@intentius/chant-lexicon-helm 0.0.22 → 0.1.0

package/src/lint/post-synth/post-synth.test.ts

@@ -18,6 +18,7 @@ import { whm406 } from "./whm406";
 import { whm407 } from "./whm407";
 import { whm501 } from "./whm501";
 import { whm502 } from "./whm502";
+import { whm005 } from "./whm005-no-empty-wrapper";
 
 function makeCtx(files: Record<string, string>): PostSynthContext {
   const result: SerializerResult = { primary: files["Chart.yaml"] ?? "", files };
@@ -36,6 +37,48 @@ function makeCtx(files: Record<string, string>): PostSynthContext {
   };
 }
 
+describe("WHM005: noEmptyWrapperChart", () => {
+  test("warns when chart has HelmDependency but no templates", () => {
+    const ctx = makeCtx({
+      "Chart.yaml": "apiVersion: v2\nname: test\nversion: 0.1.0\n",
+      "Chart.yaml.deps": "",
+      "templates/_helpers.tpl": "{{/* helpers */}}",
+    });
+    // Inject dependencies block
+    const files = {
+      "Chart.yaml": "apiVersion: v2\nname: test\nversion: 0.1.0\ndependencies:\n  - name: gitlab\n    version: 8.7.2\n    repository: https://charts.gitlab.io\n",
+      "templates/_helpers.tpl": "{{/* helpers */}}",
+    };
+    const ctx2 = makeCtx(files);
+    const diags = whm005.check(ctx2);
+    expect(diags).toHaveLength(1);
+    expect(diags[0].checkId).toBe("WHM005");
+    expect(diags[0].severity).toBe("warning");
+  });
+
+  test("passes when chart has dependencies and templates", () => {
+    const ctx = makeCtx({
+      "Chart.yaml": "apiVersion: v2\nname: test\nversion: 0.1.0\ndependencies:\n  - name: gitlab\n    version: 8.7.2\n    repository: https://charts.gitlab.io\n",
+      "templates/_helpers.tpl": "{{/* helpers */}}",
+      "templates/deployment.yaml": "apiVersion: apps/v1\nkind: Deployment\n",
+    });
+    expect(whm005.check(ctx)).toHaveLength(0);
+  });
+
+  test("passes when chart has no dependencies", () => {
+    const ctx = makeCtx({
+      "Chart.yaml": "apiVersion: v2\nname: test\nversion: 0.1.0\n",
+      "templates/deployment.yaml": "apiVersion: apps/v1\nkind: Deployment\n",
+    });
+    expect(whm005.check(ctx)).toHaveLength(0);
+  });
+
+  test("passes when no Chart.yaml present", () => {
+    const ctx = makeCtx({});
+    expect(whm005.check(ctx)).toHaveLength(0);
+  });
+});
+
 describe("WHM101: Chart.yaml validation", () => {
   test("passes with valid Chart.yaml", () => {
     const ctx = makeCtx({

package/src/lint/post-synth/whm005-no-empty-wrapper.ts

@@ -0,0 +1,54 @@
+/**
+ * WHM005: Chart Has Sub-chart Dependencies But Generates No Templates
+ *
+ * A chart with HelmDependency entries but no templates/*.yaml files generates
+ * an empty templates/ directory. Deploying it requires `helm dependency build`
+ * as a non-obvious prerequisite.
+ *
+ * If you only need value overrides for an upstream chart, deploy it directly:
+ *   helm upgrade upstream-chart -f values-override.yaml
+ * and use ValuesOverride to generate the override file.
+ */
+
+import type { PostSynthCheck, PostSynthContext, PostSynthDiagnostic } from "@intentius/chant/lint/post-synth";
+import { getChartFiles } from "./helm-helpers";
+
+export const whm005: PostSynthCheck = {
+  id: "WHM005",
+  description:
+    "Chart with sub-chart dependencies but no templates should deploy upstream chart directly",
+
+  check(ctx: PostSynthContext): PostSynthDiagnostic[] {
+    const diagnostics: PostSynthDiagnostic[] = [];
+
+    for (const [, output] of ctx.outputs) {
+      const files = getChartFiles(output);
+      const chartYaml = files["Chart.yaml"];
+      if (!chartYaml) continue;
+
+      // Check for non-empty dependencies block
+      const hasDependencies = /^dependencies:/m.test(chartYaml);
+      if (!hasDependencies) continue;
+
+      // Check for template files (excluding _helpers.tpl and NOTES.txt)
+      const hasTemplates = Object.keys(files).some((path) => {
+        if (!path.startsWith("templates/")) return false;
+        const filename = path.slice("templates/".length);
+        if (filename === "_helpers.tpl" || filename === "NOTES.txt") return false;
+        return filename.endsWith(".yaml") || filename.endsWith(".yml");
+      });
+
+      if (!hasTemplates) {
+        diagnostics.push({
+          checkId: "WHM005",
+          severity: "warning",
+          message:
+            "Chart has sub-chart dependencies but generates no templates. Deploying this chart requires 'helm dependency build' first. If you only need value overrides for an upstream chart, deploy it directly with 'helm upgrade upstream-chart -f values-override.yaml' and use ValuesOverride to generate the override file.",
+          lexicon: "helm",
+        });
+      }
+    }
+
+    return diagnostics;
+  },
+};

