Verify Flux HelmRelease rollout and collect Helm test feedback
Project description
HelmRelease Verifier
Small Python CLI to verify Flux HelmRelease deployments via the Kubernetes API and publish JUnit-compatible results.
Local Run
Prerequisites:
- Python 3.11+
- kubeconfig/context with access to target cluster
Single release (pipeline-like):
uv run helmrelease-verifier verify \
-r <release> \
-e <app-version> \
-o ./results.xml
If -n/--namespace is omitted, the current kube context namespace is used.
Short alias (same command, fewer keystrokes):
uv run hrv verify -r <release> -e <app-version>
Dynamic pytest sweep across HelmReleases:
uv run hrv verify -A -r "api|service"
All targets in current namespace (omit -r):
uv run hrv verify -o pytest-report.html
All targets in all namespaces:
uv run hrv verify -A -o pytest-report.html
Controller selection (repeatable):
uv run hrv verify -A -c flux -c argo -r "sample"
Current Argo CD support is a discovery and pytest stub path. It is intended as extension scaffolding and reports argo.stub test cases.
Default sweep behavior: no rollout waiting (-w 0). This is ideal for full-cluster audits.
Optional bounded wait per release (seconds):
uv run hrv verify -A -w 30
Optional parallel execution:
uv run hrv verify -A -P 4
Namespace and release filtering:
uv run hrv verify -n "^(dev|stage|prod)-apps$" -r "service$"
Generated by discovery mode:
- Default HTML report:
pytest-report.html - Override/add outputs with
-o:.html=> pytest HTML report.xml=> JUnit XML
- Examples:
-o pytest-report.html-o results.xml-o pytest-report.html -o results.xml
Using pipx (from repo checkout):
pipx run --spec . helmrelease-verifier -h
Run tests:
uv run pytest
Tool unit tests do not generate an HTML report by default.
If needed:
uv run pytest --html=pytest-report.html --self-contained-html
CI Integration Examples
Ready-to-copy examples:
- GitHub Actions:
examples/github-actions/verify-helmreleases.yml - Azure DevOps Pipelines:
examples/azure-pipelines/verify-helmreleases.yml
Both examples publish the dynamic pytest HTML report as build artifact and fail the job when one or more HelmReleases fail verification.
Both examples intentionally use uv for consistent developer and CI behavior; PyPI publishing is handled by the release workflow.
Repository workflows:
- CI:
.github/workflows/ci.yml - Release to PyPI (tag-triggered):
.github/workflows/release.yml
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file helmrelease_verifier-0.1.0.tar.gz.
File metadata
- Download URL: helmrelease_verifier-0.1.0.tar.gz
- Upload date:
- Size: 12.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c619cdddf8e3d3ad9358d3a4be16ef51275e52d2ce8fc50933f5eac7b3599032
|
|
| MD5 |
6a16700697e7a65777326bd4951a9709
|
|
| BLAKE2b-256 |
2f5aaf201930e30b2d2fb5a7e4c178bb0ca0351e7a4bdc461cb12675eaec399f
|
Provenance
The following attestation bundles were made for helmrelease_verifier-0.1.0.tar.gz:
Publisher:
release.yml on colenio/helmrelease-verifier
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
helmrelease_verifier-0.1.0.tar.gz -
Subject digest:
c619cdddf8e3d3ad9358d3a4be16ef51275e52d2ce8fc50933f5eac7b3599032 - Sigstore transparency entry: 1372487976
- Sigstore integration time:
-
Permalink:
colenio/helmrelease-verifier@07e01133227b1e4a731f52d7f34f4dea46b6eded -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/colenio
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@07e01133227b1e4a731f52d7f34f4dea46b6eded -
Trigger Event:
push
-
Statement type:
File details
Details for the file helmrelease_verifier-0.1.0-py3-none-any.whl.
File metadata
- Download URL: helmrelease_verifier-0.1.0-py3-none-any.whl
- Upload date:
- Size: 14.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8c22c35a283760c0d2f889e59aa4d6b557a0b39a0484a5571cfb312b3a8ca1a9
|
|
| MD5 |
4725271831cabbeeb4cb976af4290978
|
|
| BLAKE2b-256 |
ed2d9542f336ff02db0acc4737f42c3cefba8b490ea7f7a53f069b78998a094d
|
Provenance
The following attestation bundles were made for helmrelease_verifier-0.1.0-py3-none-any.whl:
Publisher:
release.yml on colenio/helmrelease-verifier
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
helmrelease_verifier-0.1.0-py3-none-any.whl -
Subject digest:
8c22c35a283760c0d2f889e59aa4d6b557a0b39a0484a5571cfb312b3a8ca1a9 - Sigstore transparency entry: 1372488504
- Sigstore integration time:
-
Permalink:
colenio/helmrelease-verifier@07e01133227b1e4a731f52d7f34f4dea46b6eded -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/colenio
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@07e01133227b1e4a731f52d7f34f4dea46b6eded -
Trigger Event:
push
-
Statement type:
