k8s-helm

Original source / Raw SKILL.md

---
name: k8s-helm
description: Manage Helm charts, releases, and repositories. Use for Helm installations, upgrades, rollbacks, chart development, and release management.
license: Apache-2.0
metadata:
  author: rohitg00
  version: "1.0.0"
  tools: 16
  category: workloads
---

# Helm Chart Management

Comprehensive Helm v3 operations using kubectl-mcp-server's 16 Helm tools.

## When to Apply

Use this skill when:
- User mentions: "helm", "chart", "release", "values", "repository"
- Operations: installing charts, upgrading releases, rollbacks
- Keywords: "package", "template", "lint", "repo add"

## Priority Rules

| Priority | Rule | Impact | Tools |
|----------|------|--------|-------|
| 1 | Template before install (dry run) | CRITICAL | `template_helm_chart` |
| 2 | Check existing releases first | CRITICAL | `list_helm_releases` |
| 3 | Lint charts before packaging | HIGH | `lint_helm_chart` |
| 4 | Note revision before upgrade | HIGH | `get_helm_history` |
| 5 | Verify values after upgrade | MEDIUM | `get_helm_values` |
| 6 | Update repos before search | LOW | `update_helm_repos` |

## Quick Reference

| Task | Tool | Example |
|------|------|---------|
| Install chart | `install_helm_chart` | `install_helm_chart(name, chart, namespace)` |
| Upgrade release | `upgrade_helm_release` | `upgrade_helm_release(name, chart, namespace, values)` |
| Rollback | `rollback_helm_release` | `rollback_helm_release(name, namespace, revision)` |
| List releases | `list_helm_releases` | `list_helm_releases(namespace)` |
| Get values | `get_helm_values` | `get_helm_values(name, namespace)` |
| Template (dry run) | `template_helm_chart` | `template_helm_chart(name, chart, namespace)` |

## Install Chart

```python
install_helm_chart(
    name="my-release",
    chart="bitnami/nginx",
    namespace="web",
    values={"replicaCount": 3, "service.type": "LoadBalancer"}
)
```

## Upgrade Release

```python
upgrade_helm_release(
    name="my-release",
    chart="bitnami/nginx",
    namespace="web",
    values={"replicaCount": 5}
)
```

## Rollback Release

```python
rollback_helm_release(
    name="my-release",
    namespace="web",
    revision=1
)
```

## Uninstall Release

```python
uninstall_helm_chart(name="my-release", namespace="web")
```

## Release Management

### List Releases

```python
list_helm_releases(namespace="web")

list_helm_releases()
```

### Get Release Details

```python
get_helm_release(name="my-release", namespace="web")
```

### Release History

```python
get_helm_history(name="my-release", namespace="web")
```

### Get Release Values

```python
get_helm_values(name="my-release", namespace="web")
```

### Get Release Manifest

```python
get_helm_manifest(name="my-release", namespace="web")
```

## Repository Management

### Add Repository

```python
add_helm_repo(name="bitnami", url="https://charts.bitnami.com/bitnami")
```

### List Repositories

```python
list_helm_repos()
```

### Update Repositories

```python
update_helm_repos()
```

### Search Charts

```python
search_helm_charts(keyword="nginx")

search_helm_charts(keyword="postgres", repo="bitnami")
```

## Chart Development

### Template Chart (Dry Run)

```python
template_helm_chart(
    name="my-release",
    chart="./my-chart",
    namespace="test",
    values={"key": "value"}
)
```

### Lint Chart

```python
lint_helm_chart(chart="./my-chart")
```

### Package Chart

```python
package_helm_chart(chart="./my-chart", destination="./packages")
```

## Common Workflows

### New Application Deployment

```python
add_helm_repo(name="bitnami", url="...")

search_helm_charts(keyword="postgresql")

template_helm_chart(...)

install_helm_chart(...)

get_helm_release(...)
```

### Upgrade with Rollback Safety

```python
get_helm_history(name, namespace)

upgrade_helm_release(name, chart, namespace, values)

rollback_helm_release(name, namespace, revision)
```

### Multi-Environment Deployment

```python
install_helm_chart(
    name="app",
    chart="./charts/app",
    namespace="dev",
    values={"replicas": 1},
    context="development"
)

install_helm_chart(
    name="app",
    chart="./charts/app",
    namespace="staging",
    values={"replicas": 2},
    context="staging"
)

install_helm_chart(
    name="app",
    chart="./charts/app",
    namespace="prod",
    values={"replicas": 5},
    context="production"
)
```

## Chart Structure

See [references/CHART-STRUCTURE.md](references/CHART-STRUCTURE.md) for best practices on organizing Helm charts.

