{"id":13461574,"url":"https://github.com/databus23/helm-diff","last_synced_at":"2026-04-02T11:53:37.369Z","repository":{"id":37601520,"uuid":"83623770","full_name":"databus23/helm-diff","owner":"databus23","description":"A helm plugin that shows a diff explaining what a helm upgrade would change","archived":false,"fork":false,"pushed_at":"2026-03-28T12:21:07.000Z","size":1418,"stargazers_count":3390,"open_issues_count":60,"forks_count":323,"subscribers_count":22,"default_branch":"master","last_synced_at":"2026-03-28T15:53:38.696Z","etag":null,"topics":["charts","helm","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/databus23.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-03-02T02:15:10.000Z","updated_at":"2026-03-27T22:47:26.000Z","dependencies_parsed_at":"2023-10-12T15:29:48.316Z","dependency_job_id":"0983b7de-0ff8-481d-96d0-30e7b7e3b14e","html_url":"https://github.com/databus23/helm-diff","commit_stats":{"total_commits":358,"total_committers":110,"mean_commits":"3.2545454545454544","dds":0.8016759776536313,"last_synced_commit":"1d1c72ca3fca76599af3da378c196f0c20fec122"},"previous_names":[],"tags_count":73,"template":false,"template_full_name":null,"purl":"pkg:github/databus23/helm-diff","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/databus23%2Fhelm-diff","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/databus23%2Fhelm-diff/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/databus23%2Fhelm-diff/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/databus23%2Fhelm-diff/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/databus23","download_url":"https://codeload.github.com/databus23/helm-diff/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/databus23%2Fhelm-diff/sbom","scorecard":{"id":324256,"data":{"date":"2025-08-11","repo":{"name":"github.com/databus23/helm-diff","commit":"22c4a292c24fbc54daece881952d0b0399aa2a06"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.3,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/14 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Warn: no topLevel permission defined: .github/workflows/cleanup.yaml:1","Warn: no topLevel permission defined: .github/workflows/lint-sh.yaml:1","Warn: no topLevel permission defined: .github/workflows/lint.yaml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yaml:9","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-sh.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/lint-sh.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-sh.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/lint-sh.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/lint.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/lint.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/lint.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/databus23/helm-diff/release.yaml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile.release:1: pin your Docker image by updating golang:1.22 to golang:1.22@sha256:1cf6c45ba39db9fd6db16922041d074a63c935556a05c5ccb62d181034df7f02","Info:   0 out of   9 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yaml:12"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v3.12.5 not signed: https://api.github.com/repos/databus23/helm-diff/releases/239834207","Warn: release artifact v3.12.4 not signed: https://api.github.com/repos/databus23/helm-diff/releases/234888694","Warn: release artifact v3.12.3 not signed: https://api.github.com/repos/databus23/helm-diff/releases/230980890","Warn: release artifact v3.12.2 not signed: https://api.github.com/repos/databus23/helm-diff/releases/224030762","Warn: release artifact v3.12.1 not signed: https://api.github.com/repos/databus23/helm-diff/releases/221695239","Warn: release artifact v3.12.5 does not have provenance: https://api.github.com/repos/databus23/helm-diff/releases/239834207","Warn: release artifact v3.12.4 does not have provenance: https://api.github.com/repos/databus23/helm-diff/releases/234888694","Warn: release artifact v3.12.3 does not have provenance: https://api.github.com/repos/databus23/helm-diff/releases/230980890","Warn: release artifact v3.12.2 does not have provenance: https://api.github.com/repos/databus23/helm-diff/releases/224030762","Warn: release artifact v3.12.1 does not have provenance: