npm - @intentius/chant-lexicon-helm - Versions diffs - 0.0.24 → 0.1.0 - Mend

@intentius/chant-lexicon-helm 0.0.24 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/integrity.json +6 -4
package/dist/manifest.json +1 -1
package/dist/rules/values-no-helm-tpl.ts +92 -0
package/dist/rules/whm005-no-empty-wrapper.ts +54 -0
package/dist/skills/chant-helm-patterns.md +52 -0
package/dist/skills/chant-helm.md +71 -22
package/package.json +6 -3
package/src/codegen/docs.ts +3 -2
package/src/index.ts +4 -1
package/src/intrinsics.ts +53 -0
package/src/lint/post-synth/post-synth.test.ts +43 -0
package/src/lint/post-synth/whm005-no-empty-wrapper.ts +54 -0
package/src/lint/rules/lint-rules.test.ts +35 -0
package/src/lint/rules/values-no-helm-tpl.ts +92 -0
package/src/plugin.test.ts +4 -2
package/src/resources.ts +20 -0
package/src/serializer.test.ts +113 -2
package/src/serializer.ts +149 -13
package/src/skills/chant-helm-patterns.md +52 -0
package/src/skills/chant-helm.md +71 -22

package/src/skills/chant-helm.md CHANGED Viewed

@@ -65,6 +65,53 @@ import { If, values } from "@intentius/chant-lexicon-helm";
 export const ingress = If(values.ingress.enabled, new Ingress({ ... }));
 ```
+### Runtime values and value overrides
+Use `runtimeSlot()` for deploy-time values that cannot be known at build time (database IPs, bucket names, etc.):
+```typescript
+import { Values, runtimeSlot } from "@intentius/chant-lexicon-helm";
+export const vals = new Values({
+  global: {
+    psql: {
+      host: runtimeSlot("Cloud SQL private IP"),  // → '' in values.yaml
+    },
+    redis: {
+      host: runtimeSlot("Memorystore persistent host"),
+    },
+  },
+});
+```
+`runtimeSlot()` generates two outputs:
+- `values.yaml` — the field emits `''` (empty placeholder, safe for `helm template`)
+- `values-runtime-slots.yaml` — lists only the slots with descriptions as YAML comments, for use as a deploy-time checklist
+**WHM004** fires when `v.xxx` (the values proxy) is used inside `new Values({...})` — values.yaml is not a Go template, so `{{ .Values.x }}` would silently become `''`. Use `runtimeSlot()` instead.
+Use `ValuesOverride` for static configuration shared across all deployments, like disabling bundled services:
+```typescript
+import { ValuesOverride } from "@intentius/chant-lexicon-helm";
+export const baseOverride = new ValuesOverride({
+  filename: "values-base",           // → generates chart-dir/values-base.yaml
+  values: {
+    postgresql: { install: false },
+    redis: { install: false },
+    certmanager: { install: false },
+  },
+});
+```
+Pass the generated file at deploy time:
+```bash
+helm upgrade --install my-release chart/
+  -f chart/values-base.yaml          # generated by ValuesOverride
+  -f values-prod.yaml                # runtime overrides (from values-runtime-slots.yaml)
+```
 ### Built-in objects
 ```typescript
@@ -218,28 +265,30 @@ const lifecycle = HelmCRDLifecycle({
 ## Lint rules
-| Rule | Description |
-|------|-------------|
-| WHM001 | Chart must have name, version, apiVersion |
-| WHM002 | Values should not contain bare secrets |
-| WHM003 | Container images should use values references |
-| WHM101 | Chart.yaml has valid apiVersion (v2) |
-| WHM102 | values.schema.json present when Values used |
-| WHM103 | Go template syntax valid (balanced braces) |
-| WHM104 | NOTES.txt exists for application charts |
-| WHM105 | _helpers.tpl exists |
-| WHM201 | Resources have standard Helm labels |
-| WHM301 | At least one test for application charts |
-| WHM302 | Resource limits set |
-| WHM401 | Image uses :latest tag or no tag |
-| WHM402 | runAsNonRoot not set |
-| WHM403 | readOnlyRootFilesystem not set |
-| WHM404 | privileged: true detected |
-| WHM405 | Resource spec missing cpu/memory |
-| WHM406 | CRD lifecycle limitation |
-| WHM407 | Secret with inline data |
-| WHM501 | Unused values keys |
-| WHM502 | Deprecated K8s API versions |
+| Rule | Phase | Description |
+|------|-------|-------------|
+| WHM001 | pre-synth | Chart must have name, version, apiVersion |
+| WHM002 | pre-synth | Values should not contain bare secrets |
+| WHM003 | pre-synth | Container images should use values references |
+| WHM004 | pre-synth | HelmTpl (`v.xxx`) has no effect in Values — use `runtimeSlot()` |
+| WHM005 | post-synth | Chart with dependencies but no templates — deploy upstream chart directly |
+| WHM101 | post-synth | Chart.yaml has valid apiVersion (v2) |
+| WHM102 | post-synth | values.schema.json present when Values used |
+| WHM103 | post-synth | Go template syntax valid (balanced braces) |
+| WHM104 | post-synth | NOTES.txt exists for application charts |
+| WHM105 | post-synth | _helpers.tpl exists |
+| WHM201 | post-synth | Resources have standard Helm labels |
+| WHM301 | post-synth | At least one test for application charts |
+| WHM302 | post-synth | Resource limits set |
+| WHM401 | post-synth | Image uses :latest tag or no tag |
+| WHM402 | post-synth | runAsNonRoot not set |
+| WHM403 | post-synth | readOnlyRootFilesystem not set |
+| WHM404 | post-synth | privileged: true detected |
+| WHM405 | post-synth | Resource spec missing cpu/memory |
+| WHM406 | post-synth | CRD lifecycle limitation |
+| WHM407 | post-synth | Secret with inline data |
+| WHM501 | post-synth | Unused values keys |
+| WHM502 | post-synth | Deprecated K8s API versions |
 ## OCI registry workflow