## Troubleshooting

See [TROUBLESHOOTING.md](TROUBLESHOOTING.md) for common issues.

### Release Stuck in Pending

```python
get_helm_release(name, namespace)

get_pods(namespace, label_selector="app.kubernetes.io/instance=<release>")
```

### Failed Installation

```python
get_helm_history(name, namespace)

get_events(namespace)

uninstall_helm_chart(name, namespace)
```

### Values Not Applied

```python
get_helm_values(name, namespace)

template_helm_chart(...)

upgrade_helm_release(...)
```

## Scripts

See [scripts/lint-chart.sh](scripts/lint-chart.sh) for automated chart validation.

## Best Practices

1. **Always Template First**
   ```python
   template_helm_chart(name, chart, namespace, values)
   ```

2. **Use Semantic Versioning**
   ```python
   install_helm_chart(..., version="1.2.3")
   ```

3. **Store Values in Git**
   - `values-dev.yaml`
   - `values-staging.yaml`
   - `values-prod.yaml`

4. **Namespace Isolation**
   - One namespace per release
   - Easier cleanup and RBAC

## Prerequisites

- **Helm CLI**: Required for all Helm operations
  ```bash
  curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
  ```

## Related Skills

- [k8s-deploy](../k8s-deploy/SKILL.md) - Deployment strategies
- [k8s-gitops](../k8s-gitops/SKILL.md) - GitOps Helm releases


---

## Referenced Files

> The following files are referenced in this skill and included for context.

### references/CHART-STRUCTURE.md

```markdown
# Helm Chart Structure Best Practices

Reference for organizing and structuring Helm charts.

## Standard Chart Layout

```
mychart/
├── Chart.yaml          # Chart metadata (required)
├── Chart.lock          # Dependency lock file
├── values.yaml         # Default configuration values
├── values.schema.json  # JSON schema for values validation
├── .helmignore         # Patterns to ignore when packaging
├── README.md           # Chart documentation
├── LICENSE             # License file
├── templates/          # Kubernetes manifests (required)
│   ├── NOTES.txt       # Post-install notes
│   ├── _helpers.tpl    # Template helpers/partials
│   ├── deployment.yaml
│   ├── service.yaml
│   ├── ingress.yaml
│   ├── configmap.yaml
│   ├── secret.yaml
│   ├── serviceaccount.yaml
│   ├── hpa.yaml
│   └── tests/          # Helm test hooks
│       └── test-connection.yaml
├── charts/             # Dependency charts
└── crds/               # Custom Resource Definitions
```

## Chart.yaml

```yaml
apiVersion: v2
name: mychart
description: A Helm chart for MyApp
type: application
version: 1.0.0
appVersion: "2.5.0"

keywords:
  - myapp
  - web

home: https://github.com/org/mychart
sources:
  - https://github.com/org/mychart

maintainers:
  - name: John Doe
    email: [email protected]
    url: https://johndoe.com

icon: https://example.com/icon.png

dependencies:
  - name: postgresql
    version: "12.x.x"
    repository: "https://charts.bitnami.com/bitnami"
    condition: postgresql.enabled
  - name: redis
    version: "17.x.x"
    repository: "https://charts.bitnami.com/bitnami"
    condition: redis.enabled
```

## values.yaml Best Practices

```yaml
replicaCount: 1

image:
  repository: myapp
  pullPolicy: IfNotPresent
  tag: ""

imagePullSecrets: []

nameOverride: ""
fullnameOverride: ""

serviceAccount:
  create: true
  annotations: {}
  name: ""

podAnnotations: {}

podSecurityContext:
  fsGroup: 1000

securityContext:
  capabilities:
    drop:
    - ALL
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000

service:
  type: ClusterIP
  port: 80

ingress:
  enabled: false
  className: ""
  annotations: {}
  hosts:
    - host: chart-example.local
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls: []

resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80

nodeSelector: {}

tolerations: []

affinity: {}
```

## _helpers.tpl Template

```yaml
{{/*
Expand the name of the chart.
*/}}
{{- define "mychart.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Create a default fully qualified app name.
*/}}
{{- define "mychart.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "mychart.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "mychart.labels" -}}
helm.sh/chart: {{ include "mychart.chart" . }}
{{ include "mychart.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels
*/}}
{{- define "mychart.selectorLabels" -}}
app.kubernetes.io/name: {{ include "mychart.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "mychart.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "mychart.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
```

## values.schema.json