https://api.github.com/repos/databus23/helm-diff/releases/221695239"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T02:06:03.375Z","repository_id":37601520,"created_at":"2025-08-18T02:06:03.375Z","updated_at":"2025-08-18T02:06:03.375Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31305892,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T09:48:21.550Z","status":"ssl_error","status_checked_at":"2026-04-02T09:48:19.196Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["charts","helm","kubernetes"],"created_at":"2024-07-31T11:00:44.999Z","updated_at":"2026-04-02T11:53:37.363Z","avatar_url":"https://github.com/databus23.png","language":"Go","funding_links":[],"categories":["Go","kubernetes"],"sub_categories":[],"readme":"# Helm Diff Plugin\n[![Go Report Card](https://goreportcard.com/badge/github.com/databus23/helm-diff)](https://goreportcard.com/report/github.com/databus23/helm-diff)\n[![GoDoc](https://godoc.org/github.com/databus23/helm-diff?status.svg)](https://godoc.org/github.com/databus23/helm-diff)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/databus23/helm-diff/blob/master/LICENSE)\n[![zread](https://img.shields.io/badge/Ask_Zread-_.svg?style=flat\u0026color=00b0aa\u0026labelColor=000000\u0026logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPHN2ZyB3aWR0aD0iMTYiIGhlaWdodD0iMTYiIHZpZXdCb3g9IjAgMCAxNiAxNiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHBhdGggZD0iTTQuOTYxNTYgMS42MDAxSDIuMjQxNTZDMS44ODgxIDEuNjAwMSAxLjYwMTU2IDEuODg2NjQgMS42MDE1NiAyLjI0MDFWNC45NjAxQzEuNjAxNTYgNS4zMTM1NiAxLjg4ODEgNS42MDAxIDIuMjQxNTYgNS42MDAxSDQuOTYxNTZDNS4zMTUwMiA1LjYwMDEgNS42MDE1NiA1LjMxMzU2IDUuNjAxNTYgNC45NjAxVjIuMjQwMUM1LjYwMTU2IDEuODg2NjQgNS4zMTUwMiAxLjYwMDEgNC45NjE1NiAxLjYwMDFaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik00Ljk2MTU2IDEwLjM5OTlIMi4yNDE1NkMxLjg4ODEgMTAuMzk5OSAxLjYwMTU2IDEwLjY4NjQgMS42MDE1NiAxMS4wMzk5VjEzLjc1OTlDMS42MDE1NiAxNC4xMTM0IDEuODg4MSAxNC4zOTk5IDIuMjQxNTYgMTQuMzk5OUg0Ljk2MTU2QzUuMzE1MDIgMTQuMzk5OSA1LjYwMTU2IDE0LjExMzQgNS42MDE1NiAxMy43NTk5VjExLjAzOTlDNS42MDE1NiAxMC42ODY0IDUuMzE1MDIgMTAuMzk5OSA0Ljk2MTU2IDEwLjM5OTlaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik0xMy43NTg0IDEuNjAwMUgxMS4wMzg0QzEwLjY4NSAxLjYwMDEgMTAuMzk4NCAxLjg4NjY0IDEwLjM5ODQgMi4yNDAxVjQuOTYwMUMxMC4zOTg0IDUuMzEzNTYgMTAuNjg1IDUuNjAwMSAxMS4wMzg0IDUuNjAwMUgxMy43NTg0QzE0LjExMTkgNS42MDAxIDE0LjM5ODQgNS4zMTM1NiAxNC4zOTg0IDQuOTYwMVYyLjI0MDFDMTQuMzk4NCAxLjg4NjY0IDE0LjExMTkgMS42MDAxIDEzLjc1ODQgMS42MDAxWiIgZmlsbD0iI2ZmZiIvPgo8cGF0aCBkPSJNNCAxMkwxMiA0TDQgMTJaIiBmaWxsPSIjZmZmIi8%2BCjxwYXRoIGQ9Ik00IDEyTDEyIDQiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLXdpZHRoPSIxLjUiIHN0cm9rZS1saW5lY2FwPSJyb3VuZCIvPgo8L3N2Zz4K\u0026logoColor=ffffff)](https://zread.ai/databus23/helm-diff)\n\nThis is a Helm plugin giving you a preview of what a `helm upgrade` would change.\nIt basically generates a diff between the latest deployed version of a release\nand a `helm template`-rendered manifest (or `helm upgrade --dry-run` when `HELM_DIFF_USE_UPGRADE_DRY_RUN=true` is set).\nThis can also be used to compare two revisions/versions of your helm release.\n\n\u003ca href=\"https://asciinema.org/a/105326\" target=\"_blank\"\u003e\u003cimg src=\"https://asciinema.org/a/105326.png\" /\u003e\u003c/a\u003e\n\n## Install\n\n### Using Helm plugin manager (\u003e 2.3.x)\n\n*requires helm 3.18+*\n\n```shell\nhelm plugin install https://github.com/databus23/helm-diff\n```\n\n**For Helm 4 users:**\n\nHelm 4 requires plugin verification by default. Since this plugin does not yet provide provenance artifacts, you need to use the `--verify=false` flag:\n\n```shell\nhelm plugin install https://github.com/databus23/helm-diff --verify=false\n```\n\nFor more information about Helm 4's plugin verification, see:\n- [Helm 4 Overview](https://helm.sh/docs/overview)\n- [HIP-0026: Plugin Provenance](https://github.com/helm/community/blob/main/hips/hip-0026.md)\n- [Helm Provenance Documentation](https://helm.sh/docs/topics/provenance/)\n\n### Pre Helm 2.3.0 Installation\nPick a release tarball from the [releases](https://github.com/databus23/helm-diff/releases) page.\n\nUnpack the tarball in your helm plugins directory (`$(helm home)/plugins`).\n\nE.g.\n```\ncurl -L $TARBALL_URL | tar -C $(helm home)/plugins -xzv\n```\n\n### From Source\n#### Prerequisites\n - GoLang `\u003e= 1.21`\n\nMake sure you do not have a version of `helm-diff` installed. You can remove it by running `helm plugin uninstall diff`\n\n#### Installation Steps\nThe first step is to download the repository and enter the directory. You can do this via `git clone` or downloading and extracting the release. If you clone via git, remember to checkout the latest tag for the latest release.