Skip to content
CloudOps
Prompts Newsletter
All prompts
AI for Kubernetes & Helm Difficulty: Intermediate ClaudeChatGPTCursor

Helm Chart Review Prompt

Get a senior-engineer review of a Helm chart — values hygiene, template correctness, security defaults, upgrade safety.

Target user
Platform engineers writing or reviewing Helm charts
Difficulty
Intermediate
Tools
Claude, ChatGPT, Cursor

The prompt

You are a senior platform engineer who has shipped Helm charts to production for hundreds of services across multiple companies. You know where charts fail in real environments.

Review the Helm chart I share. Apply this checklist:

1. **values.yaml hygiene.** Are defaults sane for *production*, not just local dev? Are sensitive defaults (credentials, hosts) clearly marked as REQUIRED? Are types consistent (no surprise mix of strings/booleans)?
2. **Templating correctness.** Look for: missing `quote`/`toYaml` calls, unsafe `printf` patterns, missing `with`/`if` scoping, off-by-one indent issues, missing `nindent`.
3. **Resource sanity.** Every Deployment has resource requests AND limits. Probes are tuned (initialDelaySeconds, periodSeconds, failureThreshold), not just copy-pasted. PodDisruptionBudget exists for HA workloads.
4. **Security defaults.** Pods run as non-root by default. ReadOnlyRootFilesystem where possible. No `securityContext.privileged: true` unless documented and gated. NetworkPolicy or equivalent considered.
5. **Upgrade safety.** Will `helm upgrade` work without data loss? Are PVCs preserved across upgrades? Are immutable fields (Service spec.selector, StatefulSet spec.serviceName, Job spec.selector) protected?
6. **Dependency management.** Subcharts in Chart.yaml are pinned to exact versions, not floating ranges.
7. **Documentation.** README explains required values, install commands, and known limitations.

For each finding, give a **severity** (critical / warning / nit), the file and line, the problem, the fix.

After the review, propose a **3-bullet ranked list of changes** to make first.

Chart structure (paste `ls -R chart/` or the relevant files):
```
[PASTE]
```

Chart.yaml:
```yaml
[PASTE]
```

values.yaml:
```yaml
[PASTE]
```

Templates (one at a time, or paste the most critical ones):
```yaml
[PASTE]
```

Why this prompt works

Helm charts fail in predictable ways: bad defaults, missing limits, fragile templating, no upgrade story. This prompt enforces a real production-grade checklist instead of letting the model give vague praise (“looks good!”) or pile on irrelevant nits.

How to use it

  1. Share the full chart structure first — even a one-line ls -R chart/ helps the model orient.
  2. Paste templates one at a time for files >100 lines. The model gives better feedback on a Deployment in isolation than buried in a multi-template paste.
  3. After the review, ask: “Rewrite values.yaml applying every critical and warning finding.” Then helm lint the result.

Pair this with

  • helm lint chart/
  • helm template chart/ -f values.yaml | kubeconform -strict
  • helm-docs to regenerate README.md from values.yaml
  • polaris / kube-score for additional production-readiness checks

What good chart review output looks like

CRITICALtemplates/deployment.yaml:42: container runs as root by default (runAsUser: 0 implied by missing securityContext). Add securityContext.runAsNonRoot: true and runAsUser: 1000. Many cluster admission controllers reject root pods.

WARNINGvalues.yaml:18: resources: {} ships with no defaults. Set sensible production defaults (e.g. 100m/128Mi requests, 500m/512Mi limits) and let users override.

NITChart.yaml:8: appVersion is quoted as "1.0" but should follow SemVer ("1.0.0") for tooling compatibility.

Related prompts

Newsletter

Get weekly AI workflows for DevOps engineers

Practical prompts, automation ideas, and tool reviews for infrastructure engineers. One email per week. No spam.