```json
{
  "$schema": "https://json-schema.org/draft-07/schema#",
  "type": "object",
  "required": ["image", "service"],
  "properties": {
    "replicaCount": {
      "type": "integer",
      "minimum": 1
    },
    "image": {
      "type": "object",
      "required": ["repository"],
      "properties": {
        "repository": {"type": "string"},
        "tag": {"type": "string"},
        "pullPolicy": {
          "type": "string",
          "enum": ["Always", "IfNotPresent", "Never"]
        }
      }
    },
    "service": {
      "type": "object",
      "properties": {
        "type": {
          "type": "string",
          "enum": ["ClusterIP", "NodePort", "LoadBalancer"]
        },
        "port": {"type": "integer", "minimum": 1, "maximum": 65535}
      }
    }
  }
}
```

## Environment-Specific Values

```
charts/mychart/
├── values.yaml           # Base defaults
├── values-dev.yaml       # Development overrides
├── values-staging.yaml   # Staging overrides
└── values-prod.yaml      # Production overrides
```

**values-dev.yaml:**
```yaml
replicaCount: 1
resources:
  limits:
    cpu: 100m
    memory: 128Mi
```

**values-prod.yaml:**
```yaml
replicaCount: 3
resources:
  limits:
    cpu: 500m
    memory: 512Mi
autoscaling:
  enabled: true
  minReplicas: 3
  maxReplicas: 10
```

## NOTES.txt Template

```
Thank you for installing {{ .Chart.Name }}.

Your release is named {{ .Release.Name }}.

To learn more about the release, try:

  $ helm status {{ .Release.Name }}
  $ helm get all {{ .Release.Name }}

{{- if .Values.ingress.enabled }}
Access your application at:
{{- range .Values.ingress.hosts }}
  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ .host }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
Get the application URL by running:
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mychart.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
Get the application URL by running:
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mychart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
  echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
Get the application URL by running:
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mychart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80
  echo "Visit http://127.0.0.1:8080 to use your application"
{{- end }}
```

## Test Template

**templates/tests/test-connection.yaml:**
```yaml
apiVersion: v1
kind: Pod
metadata:
  name: "{{ include "mychart.fullname" . }}-test-connection"
  labels:
    {{- include "mychart.labels" . | nindent 4 }}
  annotations:
    "helm.sh/hook": test
spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ include "mychart.fullname" . }}:{{ .Values.service.port }}']
  restartPolicy: Never
```

## Validation Checklist

- [ ] Chart.yaml has required fields
- [ ] values.yaml has sensible defaults
- [ ] All templates use helpers for names/labels
- [ ] Resources have limits defined
- [ ] Security contexts are set
- [ ] NOTES.txt provides useful info
- [ ] README.md documents all values
- [ ] Linting passes: `helm lint ./mychart`

```

### TROUBLESHOOTING.md

```markdown
# Helm Troubleshooting Guide

Common Helm issues and resolutions.

## Installation Failures

### Error: INSTALLATION FAILED: cannot re-use a name

**Cause:** Release with same name exists (possibly failed).

**Diagnosis:**
```python
list_helm_releases(namespace)
get_helm_history(name, namespace)
```

**Resolution:**
```python
uninstall_helm_chart(name, namespace)
install_helm_chart(name, chart, namespace, values)
```

### Error: timed out waiting for condition

**Cause:** Pods not becoming ready within timeout.

**Diagnosis:**
```python
get_pods(namespace, label_selector="app.kubernetes.io/instance=<release>")
describe_pod(name, namespace)
get_events(namespace)
```

**Common Causes:**
- Image pull failure
- Insufficient resources
- Failed health checks
- Missing ConfigMaps/Secrets

**Resolution:**
```python
# Fix the issue, then upgrade
upgrade_helm_release(name, chart, namespace, values)
```

### Error: rendered manifests contain a resource that already exists

**Cause:** Resource exists outside Helm management.

**Diagnosis:**
```python
# Check if resource exists
get_deployments(namespace)  # or other resource type
```

**Resolution:**
- Delete existing resource manually
- Or use `--force` flag

## Upgrade Failures

### Error: UPGRADE FAILED: another operation in progress

**Cause:** Previous operation didn't complete cleanly.

**Diagnosis:**
```python
get_helm_history(name, namespace)
# Look for pending-* status
```

**Resolution:**
```python
# If stuck in pending-install
uninstall_helm_chart(name, namespace)
install_helm_chart(name, chart, namespace, values)