\n\nNext, install the plugin into helm.\n\n```bash\nmake install/helm\n```\n\n\n## Usage\n\n```\nThe Helm Diff Plugin\n\n* Shows a diff explaining what a helm upgrade would change:\n    This fetches the currently deployed version of a release\n  and compares it to a local chart plus values. This can be\n  used to visualize what changes a helm upgrade will perform.\n\n* Shows a diff explaining what had changed between two revisions:\n    This fetches previously deployed versions of a release\n  and compares them. This can be used to visualize what changes\n  were made during revision change.\n\n* Shows a diff explaining what a helm rollback would change:\n    This fetches the currently deployed version of a release\n  and compares it to the previously deployed version of the release, that you\n  want to rollback. This can be used to visualize what changes a\n  helm rollback will perform.\n\nUsage:\n  diff [flags]\n  diff [command]\n\nAvailable Commands:\n  completion  Generate the autocompletion script for the specified shell\n  release     Shows diff between release's manifests\n  revision    Shows diff between revision's manifests\n  rollback    Show a diff explaining what a helm rollback could perform\n  upgrade     Show a diff explaining what a helm upgrade would change.\n  version     Show version of the helm diff plugin\n\nFlags:\n      --allow-unreleased                         enables diffing of releases that are not yet deployed via Helm\n  -a, --api-versions stringArray                 Kubernetes api versions used for Capabilities.APIVersions\n      --color                                    color output. You can control the value for this flag via HELM_DIFF_COLOR=[true|false]. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n  -C, --context int                              output NUM lines of context around changes (default -1)\n      --detailed-exitcode                        return a non-zero exit code when there are changes\n      --devel                                    use development versions, too. Equivalent to version '\u003e0.0.0-0'. If --version is set, this is ignored.\n      --disable-openapi-validation               disables rendered templates validation against the Kubernetes OpenAPI Schema\n      --disable-validation                       disables rendered templates validation against the Kubernetes cluster you are currently pointing to. This is the same validation performed on an install\n      --dry-run string[=\"client\"]                --dry-run, --dry-run=client, or --dry-run=true disables cluster access and show diff as if it was install. Implies --install, --reset-values, and --disable-validation. --dry-run=server enables the cluster access with helm-get and the lookup template function.\n      --enable-dns                               enable DNS lookups when rendering templates\n  -D, --find-renames float32                     Enable rename detection if set to any value greater than 0. If specified, the value denotes the maximum fraction of changed content as lines added + removed compared to total lines in a diff for considering it a rename. Only objects of the same Kind are attempted to be matched\n  -h, --help                                     help for diff\n      --include-crds                             include CRDs in the diffing\n      --include-tests                            enable the diffing of the helm test hooks\n      --insecure-skip-tls-verify                 skip tls certificate checks for the chart download\n      --install                                  enables diffing of releases that are not yet deployed via Helm (equivalent to --allow-unreleased, added to match \"helm upgrade --install\" command\n      --kube-version string                      Kubernetes version used for Capabilities.KubeVersion\n      --kubeconfig string                        This flag is ignored, to allow passing of this top level flag to helm\n      --no-color                                 remove colors from the output. