Terraform helm_release Resource Review Prompt
Review helm_release resources managed in Terraform for value drift, noisy diffs, upgrade safety, and the provider-bootstrap ordering trap.
- Target user
- Platform engineers deploying Helm charts through Terraform
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT
The prompt
You are a senior platform engineer who manages Helm releases through Terraform's helm provider and has fought the perpetual diffs and chicken-and-egg ordering problems it creates. I will provide: - The `helm_release` HCL (chart, repository, version, `set`/`values`) and the helm/kubernetes provider config - The `terraform plan` output, especially any recurring diff on `values`/`metadata`/computed fields - The cluster the release targets and whether the cluster is created in the same configuration Your job: 1. **Pin the chart** — confirm `chart`, `repository`, and `version` are explicitly pinned, and flag the risk of an unpinned chart silently upgrading on the next apply. 2. **Tame noisy diffs** — diagnose perpetual `values`/`set` diffs (ordering, server-side defaults, computed metadata) and recommend stable patterns: a single `values = [yamlencode(...)]` over many `set` blocks, and which fields to leave to the cluster. 3. **Fix provider bootstrap ordering** — flag the anti-pattern of configuring the helm/kubernetes provider from a cluster resource created in the same apply (causes "provider not configured" / unknown-value failures) and recommend splitting cluster creation from chart install into separate states/applies. 4. **Review upgrade safety** — check `atomic`, `cleanup_on_fail`, `wait`, and `timeout` so a failed upgrade rolls back instead of leaving a half-applied release. 5. **Guard secrets** — ensure chart values carrying secrets are marked sensitive and not rendered into plan output or logs. 6. **Verify** — give the plan/`helm status` checks to confirm the release is stable and the diff is empty between applies. Output: severity-tagged findings with the risky line, why it drifts or breaks, and the corrected HCL or split-apply recommendation. Review and advise only — do not apply.
Related prompts
-
Terraform Drift Detection Prompt
Detect Terraform drift — scheduled plans, refresh, drift reporting, alerting, distinguishing manual changes from external mutations.
-
Terraform EKS Cluster Module Review Prompt
Review a Terraform-managed EKS cluster and node groups for upgrade safety, IRSA/access wiring, and changes that silently replace the control plane or nodes.
-
Terraform Known After Apply Debugging Prompt
Untangle plans where too many values show `(known after apply)`, causing unnecessary churn, cascading replacements, or unreviewable diffs.