# If stuck in pending-upgrade, rollback first
rollback_helm_release(name, namespace, revision=<last-good>)
```

### Error: "spec.selector" is immutable

**Cause:** Trying to change selector labels.

**Resolution:**
- Delete deployment and reinstall
- Or use a new release name

## Rollback Issues

### Rollback doesn't restore old values

**Cause:** Values are tied to revision, not chart version.

**Diagnosis:**
```python
get_helm_values(name, namespace)
get_helm_history(name, namespace)
```

**Resolution:**
```python
rollback_helm_release(name, namespace, revision=<specific>)
```

## Chart Development Issues

### Template rendering fails

**Diagnosis:**
```python
template_helm_chart(name, chart, namespace, values)
lint_helm_chart(chart)
```

**Common Causes:**
- Syntax errors in templates
- Missing values
- Incorrect indentation in YAML

### Values not applied

**Diagnosis:**
```python
get_helm_values(name, namespace)
template_helm_chart(name, chart, namespace, values)
```

**Common Causes:**
- Wrong key path in values
- Values overridden by defaults
- Type mismatch (string vs number)

## Release Status Reference

| Status | Meaning | Action |
|--------|---------|--------|
| deployed | Success | None |
| failed | Installation/upgrade failed | Fix and retry |
| pending-install | Install in progress | Wait or cleanup |
| pending-upgrade | Upgrade in progress | Wait or rollback |
| pending-rollback | Rollback in progress | Wait |
| superseded | Old revision | None |
| uninstalling | Uninstall in progress | Wait |

## Debug Commands

```python
# Full release info
get_helm_release(name, namespace)

# All revisions
get_helm_history(name, namespace)

# Current values
get_helm_values(name, namespace)

# Rendered manifests
get_helm_manifest(name, namespace)

# Dry-run to test
template_helm_chart(name, chart, namespace, values)

# Validate chart
lint_helm_chart(chart)
```

## Best Practices to Avoid Issues

1. **Always dry-run first**
   ```python
   template_helm_chart(name, chart, namespace, values)
   ```

2. **Check history before upgrade**
   ```python
   get_helm_history(name, namespace)
   ```

3. **Use specific versions**
   ```python
   install_helm_chart(name, chart, namespace, version="1.2.3", values)
   ```

4. **Keep values in version control**
   - values-dev.yaml
   - values-prod.yaml

5. **Test rollback procedure**
   ```python
   # Know which revision to rollback to
   get_helm_history(name, namespace)
   ```