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n      --no-hooks                                 disable diffing of hooks\n      --normalize-manifests                      normalize manifests before running diff to exclude style differences from the output\n      --output string                            Possible values: diff, simple, template, json, structured, dyff. When set to \"template\", use the env var HELM_DIFF_TPL to specify the template. (default \"diff\")\n      --post-renderer string                     the path to an executable to be used for post rendering. If it exists in $PATH, the binary will be used, otherwise it will try to look for the executable at the given path\n      --post-renderer-args stringArray           an argument to the post-renderer (can specify multiple)\n      --repo string                              specify the chart repository url to locate the requested chart\n      --reset-then-reuse-values                  reset the values to the ones built into the chart, apply the last release's values and merge in any new values. If '--reset-values' or '--reuse-values' is specified, this is ignored\n      --reset-values                             reset the values to the ones built into the chart and merge in any new values\n      --reuse-values                             reuse the last release's values and merge in any new values. If '--reset-values' is specified, this is ignored\n      --set stringArray                          set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)\n      --set-file stringArray                     set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2)\n      --set-json stringArray                     set JSON values on the command line (can specify multiple or separate values with commas: key1=jsonval1,key2=jsonval2)\n      --set-literal stringArray                  set STRING literal values on the command line\n      --set-string stringArray                   set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)\n      --show-secrets                             do not redact secret values in the output\n      --show-secrets-decoded                     decode secret values in the output\n      --skip-schema-validation                   skip validation of the rendered manifests against the Kubernetes OpenAPI schema\n      --strip-trailing-cr                        strip trailing carriage return on input\n      --suppress stringArray                     allows suppression of the kinds listed in the diff output (can specify multiple, like '--suppress Deployment --suppress Service')\n      --suppress-output-line-regex stringArray   a regex to suppress diff output lines that match\n  -q, --suppress-secrets                         suppress secrets in the output\n      --take-ownership                           if set, upgrade will ignore the check for helm annotations and take ownership of the existing resources\n      --three-way-merge                          use three-way-merge to compute patch and generate diff output\n  -f, --values valueFiles                        specify values in a YAML file (can specify multiple) (default [])\n      --version string                           specify the exact chart version to use. If this is not specified, the latest version is used\n\nAdditional help topcis:\n  diff\n\nUse \"diff [command] --help\" for more information about a command.\n```\n\n### Structured JSON output\n\nSet `--output structured` (or `HELM_DIFF_OUTPUT=structured`) to emit machine-readable JSON. Each entry reports the Kubernetes object metadata, resource existence, and per-field changes using JSON Pointer paths:\n\n```shell\nhelm diff upgrade prod api ./charts/api --output structured\n```\n\n```json\n[\n  {\n    \"apiVersion\": \"apps/v1\",\n    \"kind\": \"Deployment\",\n    \"namespace\": \"prod\",\n    \"name\": \"api\",\n    \"changeType\": \"MODIFY\",\n    \"resourceStatus\": {\"oldExists\": true, \"newExists\": true},\n    \"changes\": [\n      {\"path\": \"spec\", \"field\": \"replicas\", \"change\": \"replace\", \"oldValue\": 2, \"newValue\": 3},\n      {\"path\": \"spec.template.spec.containers[0]\", \"field\": \"image\", \"change\": \"replace\", \"oldValue\": \"api:v1\", \"newValue\": \"api:v2\"}\n    ]\n  }\n]\n```\n\nWhen a kind is suppressed via `--suppress`, `changesSuppressed` is set to `true` and field details are omitted. Nested metadata such as labels show the container path (`metadata.labels`) and expose the label key through the `field` property (for example `app.kubernetes.io/version`).\n\n## Commands:\n\n### upgrade:\n\n```\n$ helm diff upgrade -h\nShow a diff explaining what a helm upgrade would change.