package/src/lint/rules/lint-rules.test.ts

@@ -4,6 +4,7 @@ import type { LintContext } from "@intentius/chant/lint/rule";
 import { chartMetadataRule } from "./chart-metadata";
 import { valuesNoSecretsRule } from "./values-no-secrets";
 import { noHardcodedImageRule } from "./no-hardcoded-image";
+import { valuesNoHelmTplRule } from "./values-no-helm-tpl";
 
 function makeContext(code: string): LintContext {
   const sourceFile = ts.createSourceFile("test.ts", code, ts.ScriptTarget.Latest, true);
@@ -70,6 +71,40 @@ describe("WHM002: valuesNoSecretsRule", () => {
   });
 });
 
+describe("WHM004: valuesNoHelmTplRule", () => {
+  test("warns when Values prop uses v.xxx", () => {
+    const ctx = makeContext(`new Values({ host: v.myHost });`);
+    const diags = valuesNoHelmTplRule.check(ctx);
+    expect(diags).toHaveLength(1);
+    expect(diags[0].ruleId).toBe("WHM004");
+  });
+
+  test("warns on nested v.xxx", () => {
+    const ctx = makeContext(`new Values({ global: { hosts: { domain: v.cellDomain } } });`);
+    expect(valuesNoHelmTplRule.check(ctx).length).toBeGreaterThan(0);
+  });
+
+  test("passes when Values props are static", () => {
+    const ctx = makeContext(`new Values({ host: "localhost" });`);
+    expect(valuesNoHelmTplRule.check(ctx)).toHaveLength(0);
+  });
+
+  test("passes for runtimeSlot() calls", () => {
+    const ctx = makeContext(`new Values({ host: runtimeSlot("Cloud SQL IP") });`);
+    expect(valuesNoHelmTplRule.check(ctx)).toHaveLength(0);
+  });
+
+  test("does not fire on non-Values constructors", () => {
+    const ctx = makeContext(`new Deployment({ image: v.image });`);
+    expect(valuesNoHelmTplRule.check(ctx)).toHaveLength(0);
+  });
+
+  test("warns on v.xxx pipe chain", () => {
+    const ctx = makeContext(`new Values({ host: v.myHost.pipe("quote") });`);
+    expect(valuesNoHelmTplRule.check(ctx)).toHaveLength(1);
+  });
+});
+
 describe("WHM003: noHardcodedImageRule", () => {
   test("warns on hardcoded image with tag", () => {
     const ctx = makeContext(`new Deployment({ spec: { containers: [{ image: "nginx:1.19" }] } });`);