```

### scripts/lint-chart.sh

```bash
#!/bin/bash
set -e

CHART_PATH="${1:-.}"

echo "=== Helm Chart Linting ==="
echo "Chart: $CHART_PATH"
echo ""

if [ ! -f "$CHART_PATH/Chart.yaml" ]; then
    echo "ERROR: Not a valid Helm chart directory (missing Chart.yaml)"
    exit 1
fi

CHART_NAME=$(grep '^name:' "$CHART_PATH/Chart.yaml" | awk '{print $2}')
echo "Chart Name: $CHART_NAME"
echo ""

echo "--- Step 1: Helm Lint ---"
if helm lint "$CHART_PATH"; then
    echo "✓ Helm lint passed"
else
    echo "✗ Helm lint failed"
    exit 1
fi
echo ""

echo "--- Step 2: Template Validation ---"
if helm template test-release "$CHART_PATH" > /dev/null 2>&1; then
    echo "✓ Template rendering passed"
else
    echo "✗ Template rendering failed"
    helm template test-release "$CHART_PATH"
    exit 1
fi
echo ""

echo "--- Step 3: Kubernetes Manifest Validation ---"
if command -v kubectl &> /dev/null; then
    if helm template test-release "$CHART_PATH" | kubectl apply --dry-run=client -f - > /dev/null 2>&1; then
        echo "✓ Kubernetes validation passed"
    else
        echo "⚠ Kubernetes validation failed (may be expected without cluster)"
    fi
else
    echo "⚠ kubectl not found, skipping Kubernetes validation"
fi
echo ""

echo "--- Step 4: Structure Check ---"
required_files=("Chart.yaml" "values.yaml" "templates")
for file in "${required_files[@]}"; do
    if [ -e "$CHART_PATH/$file" ]; then
        echo "✓ $file exists"
    else
        echo "✗ $file missing"
    fi
done

recommended_files=("README.md" "templates/NOTES.txt" "templates/_helpers.tpl")
for file in "${recommended_files[@]}"; do
    if [ -e "$CHART_PATH/$file" ]; then
        echo "✓ $file exists"
    else
        echo "⚠ $file recommended but missing"
    fi
done
echo ""

echo "--- Step 5: Values Schema Check ---"
if [ -f "$CHART_PATH/values.schema.json" ]; then
    echo "✓ values.schema.json exists"
    if command -v jsonschema &> /dev/null; then
        if jsonschema -i "$CHART_PATH/values.yaml" "$CHART_PATH/values.schema.json" 2>/dev/null; then
            echo "✓ Values match schema"
        else
            echo "⚠ Values may not match schema"
        fi
    fi
else
    echo "⚠ values.schema.json not found (recommended for validation)"
fi
echo ""

echo "--- Step 6: Security Check ---"
templates_dir="$CHART_PATH/templates"
if grep -r "securityContext" "$templates_dir" > /dev/null 2>&1; then
    echo "✓ Security contexts found"
else
    echo "⚠ No security contexts found (recommended)"
fi

if grep -r "resources:" "$templates_dir" > /dev/null 2>&1; then
    echo "✓ Resource limits found"
else
    echo "⚠ No resource limits found (recommended)"
fi
echo ""

echo "=== Linting Complete ==="
echo "Run 'helm template <name> $CHART_PATH' to preview rendered manifests"

```

### ../k8s-deploy/SKILL.md

```markdown
---
name: k8s-deploy
description: Deploy and manage Kubernetes workloads with progressive delivery. Use for deployments, rollouts, blue-green, canary releases, scaling, and release management.
license: Apache-2.0
metadata:
  author: rohitg00
  version: "1.0.0"
  tools: 20
  category: workloads
---

# Kubernetes Deployment Workflows

Comprehensive deployment strategies using kubectl-mcp-server tools, including Argo Rollouts and Flagger for progressive delivery.

## When to Apply

Use this skill when:
- User mentions: "deploy", "release", "rollout", "scale", "update", "upgrade"
- Operations: creating deployments, updating images, scaling replicas
- Strategies: canary, blue-green, rolling update, recreate
- Keywords: "new version", "push to production", "traffic shifting"

## Priority Rules

| Priority | Rule | Impact | Tools |
|----------|------|--------|-------|
| 1 | Preview with template before apply | CRITICAL | `template_helm_chart` |
| 2 | Check existing state first | CRITICAL | `get_pods`, `list_helm_releases` |
| 3 | Use progressive delivery for prod | HIGH | `rollout_*` tools |
| 4 | Verify health after deployment | HIGH | `get_pod_metrics`, `get_endpoints` |
| 5 | Keep rollback revision noted | MEDIUM | `get_helm_history` |
| 6 | Scale incrementally | LOW | `scale_deployment` |

## Quick Reference

| Task | Tool | Example |
|------|------|---------|
| Deploy from manifest | `kubectl_apply` | `apply_manifest(yaml, namespace)` |
| Deploy with Helm | `install_helm_chart` | `install_helm_chart(name, chart, namespace)` |
| Update image | `set_deployment_image` | `set_deployment_image(name, ns, container, image)` |
| Scale replicas | `scale_deployment` | `scale_deployment(name, ns, replicas=5)` |
| Rollback | `rollback_deployment` | `rollback_deployment(name, ns, revision=0)` |
| Canary promote | `rollout_promote_tool` | `rollout_promote_tool(name, ns)` |

## Standard Deployments

### Deploy from Manifest

```python
kubectl_apply(manifest_yaml, namespace)
```

### Deploy with Helm

```python
install_helm_chart(
    name="my-app",
    chart="bitnami/nginx",
    namespace="production",
    values={"replicaCount": 3}
)
```

### Scale Deployment