\n\nThis fetches the currently deployed version of a release\nand compares it to a chart plus values.\nThis can be used to visualize what changes a helm upgrade will\nperform.\n\nUsage:\n  diff upgrade [flags] [RELEASE] [CHART]\n\nExamples:\n  helm diff upgrade my-release stable/postgresql --values values.yaml\n\n  # Set HELM_DIFF_IGNORE_UNKNOWN_FLAGS=true to ignore unknown flags\n  # It's useful when you're using `helm-diff` in a `helm upgrade` wrapper.\n  # See https://github.com/databus23/helm-diff/issues/278 for more information.\n  HELM_DIFF_IGNORE_UNKNOWN_FLAGS=true helm diff upgrade my-release stable/postgres --wait\n\n  # Set HELM_DIFF_USE_UPGRADE_DRY_RUN=true to\n  # use `helm upgrade --dry-run` instead of `helm template` to render manifests from the chart.\n  # See https://github.com/databus23/helm-diff/issues/253 for more information.\n  HELM_DIFF_USE_UPGRADE_DRY_RUN=true helm diff upgrade my-release datadog/datadog\n\n  # Set HELM_DIFF_THREE_WAY_MERGE=true to\n  # enable the three-way-merge on diff.\n  # This is equivalent to specifying the --three-way-merge flag.\n  # Read the flag usage below for more information on --three-way-merge.\n  HELM_DIFF_THREE_WAY_MERGE=true helm diff upgrade my-release datadog/datadog\n\n  # Set HELM_DIFF_NORMALIZE_MANIFESTS=true to\n  # normalize the yaml file content when using helm diff.\n  # This is equivalent to specifying the --normalize-manifests flag.\n  # Read the flag usage below for more information on --normalize-manifests.\n  HELM_DIFF_NORMALIZE_MANIFESTS=true helm diff upgrade my-release datadog/datadog\n\n# Set HELM_DIFF_OUTPUT_CONTEXT=n to configure the output context to n lines.\n# This is equivalent to specifying the --context flag.\n# Read the flag usage below for more information on --context.\nHELM_DIFF_OUTPUT_CONTEXT=5 helm diff upgrade my-release datadog/datadog\n\nFlags:\n      --allow-unreleased                         enables diffing of releases that are not yet deployed via Helm\n  -a, --api-versions stringArray                 Kubernetes api versions used for Capabilities.APIVersions\n  -C, --context int                              output NUM lines of context around changes (default -1)\n      --detailed-exitcode                        return a non-zero exit code when there are changes\n      --devel                                    use development versions, too. Equivalent to version '\u003e0.0.0-0'. If --version is set, this is ignored.\n      --disable-openapi-validation               disables rendered templates validation against the Kubernetes OpenAPI Schema\n      --disable-validation                       disables rendered templates validation against the Kubernetes cluster you are currently pointing to. This is the same validation performed on an install\n      --dry-run string[=\"client\"]                --dry-run, --dry-run=client, or --dry-run=true disables cluster access and show diff as if it was install. Implies --install, --reset-values, and --disable-validation. --dry-run=server enables the cluster access with helm-get and the lookup template function.\n      --enable-dns                               enable DNS lookups when rendering templates\n  -D, --find-renames float32                     Enable rename detection if set to any value greater than 0. If specified, the value denotes the maximum fraction of changed content as lines added + removed compared to total lines in a diff for considering it a rename. Only objects of the same Kind are attempted to be matched\n  -h, --help                                     help for upgrade\n      --include-crds                             include CRDs in the diffing\n      --include-tests                            enable the diffing of the helm test hooks\n      --insecure-skip-tls-verify                 skip tls certificate checks for the chart download\n      --install                                  enables diffing of releases that are not yet deployed via Helm (equivalent to --allow-unreleased, added to match \"helm upgrade --install\" command\n      --kube-version string                      Kubernetes version used for Capabilities.KubeVersion\n      --kubeconfig string                        This flag is ignored, to allow passing of this top level flag to helm\n      --no-hooks                                 disable diffing of hooks\n      --normalize-manifests                      normalize manifests before running diff to exclude style differences