package/src/lint/rules/values-no-helm-tpl.ts

@@ -0,0 +1,92 @@
+/**
+ * WHM004: HelmTpl Expression Has No Effect in Values Constructor
+ *
+ * Detects Values constructor props that use `v.xxx` (the `values` proxy)
+ * or any HelmTpl-like expression. values.yaml is static YAML — it is NOT
+ * processed as a Go template by Helm. These expressions silently become ''.
+ *
+ * Bad:  new Values({ host: v.pgHost })
+ * Good: new Values({ host: runtimeSlot("Cloud SQL private IP") })
+ */
+
+import type { LintRule, LintDiagnostic, LintContext } from "@intentius/chant/lint/rule";
+import * as ts from "typescript";
+
+export const valuesNoHelmTplRule: LintRule = {
+  id: "WHM004",
+  severity: "warning",
+  category: "correctness",
+  description:
+    "HelmTpl expression has no effect in values.yaml — use runtimeSlot() for deploy-time values",
+
+  check(context: LintContext): LintDiagnostic[] {
+    const { sourceFile } = context;
+    const diagnostics: LintDiagnostic[] = [];
+
+    function visit(node: ts.Node): void {
+      if (
+        ts.isNewExpression(node) &&
+        ts.isIdentifier(node.expression) &&
+        node.expression.text === "Values" &&
+        node.arguments &&
+        node.arguments.length > 0
+      ) {
+        const arg = node.arguments[0];
+        if (ts.isObjectLiteralExpression(arg)) {
+          checkObjectLiteral(arg, [], sourceFile, diagnostics);
+        }
+      }
+      ts.forEachChild(node, visit);
+    }
+
+    visit(sourceFile);
+    return diagnostics;
+  },
+};
+
+/**
+ * Get the root identifier name of a property access / call chain.
+ * v.foo → "v"; values.x.pipe("fn") → "values"; runtimeSlot() → "runtimeSlot"
+ */
+function getRootIdentifier(node: ts.Node): string | null {
+  if (ts.isIdentifier(node)) return node.text;
+  if (ts.isPropertyAccessExpression(node)) return getRootIdentifier(node.expression);
+  if (ts.isCallExpression(node)) return getRootIdentifier(node.expression);
+  return null;
+}
+
+function isHelmTplExpr(node: ts.Node): boolean {
+  const root = getRootIdentifier(node);
+  return root === "v" || root === "values";
+}
+
+function checkObjectLiteral(
+  obj: ts.ObjectLiteralExpression,
+  path: string[],
+  sourceFile: ts.SourceFile,
+  diagnostics: LintDiagnostic[],
+): void {
+  for (const prop of obj.properties) {
+    if (!ts.isPropertyAssignment(prop)) continue;
+
+    const keyName = ts.isIdentifier(prop.name) || ts.isStringLiteral(prop.name)
+      ? prop.name.text
+      : undefined;
+    const propPath = keyName ? [...path, keyName] : path;
+
+    if (isHelmTplExpr(prop.initializer)) {
+      const { line, character } = sourceFile.getLineAndCharacterOfPosition(prop.getStart());
+      const pathStr = propPath.join(".");
+      diagnostics.push({
+        file: sourceFile.fileName,
+        line: line + 1,
+        column: character + 1,
+        ruleId: "WHM004",
+        severity: "warning",
+        message: `HelmTpl expression has no effect in values.yaml (values.yaml is not a Go template). Use runtimeSlot() for deploy-time values or a static default.${pathStr ? ` (path: ${pathStr})` : ""}`,
+      });
+    } else if (ts.isObjectLiteralExpression(prop.initializer)) {
+      checkObjectLiteral(prop.initializer, propPath, sourceFile, diagnostics);
+    }
+  }
+}

package/src/plugin.test.ts

@@ -28,17 +28,19 @@ describe("helmPlugin", () => {
 
   test("provides lint rules", () => {
     const rules = helmPlugin.lintRules!();
-    expect(rules.length).toBe(3);
+    expect(rules.length).toBe(4);
     const ids = rules.map((r) => r.id);
     expect(ids).toContain("WHM001");
     expect(ids).toContain("WHM002");
     expect(ids).toContain("WHM003");
+    expect(ids).toContain("WHM004");
   });
 
   test("provides post-synth checks", () => {
     const checks = helmPlugin.postSynthChecks!();
-    expect(checks.length).toBe(20);
+    expect(checks.length).toBe(21);
     const ids = checks.map((c) => c.id);
+    expect(ids).toContain("WHM005");
     expect(ids).toContain("WHM101");
     expect(ids).toContain("WHM105");
     expect(ids).toContain("WHM301");
@@ -64,8 +66,8 @@ describe("helmPlugin", () => {
     expect(Array.isArray(skills)).toBe(true);
     expect(skills.length).toBeGreaterThanOrEqual(3);
     const names = skills.map((s) => s.name);
-    expect(names).toContain("chant-helm-create-chart");
-    expect(names).toContain("chant-helm-chart-patterns");
-    expect(names).toContain("chant-helm-chart-security-patterns");
+    expect(names).toContain("chant-helm");
+    expect(names).toContain("chant-helm-patterns");
+    expect(names).toContain("chant-helm-security");
   });
 });

package/src/plugin.ts

@@ -5,9 +5,9 @@
  * Helm-specific intrinsics, lint rules, and post-synth checks.
  */
 
