Bot Jun 10, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Read-only verification: find Helm version usage/docs drift in repo
rg -n -C2 'helm-version:\s*' .github/workflows .github/actions README.md

Repository: simplify9/.github

Length of output: 2720

🌐 Web query:

Is Helm CLI version 4.2.0 officially released and what are the documented breaking changes vs Helm 3 that impact helm lint, helm template, or helm package?

💡 Result:

Yes, Helm CLI version 4.2.0 is officially released [1][2]. It was published on May 14, 2026 [1][3]. Helm 4 introduces several architectural and breaking changes compared to Helm 3. While many workflows remain compatible, specific changes impact how you use commands like helm lint, helm template, and helm package [4][5]. Key breaking changes and impacts include: 1. Linting (helm lint) - The lint package has been refactored [6]. Specifically, it was moved to be part of each chart version to improve validation, including enhanced support for CRD directories [6][7][8]. - The linting process now returns early if the templates/ directory does not exist [6]. - Legacy Helm v2 template lint rules have been removed [6]. 2. Templating (helm template) - Post-renderers, which are used during rendering, are now implemented as plugins [5][8]. Consequently, you can no longer pass an executable directly to the post-renderer flag; you must use a configured plugin name instead [5]. - Several flags (e.g., --hide-notes and --render-subchart-notes) are deprecated and have no effect, as template output no longer includes notes by default [5]. - New template functions such as mustToYaml and mustToJson have been added [6][7][9]. 3. Packaging (helm package) - The internal package structure has been moved to versioned packages (e.g., pkg/chart/v2) to support future chart API versions [5][7][8]. - Plugin packaging, signing, and verification processes were overhauled, including the removal of unnecessary file I/O operations [6][8]. General breaking changes also include: - Removal of the HELM_EXPERIMENTAL_OCI environment variable; OCI registry support is now enabled by default [10]. - Flag renaming for certain commands (e.g., --atomic changed to --rollback-on-failure and --force to --force-replace) [7]. - Plugin system overhaul based on WebAssembly (WASM), which may require existing plugins to be updated for compatibility [7][10]. - If you use Helm as a Go library, the module path has changed from helm.sh/helm/v3 to helm.sh/helm/v4 [10][8]. For detailed migration steps and a full list of changes, refer to the official Helm release notes and documentation [11][4][5].

Citations:

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Show the claimed default areas in the workflow
echo "== generic-gateway-chart-cicd.yml (around line 19) =="
sed -n '1,120p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== generic-gateway-chart-cicd.yml (around line 70-110) =="
sed -n '70,120p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== helm-package-push/action.yml (around helm-version handling + setup-helm) =="
sed -n '1,140p' .github/actions/helm-package-push/action.yml | cat -n

echo
echo "== helm-deploy/action.yml (helm-version handling, if relevant) =="
sed -n '1,140p' .github/actions/helm-deploy/action.yml | cat -n

Repository: simplify9/.github

Length of output: 18565

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== generic-gateway-chart-cicd.yml: where inputs.helm-version is forwarded =="
rg -n "helm-version|inputs\.helm-version" .github/workflows/generic-gateway-chart-cicd.yml

echo
echo "== README.md: Helm version mentions =="
rg -n "Helm|helm-version|v3\.|Helm 3|Helm 4" README.md .github/workflows .github/actions || true

Repository: simplify9/.github

Length of output: 23860

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== generic-gateway-chart-cicd.yml: around first Set up Helm + Helm lint =="
sed -n '160,240p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== generic-gateway-chart-cicd.yml: around packaging/push Helm setup (second Set up Helm) =="
sed -n '280,360p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== generic-gateway-chart-cicd.yml: find helm commands/flags =="
rg -n "helm (lint|template|package)|--post-renderer|post-renderer|hide-notes|render-subchart-notes|apiVersion|HELM_EXPERIMENTAL_OCI" .github/workflows/generic-gateway-chart-cicd.yml

Repository: simplify9/.github

Length of output: 8463

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== generic-gateway-chart-cicd.yml: around first Set up Helm + Helm lint =="
sed -n '160,240p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== generic-gateway-chart-cicd.yml: around packaging/push Helm setup (second Set up Helm) =="
sed -n '280,360p' .github/workflows/generic-gateway-chart-cicd.yml | cat -n

echo
echo "== generic-gateway-chart-cicd.yml: find helm commands/flags =="
rg -n "helm (lint|template|package)|--post-renderer|post-renderer|hide-notes|render-subchart-notes|apiVersion|HELM_EXPERIMENTAL_OCI" .github/workflows/generic-gateway-chart-cicd.yml

Repository: simplify9/.github

Length of output: 8463

🏁 Script executed:

#!/bin/bash
# Read-only: find Helm version usage/docs drift and where generic-gateway-chart-cicd uses inputs.helm-version
rg -n -C2 'helm-version:\s*|version:\s*\$\{\{\s*inputs\.helm-version\s*\}\}|helm (lint|template|package)\b' .github/workflows .github/actions README.md

Repository: simplify9/.github

Length of output: 9996

🏁 Script executed:

#!/bin/bash
set -euo pipefail
rg -n "helm-package-push|helm-deploy|helm-generic|actions/helm-" .github/workflows/generic-gateway-chart-cicd.yml

