Helm chart validation has traditionally relied on JSON Schema, which, while functional, can be limiting when you need more expressive validation rules. Enter the Helm CEL Plugin - a powerful new tool that leverages Common Expression Language (CEL) to provide more flexible and powerful validation capabilities for your Helm charts. What is CEL? Common Expression Language (CEL) is a simple, powerful expression language created by Google that makes it easy to write complex validation rules. With CEL, you can write more intuitive and expressive validation rules compared to JSON Schema while maintaining excellent performance and safety guarantees. Getting Started Installation is straightforward using Helm's plugin management system: helm plugin install https://github.com/idsulik/helm-cel Core Features Value Validation The plugin introduces a new command for validating your chart values: helm cel validate ./mychart You can specify custom files for both values and rules: helm cel validate ./mychart --values-file prod.values.yaml --rules-file prod.cel.yaml Rule Generation One of the standout features is the ability to generate validation rules based on your existing values structure automatically: helm cel generate ./mychart This is particularly useful when starting with a new chart or when you want to create a baseline set of rules that you can then customize. Writing Validation Rules The rules are defined in a values.cel.yaml file, with each rule consisting of: A CEL expression that must evaluate to true for valid values A description explaining what the rule validates An optional severity level Here's a practical example: rules: - expr: "has(values.service) && has(values.service.port)" desc: "service port is required" - expr: "values.service.port >= 1 && values.service.port <= 65535" desc: "service port must be between 1 and 65535" severity: warning Advanced Features Severity Levels The plugin supports two severity levels: error: Fails validation (default) warning: Shows a warning but allows validation to pass This flexibility allows you to implement both strict requirements and best-practice recommendations in your validation rules. Reusable Expressions To keep your rules DRY (Don't Repeat Yourself), you can define reusable expressions: expressions: portRange: 'values.service.port >= 1 && values.service.port <= 65535' nodePortRange: 'values.service.nodePort >= 30000 && values.service.nodePort <= 32767' rules: - expr: "${portRange}" desc: "Service port must be valid" - expr: 'values.service.type == "NodePort" ? ${nodePortRange} : true' desc: "NodePort must be valid when type is NodePort" Common Validation Patterns Here are some practical examples of common validation scenarios: Required Fields - expr: "has(values.fieldName)" desc: "fieldName is required" Numeric Ranges - expr: "values.number >= 0 && values.number <= 100" desc: "number must be between 0 and 100" Type Checking - expr: "type(values.ports) == list" desc: "ports must be a list" Resource Specifications - expr: 'values.resources.requests.memory.matches("^[0-9]+(Mi|Gi)$")' desc: "memory requests must be in Mi or Gi" Clear Feedback The plugin provides clear, actionable feedback when validation fails: ❌ Validation failed: replica count must be at least 1 Rule: values.replicaCount >= 1 Path: replicaCount Current value: 0 For warnings, you'll see: ⚠️ Service port must be between 1 and 65535 Rule: values.service.port >= 1 && values.service.port <= 65535 Path: service.port Current value: 80801 Why Choose Helm CEL Plugin? More Expressive: CEL provides a more natural and powerful way to express validation rules compared to JSON Schema. Better Error Messages: Get clear, actionable feedback when validation fails. Flexible Severity Levels: Distinguish between hard requirements and best practices. Rule Generation: Automatically generate baseline rules from existing values. Reusable Expressions: Keep your validation rules DRY and maintainable. Conclusion The Helm CEL Plugin brings a new level of sophistication to Helm chart validation. By leveraging the power of CEL, it provides a more expressive and maintainable way to ensure your Helm charts are configured correctly. Whether you're managing a single chart or maintaining a large repository of charts, this plugin can help you catch configuration issues early and ensure consistency across your Kubernetes deployments. If you're tired of the limitations of JSON Schema validation, give the Helm CEL Plugin a try. Your future self (and your team) will thank you. Helm chart validation has traditionally relied on JSON Schema, which, while functional, can be limiting when you need more expressive validation rules. Enter the Helm CEL Plugin - a powerful new tool that leverages Common Expression Language (CEL) to provide more flexible and powerful validation capabilities for your Helm charts. What is CEL? Common Expression Language (CEL) is a simple, powerful expression language created by Google that makes it easy to write complex validation rules. With CEL, you can write more intuitive and expressive validation rules compared to JSON Schema while maintaining excellent performance and safety guarantees. Getting Started Installation is straightforward using Helm's plugin management system: helm plugin install https://github.com/idsulik/helm-cel helm plugin install https://github.com/idsulik/helm-cel Core Features Value Validation The plugin introduces a new command for validating your chart values: helm cel validate ./mychart helm cel validate ./mychart You can specify custom files for both values and rules: helm cel validate ./mychart --values-file prod.values.yaml --rules-file prod.cel.yaml helm cel validate ./mychart --values-file prod.values.yaml --rules-file prod.cel.yaml Rule Generation One of the standout features is the ability to generate validation rules based on your existing values structure automatically: helm cel generate ./mychart helm cel generate ./mychart This is particularly useful when starting with a new chart or when you want to create a baseline set of rules that you can then customize. Writing Validation Rules The rules are defined in a values.cel.yaml file, with each rule consisting of: values.cel.yaml A CEL expression that must evaluate to true for valid values A description explaining what the rule validates An optional severity level A CEL expression that must evaluate to true for valid values true A description explaining what the rule validates An optional severity level Here's a practical example: rules: - expr: "has(values.service) && has(values.service.port)" desc: "service port is required" - expr: "values.service.port >= 1 && values.service.port <= 65535" desc: "service port must be between 1 and 65535" severity: warning rules: - expr: "has(values.service) && has(values.service.port)" desc: "service port is required" - expr: "values.service.port >= 1 && values.service.port <= 65535" desc: "service port must be between 1 and 65535" severity: warning Advanced Features Severity Levels The plugin supports two severity levels: error: Fails validation (default) warning: Shows a warning but allows validation to pass error : Fails validation (default) error warning : Shows a warning but allows validation to pass warning This flexibility allows you to implement both strict requirements and best-practice recommendations in your validation rules. Reusable Expressions To keep your rules DRY (Don't Repeat Yourself), you can define reusable expressions: expressions: portRange: 'values.service.port >= 1 && values.service.port <= 65535' nodePortRange: 'values.service.nodePort >= 30000 && values.service.nodePort <= 32767' rules: - expr: "${portRange}" desc: "Service port must be valid" - expr: 'values.service.type == "NodePort" ? ${nodePortRange} : true' desc: "NodePort must be valid when type is NodePort" expressions: portRange: 'values.service.port >= 1 && values.service.port <= 65535' nodePortRange: 'values.service.nodePort >= 30000 && values.service.nodePort <= 32767' rules: - expr: "${portRange}" desc: "Service port must be valid" - expr: 'values.service.type == "NodePort" ? ${nodePortRange} : true' desc: "NodePort must be valid when type is NodePort" Common Validation Patterns Here are some practical examples of common validation scenarios: Required Fields Required Fields Required Fields - expr: "has(values.fieldName)" desc: "fieldName is required" - expr: "has(values.fieldName)" desc: "fieldName is required" Numeric Ranges Numeric Ranges Numeric Ranges - expr: "values.number >= 0 && values.number <= 100" desc: "number must be between 0 and 100" - expr: "values.number >= 0 && values.number <= 100" desc: "number must be between 0 and 100" Type Checking Type Checking Type Checking - expr: "type(values.ports) == list" desc: "ports must be a list" - expr: "type(values.ports) == list" desc: "ports must be a list" Resource Specifications Resource Specifications Resource Specifications - expr: 'values.resources.requests.memory.matches("^[0-9]+(Mi|Gi)$")' desc: "memory requests must be in Mi or Gi" - expr: 'values.resources.requests.memory.matches("^[0-9]+(Mi|Gi)$")' desc: "memory requests must be in Mi or Gi" Clear Feedback The plugin provides clear, actionable feedback when validation fails: ❌ Validation failed: replica count must be at least 1 Rule: values.replicaCount >= 1 Path: replicaCount Current value: 0 ❌ Validation failed: replica count must be at least 1 Rule: values.replicaCount >= 1 Path: replicaCount Current value: 0 For warnings, you'll see: ⚠️ Service port must be between 1 and 65535 Rule: values.service.port >= 1 && values.service.port <= 65535 Path: service.port Current value: 80801 ⚠️ Service port must be between 1 and 65535 Rule: values.service.port >= 1 && values.service.port <= 65535 Path: service.port Current value: 80801 Why Choose Helm CEL Plugin? More Expressive: CEL provides a more natural and powerful way to express validation rules compared to JSON Schema. Better Error Messages: Get clear, actionable feedback when validation fails. Flexible Severity Levels: Distinguish between hard requirements and best practices. Rule Generation: Automatically generate baseline rules from existing values. Reusable Expressions: Keep your validation rules DRY and maintainable. More Expressive : CEL provides a more natural and powerful way to express validation rules compared to JSON Schema. More Expressive Better Error Messages : Get clear, actionable feedback when validation fails. Better Error Messages Flexible Severity Levels : Distinguish between hard requirements and best practices. Flexible Severity Levels Rule Generation : Automatically generate baseline rules from existing values. Rule Generation Reusable Expressions : Keep your validation rules DRY and maintainable. Reusable Expressions Conclusion The Helm CEL Plugin brings a new level of sophistication to Helm chart validation. By leveraging the power of CEL, it provides a more expressive and maintainable way to ensure your Helm charts are configured correctly. Whether you're managing a single chart or maintaining a large repository of charts, this plugin can help you catch configuration issues early and ensure consistency across your Kubernetes deployments. Helm CEL Plugin If you're tired of the limitations of JSON Schema validation, give the Helm CEL Plugin a try. Your future self (and your team) will thank you.