-import type { LexiconPlugin, IntrinsicDef, InitTemplateSet, SkillDefinition } from "@intentius/chant/lexicon";
+import type { LexiconPlugin, IntrinsicDef, InitTemplateSet } from "@intentius/chant/lexicon";
 import { discoverLintRules, discoverPostSynthChecks } from "@intentius/chant/lint/discover";
-import { readFileSync, readdirSync } from "fs";
+import { createSkillsLoader, createDiffTool } from "@intentius/chant/lexicon-plugin-helpers";
 import { join, dirname } from "path";
 import { fileURLToPath } from "url";
 import { helmSerializer } from "./serializer";
@@ -65,29 +65,7 @@ export const helmPlugin: LexiconPlugin = {
   },
 
   mcpTools() {
-    return [
-      {
-        name: "diff",
-        description: "Compare current Helm chart build output against previous output",
-        inputSchema: {
-          type: "object" as const,
-          properties: {
-            path: {
-              type: "string",
-              description: "Path to the infrastructure project directory",
-            },
-          },
-        },
-        async handler(params: Record<string, unknown>): Promise<unknown> {
-          const { diffCommand } = await import("@intentius/chant/cli/commands/diff");
-          const result = await diffCommand({
-            path: (params.path as string) ?? ".",
-            serializers: [helmSerializer],
-          });
-          return result;
-        },
-      },
-    ];
+    return [createDiffTool(helmSerializer, "Compare current Helm chart build output against previous output")];
   },
 
   mcpResources() {
@@ -344,23 +322,11 @@ export const service = new Service({
     };
   },
 
-  skills(): SkillDefinition[] {
-    const skillsDir = join(dirname(fileURLToPath(import.meta.url)), "skills");
-    const skills: SkillDefinition[] = [];
-    try {
-      for (const file of readdirSync(skillsDir)) {
-        if (!file.endsWith(".md")) continue;
-        const content = readFileSync(join(skillsDir, file), "utf-8");
-        const name = file.replace(/\.md$/, "");
-        // Derive a readable description from the filename
-        const desc = name.replace(/-/g, " ").replace(/\b\w/g, (c) => c.toUpperCase());
-        skills.push({ name: `chant-helm-${name}`, description: desc, content });
-      }
-    } catch {
-      // No skills directory
-    }
-    return skills;
-  },
+  skills: createSkillsLoader(import.meta.url, [
+    { file: "chant-helm.md", name: "chant-helm", description: "Build, validate, and package Helm charts from a chant project" },
+    { file: "chant-helm-patterns.md", name: "chant-helm-patterns", description: "Common Helm chart patterns and best practices using chant" },
+    { file: "chant-helm-security.md", name: "chant-helm-security", description: "Security best practices for Helm charts built with chant" },
+  ]),
 
   async docs(options?: { verbose?: boolean }): Promise<void> {
     const { generateDocs } = await import("./codegen/docs");

package/src/resources.ts

@@ -67,6 +67,26 @@ export const HelmDependency = createProperty("Helm::Dependency", LEXICON);
  */
 export const HelmMaintainer = createProperty("Helm::Maintainer", LEXICON);
 
+/**
+ * Helm::ValuesOverride — Generate a named YAML override file.
+ *
+ * Emits a standalone YAML file inside the chart directory, intended to be
+ * passed as `helm upgrade -f chart-dir/values-base.yaml`. Use this for
+ * static configuration shared across all deployments (disabled bundled
+ * services, shared secret references, etc.).
+ *
+ * Props: { filename: string, values: Record<string, unknown> }
+ *
+ * ```ts
+ * new ValuesOverride({
+ *   filename: "values-base",
+ *   values: { postgresql: { install: false }, redis: { install: false } },
+ * })
+ * // → generates chart-dir/values-base.yaml
+ * ```
+ */
+export const ValuesOverride = createResource("Helm::ValuesOverride", LEXICON, {});
+
 // ── CRD ──────────────────────────────────────────────────
 