Repository: simplify9/.github

Length of output: 43

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Search for composite action usage in generic-gateway-chart-cicd.yml =="
rg -n "uses:\s*\.github/actions/|uses:\s*.*helm-" .github/workflows/generic-gateway-chart-cicd.yml

echo
echo "== Search for 'helm package' / 'helm template' blocks =="
rg -n "helm (lint|template|package)\b" .github/workflows/generic-gateway-chart-cicd.yml -n

echo
echo "== Show exact 'Set up Helm' steps wiring inputs.helm-version =="
rg -n "Set up Helm|azure/setup-helm@v5|version:\s*\$\{\{\s*inputs\.helm-version\s*\}\}" .github/workflows/generic-gateway-chart-cicd.yml -n

echo
echo "== Confirm whether generic-gateway-chart-cicd.yml calls helm-package-push action =="
rg -n "helm-package-push" .github/workflows/generic-gateway-chart-cicd.yml || true

Repository: simplify9/.github

Length of output: 135

🏁 Script executed:

#!/bin/bash
# Read-only: find Helm version usage/docs drift and where this workflow uses inputs.helm-version
rg -n -C2 'helm-version:\s*"4\.2\.0"|azure/setup-helm@v5|helm (lint|template|package)\b' .github/workflows/generic-gateway-chart-cicd.yml .github/workflows/sw-cicd.yml README.md

Repository: simplify9/.github

Length of output: 5020

🏁 Script executed:

#!/bin/bash
set -euo pipefail
rg -n 'default:\s*"4\.2\.0"|azure/setup-helm@v5|helm (lint|template|package)\b' .github/workflows/generic-gateway-chart-cicd.yml
rg -n "helm-version:\s*'3\.2\.4'|v3\.21\.0" .github/workflows/sw-cicd.yml README.md

Repository: simplify9/.github

Length of output: 1079

Verify Helm 4.2.0 compatibility before defaulting helm-version in generic-gateway-chart-cicd

File: .github/workflows/generic-gateway-chart-cicd.yml (Lines 19-20, also 85-86)

default: "4.2.0"
type: string

The workflow now defaults helm-version to 4.2.0 (for both workflow_call and workflow_dispatch), installs it via azure/setup-helm@v5, and uses it for helm lint, helm template, and helm package. The repo still documents/pins Helm 3 expectations (.github/workflows/sw-cicd.yml uses helm-version: '3.2.4', and README.md lists helm-version as v3.21.0), so Helm 4’s breaking behavioral changes could affect lint/template/package outputs across callers.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/generic-gateway-chart-cicd.yml around lines 19 - 20, The
workflow sets helm-version default to "4.2.0" (used by azure/setup-helm@v5)
which may be incompatible with existing Helm v3 expectations; change the default
for helm-version in the generic-gateway-chart-cicd workflow to the repo's agreed
Helm 3 pin (e.g., match 'helm-version' used in sw-cicd.yml or README, such as
'3.21.0' or '3.2.4'), or remove the hard default and require callers to pass a
version, and add a short comment near the helm-version declaration describing
the supported Helm major version to prevent accidental upgrades; ensure
azure/setup-helm@v5 usage stays compatible with the chosen helm-version.

version-prefix:
description: Version prefix in major.minor format
Expand Down Expand Up @@ -82,7 +82,7 @@ on:
helm-version:
description: Helm version to use for lint/template/package
required: false
default: "3.2.4"
default: "4.2.0"
type: string
version-prefix:
description: Version prefix in major.minor format
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/helm-deploy-values.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ on:
helm-version:
type: string
required: false
default: v3.21.0
default: v4.2.0

kubectl-version:
type: string
Expand Down
2 changes: 1 addition & 1 deletion AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ Composite actions are the smallest units of work. Reusable workflows orchestrate
| `gradle/actions/setup-gradle` | `@v4` | Do NOT use `gradle/gradle-build-action` (archived). Do NOT upgrade to v5/v6: v5 requires runner ≥ 2.327.1; v6 has commercial caching license terms |

**Pinned CLI binary versions (defaults in action inputs):**
- Helm CLI: `v3.21.0`
- Helm CLI: `v4.2.0`
- kubectl CLI: `v1.33.0`

---
Expand Down
6 changes: 3 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -529,7 +529,7 @@ Deploys a Helm chart using a **values file** from the calling repository. Useful
| `global-environment` | | `''` | Value for `global.environment` |
| `ingress-host` | | `''` | Ingress hostname |
| `ingress-tls-secret` | | `''` | TLS secret name |
| `helm-version` | | `v3.21.0` | Helm CLI version |
| `helm-version` | | `v4.2.0` | Helm CLI version |
| `kubectl-version` | | `v1.33.0` | kubectl CLI version |

**Required secret:** `kubeconfig`
Expand Down Expand Up @@ -689,7 +689,7 @@ Full CI/CD pipeline for developing a **Helm chart**: lint → template render
| `chart-path` | | `chart` | Path to chart directory |
| `chartmuseum-url` | | `https://charts.sf9.io/api/charts` | ChartMuseum upload endpoint |
| `version-prefix` | | `1.0` | Semver `major.minor` prefix |
| `helm-version` | | `v3.21.0` | Helm CLI version |
| `helm-version` | | `v4.2.0` | Helm CLI version |
| `update-dependencies` | | `true` | Run `helm package --dependency-update` |

**Required secrets:** `registry-username`, `registry-password`
Expand Down Expand Up @@ -852,7 +852,7 @@ When a `build` job must pass a file to a `deploy` job:

| Tool | Pinned version |
|---|---|
| Helm CLI | `v3.21.0` |
| Helm CLI | `v4.2.0` |
| kubectl CLI | `v1.33.0` |
| `actions/checkout` | `@v6` |
| `actions/setup-node` | `@v6` |
Expand Down