```python
scale_deployment(name, namespace, replicas=5)
```

### Rolling Update

```python
set_deployment_image(name, namespace, container="app", image="myapp:v2")

rollout_status(name, namespace, resource_type="deployment")
```

## Progressive Delivery

### Argo Rollouts (Recommended)

For canary and blue-green deployments with analysis.

**List Rollouts**
```python
rollouts_list_tool(namespace)
```

**Canary Promotion**
```python
rollout_status_tool(name, namespace)

rollout_promote_tool(name, namespace)
```

**Abort Bad Release**
```python
rollout_abort_tool(name, namespace)
```

**Retry Failed Rollout**
```python
rollout_retry_tool(name, namespace)
```

See [ROLLOUTS.md](ROLLOUTS.md) for detailed Argo Rollouts workflows.

### Flagger Canary

For service mesh-integrated canary releases:

```python
flagger_canaries_list_tool(namespace)
flagger_canary_get_tool(name, namespace)
```

## Deployment Strategies

| Strategy | Use Case | Tools |
|----------|----------|-------|
| Rolling | Standard updates | `set_deployment_image`, `rollout_status` |
| Recreate | Stateful apps | Set strategy in manifest |
| Canary | Risk mitigation | `rollout_*` tools |
| Blue-Green | Zero downtime | `rollout_*` with blue-green |

See [references/STRATEGIES.md](references/STRATEGIES.md) for detailed strategy comparisons.

## Rollback Operations

### Native Kubernetes

```python
rollback_deployment(name, namespace, revision=0)

rollback_deployment(name, namespace, revision=2)
```

### Helm Rollback

```python
rollback_helm_release(name, namespace, revision=1)
```

### Argo Rollouts Rollback

```python
rollout_abort_tool(name, namespace)
```

## Health Verification

After deployment, verify health:

```python
get_pods(namespace, label_selector="app=myapp")

get_pod_metrics(name, namespace)

get_endpoints(namespace)
```

## Multi-Cluster Deployments

Deploy to specific clusters using context:

```python
install_helm_chart(
    name="app",
    chart="./charts/app",
    namespace="prod",
    context="production-us-east"
)

install_helm_chart(
    name="app",
    chart="./charts/app",
    namespace="prod",
    context="production-eu-west"
)
```

## Example Manifests

See [examples/](examples/) for ready-to-use deployment manifests:
- [examples/canary-rollout.yaml](examples/canary-rollout.yaml) - Argo Rollouts canary
- [examples/blue-green.yaml](examples/blue-green.yaml) - Blue-green deployment
- [examples/hpa-deployment.yaml](examples/hpa-deployment.yaml) - Deployment with HPA

## Prerequisites

- **Argo Rollouts**: Required for `rollout_*` tools
  ```bash
  kubectl create namespace argo-rollouts
  kubectl apply -n argo-rollouts -f https://github.com/argoproj/argo-rollouts/releases/latest/download/install.yaml
  ```
- **Flagger**: Required for `flagger_*` tools
  ```bash
  kubectl apply -k github.com/fluxcd/flagger/kustomize/kubernetes
  ```

## Related Skills

- [k8s-gitops](../k8s-gitops/SKILL.md) - GitOps deployments with Flux/ArgoCD
- [k8s-autoscaling](../k8s-autoscaling/SKILL.md) - Auto-scale deployments
- [k8s-rollouts](../k8s-rollouts/SKILL.md) - Advanced progressive delivery
- [k8s-helm](../k8s-helm/SKILL.md) - Helm chart operations