 /**
@@ -75,3 +95,32 @@ export const HelmMaintainer = createProperty("Helm::Maintainer", LEXICON);
  * Props: { content: string, filename?: string }
  */
 export const HelmCRD = createResource("Helm::CRD", LEXICON, {});
+
+// ── K8s resource types used by composites ────────────────
+// These are thin wrappers so composite members are Declarable.
+
+const K8S = "k8s";
+
+export const Deployment = createResource("K8s::Apps::Deployment", K8S, {});
+export const StatefulSet = createResource("K8s::Apps::StatefulSet", K8S, {});
+export const DaemonSet = createResource("K8s::Apps::DaemonSet", K8S, {});
+export const Service = createResource("K8s::Core::Service", K8S, {});
+export const ServiceAccount = createResource("K8s::Core::ServiceAccount", K8S, {});
+export const ConfigMap = createResource("K8s::Core::ConfigMap", K8S, {});
+export const Namespace = createResource("K8s::Core::Namespace", K8S, {});
+export const Job = createResource("K8s::Batch::Job", K8S, {});
+export const CronJob = createResource("K8s::Batch::CronJob", K8S, {});
+export const Ingress = createResource("K8s::Networking::Ingress", K8S, {});
+export const NetworkPolicy = createResource("K8s::Networking::NetworkPolicy", K8S, {});
+export const HPA = createResource("K8s::Autoscaling::HorizontalPodAutoscaler", K8S, {});
+export const PDB = createResource("K8s::Policy::PodDisruptionBudget", K8S, {});
+export const ResourceQuota = createResource("K8s::Core::ResourceQuota", K8S, {});
+export const LimitRange = createResource("K8s::Core::LimitRange", K8S, {});
+export const ClusterRole = createResource("K8s::Rbac::ClusterRole", K8S, {});
+export const ClusterRoleBinding = createResource("K8s::Rbac::ClusterRoleBinding", K8S, {});
+export const Role = createResource("K8s::Rbac::Role", K8S, {});
+export const RoleBinding = createResource("K8s::Rbac::RoleBinding", K8S, {});
+export const ExternalSecret = createResource("K8s::ExternalSecrets::ExternalSecret", K8S, {});
+export const ServiceMonitor = createResource("K8s::Monitoring::ServiceMonitor", K8S, {});
+export const PrometheusRule = createResource("K8s::Monitoring::PrometheusRule", K8S, {});
+export const Certificate = createResource("K8s::CertManager::Certificate", K8S, {});

package/src/serializer.test.ts

@@ -3,8 +3,8 @@ import { createResource, createProperty } from "@intentius/chant/runtime";
 import type { Declarable } from "@intentius/chant/declarable";
 import type { SerializerResult } from "@intentius/chant/serializer";
 import { helmSerializer } from "./serializer";
-import { Chart, Values, HelmNotes, HelmTest, HelmHook, HelmDependency, HelmMaintainer, HelmCRD } from "./resources";
-import { values, include, printf, toYaml, quote, helmDefault, required, If, ElseIf, Range, With, Release, ChartRef, Capabilities } from "./intrinsics";
+import { Chart, Values, ValuesOverride, HelmNotes, HelmTest, HelmHook, HelmDependency, HelmMaintainer, HelmCRD } from "./resources";
+import { values, include, printf, toYaml, quote, helmDefault, required, If, ElseIf, Range, With, Release, ChartRef, Capabilities, runtimeSlot } from "./intrinsics";
 
 function makeEntities(...pairs: [string, Record<string, unknown>][]): Map<string, Declarable> {
   const entities = new Map<string, Declarable>();
@@ -792,6 +792,117 @@ describe("Capabilities in template", () => {
   });
 });
 