```

### ../k8s-gitops/SKILL.md

```markdown
---
name: k8s-gitops
description: Manage GitOps workflows with Flux and ArgoCD. Use for sync status, reconciliation, app management, source management, and GitOps troubleshooting.
license: Apache-2.0
metadata:
  author: rohitg00
  version: "1.0.0"
  tools: 7
  category: gitops
---

# Kubernetes GitOps

GitOps workflows using Flux and ArgoCD with kubectl-mcp-server tools.

## When to Apply

Use this skill when:
- User mentions: "Flux", "ArgoCD", "GitOps", "sync", "reconcile"
- Operations: checking sync status, triggering reconciliation, drift detection
- Keywords: "out of sync", "deploy from git", "continuous delivery"

## Priority Rules

| Priority | Rule | Impact | Tools |
|----------|------|--------|-------|
| 1 | Check source readiness before troubleshooting | CRITICAL | `flux_sources_list_tool` |
| 2 | Verify sync status before deployments | HIGH | `argocd_app_get_tool` |
| 3 | Reconcile after git changes | MEDIUM | `flux_reconcile_tool` |
| 4 | Suspend before manual changes | LOW | `flux_suspend_tool` |

## Quick Reference

| Task | Tool | Example |
|------|------|---------|
| List Flux kustomizations | `flux_kustomizations_list_tool` | `flux_kustomizations_list_tool(namespace)` |
| Reconcile Flux | `flux_reconcile_tool` | `flux_reconcile_tool(kind, name, namespace)` |
| List ArgoCD apps | `argocd_apps_list_tool` | `argocd_apps_list_tool(namespace)` |
| Sync ArgoCD | `argocd_sync_tool` | `argocd_sync_tool(name, namespace)` |

## Flux CD

### Check Flux Status

```python
flux_kustomizations_list_tool(namespace="flux-system")
flux_helmreleases_list_tool(namespace)
flux_sources_list_tool(namespace="flux-system")
```

### Reconcile Resources

```python
flux_reconcile_tool(
    kind="kustomization",
    name="my-app",
    namespace="flux-system"
)

flux_reconcile_tool(
    kind="helmrelease",
    name="my-chart",
    namespace="default"
)
```

### Suspend/Resume

```python
flux_suspend_tool(kind="kustomization", name="my-app", namespace="flux-system")

flux_resume_tool(kind="kustomization", name="my-app", namespace="flux-system")
```

See [FLUX.md](FLUX.md) for detailed Flux workflows.

## ArgoCD

### List Applications

```python
argocd_apps_list_tool(namespace="argocd")
```

### Get App Status

```python
argocd_app_get_tool(name="my-app", namespace="argocd")
```

### Sync Application

```python
argocd_sync_tool(name="my-app", namespace="argocd")
```

### Refresh App

```python
argocd_refresh_tool(name="my-app", namespace="argocd")
```

See [ARGOCD.md](ARGOCD.md) for detailed ArgoCD workflows.

## GitOps Troubleshooting

### Flux Not Syncing

| Symptom | Check | Resolution |
|---------|-------|------------|
| Source not ready | `flux_sources_list_tool()` | Check git credentials |
| Kustomization failed | `flux_kustomizations_list_tool()` | Check manifest errors |
| HelmRelease failed | `flux_helmreleases_list_tool()` | Check values, chart version |

### ArgoCD Out of Sync

| Symptom | Check | Resolution |
|---------|-------|------------|
| OutOfSync | `argocd_app_get_tool()` | Manual sync or check auto-sync |
| Degraded | Check health status | Fix unhealthy resources |
| Unknown | Refresh app | `argocd_refresh_tool()` |

## Environment Promotion

### With Flux Kustomizations

```python
flux_reconcile_tool(kind="kustomization", name="staging", namespace="flux-system")

flux_reconcile_tool(kind="kustomization", name="production", namespace="flux-system")
```

### With ArgoCD

```python
argocd_sync_tool(name="app-staging", namespace="argocd")

argocd_app_get_tool(name="app-staging", namespace="argocd")

argocd_sync_tool(name="app-production", namespace="argocd")
```

## Multi-Cluster GitOps

Manage GitOps across clusters:

```python
flux_kustomizations_list_tool(namespace="flux-system", context="cluster-1")
flux_kustomizations_list_tool(namespace="flux-system", context="cluster-2")

flux_reconcile_tool(
    kind="kustomization",
    name="apps",
    namespace="flux-system",
    context="production-cluster"
)
```

## Drift Detection

Compare live state with desired:

```python
argocd_app_get_tool(name="my-app", namespace="argocd")

flux_kustomizations_list_tool(namespace="flux-system")
```

## Prerequisites

- **Flux**: Required for Flux tools
  ```bash
  flux install
  ```
- **ArgoCD**: Required for ArgoCD tools
  ```bash
  kubectl create namespace argocd
  kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
  ```

## Related Skills

- [k8s-deploy](../k8s-deploy/SKILL.md) - Standard deployments
- [k8s-helm](../k8s-helm/SKILL.md) - Helm chart management

```