+describe("runtimeSlot in Values", () => {
+  test("emits '' for runtimeSlot in values.yaml", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const vals = new Values({
+      global: {
+        psql: { host: runtimeSlot("Cloud SQL private IP") },
+      },
+      replicaCount: 1,
+    });
+    const entities = makeEntities(["chart", chart], ["values", vals]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+    const valuesYaml = result.files!["values.yaml"];
+
+    expect(valuesYaml).toContain("host: ''");
+    expect(valuesYaml).toContain("replicaCount: 1");
+  });
+
+  test("emits values-runtime-slots.yaml when RuntimeSlot present", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const vals = new Values({
+      global: {
+        psql: { host: runtimeSlot("Cloud SQL private IP") },
+        redis: { host: runtimeSlot("Memorystore host") },
+      },
+    });
+    const entities = makeEntities(["chart", chart], ["values", vals]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+    const slotsYaml = result.files!["values-runtime-slots.yaml"];
+
+    expect(slotsYaml).toBeDefined();
+    expect(slotsYaml).toContain("# Generated by chant");
+    expect(slotsYaml).toContain("# Cloud SQL private IP");
+    expect(slotsYaml).toContain("host: ''");
+    expect(slotsYaml).toContain("# Memorystore host");
+    // Only RuntimeSlot fields should appear
+    expect(slotsYaml).not.toContain("replicaCount");
+  });
+
+  test("does not emit values-runtime-slots.yaml when no RuntimeSlot", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const vals = new Values({ replicaCount: 1, image: { repository: "nginx" } });
+    const entities = makeEntities(["chart", chart], ["values", vals]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+
+    expect(result.files!["values-runtime-slots.yaml"]).toBeUndefined();
+  });
+
+  test("runtimeSlot with empty description emits no comment", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const vals = new Values({ host: runtimeSlot() });
+    const entities = makeEntities(["chart", chart], ["values", vals]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+    const slotsYaml = result.files!["values-runtime-slots.yaml"];
+
+    expect(slotsYaml).toBeDefined();
+    expect(slotsYaml).toContain("host: ''");
+    // No comment line for empty description
+    const lines = slotsYaml!.split("\n");
+    const hostLine = lines.findIndex((l) => l.includes("host:"));
+    const prevLine = lines[hostLine - 1] ?? "";
+    expect(prevLine.trim().startsWith("#") && !prevLine.includes("Generated")).toBe(false);
+  });
+});
+
+describe("ValuesOverride serialization", () => {
+  test("emits ValuesOverride as a named yaml file", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const override = new ValuesOverride({
+      filename: "values-base",
+      values: {
+        postgresql: { install: false },
+        redis: { install: false },
+      },
+    });
+    const entities = makeEntities(["chart", chart], ["baseOverride", override]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+
+    expect(result.files!["values-base.yaml"]).toBeDefined();
+    expect(result.files!["values-base.yaml"]).toContain("postgresql:");
+    expect(result.files!["values-base.yaml"]).toContain("install: false");
+    expect(result.files!["values-base.yaml"]).toContain("redis:");
+  });
+
+  test("ValuesOverride content does not affect values.yaml", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const vals = new Values({ replicaCount: 1 });
+    const override = new ValuesOverride({
+      filename: "values-base",
+      values: { postgresql: { install: false } },
+    });
+    const entities = makeEntities(["chart", chart], ["values", vals], ["override", override]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+
+    expect(result.files!["values.yaml"]).toContain("replicaCount: 1");
+    expect(result.files!["values.yaml"]).not.toContain("postgresql");
+    expect(result.files!["values-base.yaml"]).toContain("postgresql:");
+    expect(result.files!["values-base.yaml"]).not.toContain("replicaCount");
+  });
+
+  test("multiple ValuesOverride entities emit separate files", () => {
+    const chart = new Chart({ name: "test", version: "0.1.0" });
+    const ov1 = new ValuesOverride({ filename: "values-dev", values: { env: "dev" } });
+    const ov2 = new ValuesOverride({ filename: "values-prod", values: { env: "prod" } });
+    const entities = makeEntities(["chart", chart], ["dev", ov1], ["prod", ov2]);
+    const result = helmSerializer.serialize(entities) as SerializerResult;
+
+    expect(result.files!["values-dev.yaml"]).toContain("env: dev");
+    expect(result.files!["values-prod.yaml"]).toContain("env: prod");
+  });
+});
+
 describe("helpers", () => {
   test("generateHelpers includes all standard templates", () => {
     const { generateHelpers } = require("./helpers");