from the output\n      --output string                            Possible values: diff, simple, template, json, structured, dyff. When set to \"template\", use the env var HELM_DIFF_TPL to specify the template. (default \"diff\")\n      --post-renderer string                     the path to an executable to be used for post rendering. If it exists in $PATH, the binary will be used, otherwise it will try to look for the executable at the given path\n      --post-renderer-args stringArray           an argument to the post-renderer (can specify multiple)\n      --repo string                              specify the chart repository url to locate the requested chart\n      --reset-then-reuse-values                  reset the values to the ones built into the chart, apply the last release's values and merge in any new values. If '--reset-values' or '--reuse-values' is specified, this is ignored\n      --reset-values                             reset the values to the ones built into the chart and merge in any new values\n      --reuse-values                             reuse the last release's values and merge in any new values. If '--reset-values' is specified, this is ignored\n      --set stringArray                          set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)\n      --set-file stringArray                     set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2)\n      --set-json stringArray                     set JSON values on the command line (can specify multiple or separate values with commas: key1=jsonval1,key2=jsonval2)\n      --set-literal stringArray                  set STRING literal values on the command line\n      --set-string stringArray                   set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)\n      --show-secrets                             do not redact secret values in the output\n      --show-secrets-decoded                     decode secret values in the output\n      --skip-schema-validation                   skip validation of the rendered manifests against the Kubernetes OpenAPI schema\n      --strip-trailing-cr                        strip trailing carriage return on input\n      --suppress stringArray                     allows suppression of the kinds listed in the diff output (can specify multiple, like '--suppress Deployment --suppress Service')\n      --suppress-output-line-regex stringArray   a regex to suppress diff output lines that match\n  -q, --suppress-secrets                         suppress secrets in the output\n      --take-ownership                           if set, upgrade will ignore the check for helm annotations and take ownership of the existing resources\n      --three-way-merge                          use three-way-merge to compute patch and generate diff output\n  -f, --values valueFiles                        specify values in a YAML file (can specify multiple) (default [])\n      --version string                           specify the exact chart version to use. If this is not specified, the latest version is used\n\nGlobal Flags:\n      --color      color output. You can control the value for this flag via HELM_DIFF_COLOR=[true|false]. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n      --no-color   remove colors from the output. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n```\n\n### release:\n\n```\n$ helm diff release -h\n\nThis command compares the manifests details of a different releases created from the same chart.\nThe release name may be specified using namespace/release syntax.\n\nIt can be used to compare the manifests of\n\n - release1 with release2\n        $ helm diff release [flags] release1 release2\n   Example:\n        $ helm diff release my-prod my-stage\n        $ helm diff release prod/my-prod stage/my-stage\n\nUsage:\n  diff release [flags] RELEASE release1 [release2]\n\nFlags:\n  -C, --context int                              output NUM lines of context around changes (default -1)\n      --detailed-exitcode                        return a non-zero exit code when there are changes\n  -D, --find-renames float32                     Enable rename detection if set to any value greater than 0. If specified, the value denotes the maximum fraction of changed content as lines added + removed compared to total lines in a diff for considering it a rename. Only objects of the same Kind are attempted to be matched\n  -h, --help                                     help for release\n      --include-tests                            enable the diffing of the helm test hooks\n      --normalize-manifests                      normalize manifests before running diff to exclude style differences from the output\n      --output string                            Possible values: diff, simple, template, json, structured, dyff. When set to \"template\", use the env var HELM_DIFF_TPL to specify the template. (default \"diff\")\n      --show-secrets                             do not redact secret values in the output\n      --strip-trailing-cr                        strip trailing carriage return on input\n      --suppress stringArray                     allows suppression of the kinds listed in the diff output (can specify multiple, like '--suppress Deployment --suppress Service')\n      --suppress-output-line-regex stringArray   a regex to suppress diff output lines that match\n  -q, --suppress-secrets                         suppress secrets in the output\n\nGlobal Flags:\n      --color      color output. You can control the value for this flag via HELM_DIFF_COLOR=[true|false]. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n      --no-color   remove colors from the output. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n```\n\n### revision:\n\n```\n$ helm diff revision -h\n\nThis command compares the manifests details of a named release.\n\nIt can be used to compare the manifests of\n\n - latest REVISION with specified REVISION\n        $ helm diff revision [flags] RELEASE REVISION1\n   Example:\n        $ helm diff revision my-release 2\n\n - REVISION1 with REVISION2\n        $ helm diff revision [flags] RELEASE REVISION1 REVISION2\n   Example:\n        $ helm diff revision my-release 2 3\n\nUsage:\n  diff revision [flags] RELEASE REVISION1 [REVISION2]\n\nFlags:\n  -C, --context int                              output NUM lines of context around changes (default -1)\n      --show-secrets-decoded                     decode secret values in the output\n      --detailed-exitcode                        return a non-zero exit code when there are changes\n  -D, --find-renames float32                     Enable rename detection if set to any value greater than 0. If specified, the value denotes the maximum fraction of changed content as lines added + removed compared to total lines in a diff for considering it a rename. Only objects of the same Kind are attempted to be matched\n  -h, --help                                     help for revision\n      --include-tests                            enable the diffing of the helm test hooks\n      --normalize-manifests                      normalize manifests before running diff to exclude style differences from the output\n      --output string                            Possible values: diff, simple, template, json, structured, dyff. When set to \"template\", use the env var HELM_DIFF_TPL to specify the template. (default \"diff\")\n      --show-secrets                             do not redact secret values in the output\n      --show-secrets-decoded                     decode secret values in the output\n      --strip-trailing-cr                        strip trailing carriage return on input\n      --suppress stringArray                     allows suppression of the kinds listed in the diff output (can specify multiple, like '--suppress Deployment --suppress Service')\n      --suppress-output-line-regex stringArray   a regex to suppress diff output lines that match\n  -q, --suppress-secrets                         suppress secrets in the output\n\nGlobal Flags:\n      --color      color output. You can control the value for this flag via HELM_DIFF_COLOR=[true|false]. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n      --no-color   remove colors from the output. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n```\n\n### rollback:\n\n```\n$ helm diff rollback -h\n\nThis command compares the latest manifest details of a named release\nwith specific revision values to rollback.\n\nIt forecasts/visualizes changes, that a helm rollback could perform.\n\nUsage:\n  diff rollback [flags] [RELEASE] [REVISION]\n\nExamples:\n  helm diff rollback my-release 2\n\nFlags:\n  -C, --context int                              output NUM lines of context around changes (default -1)\n      --detailed-exitcode                        return a non-zero exit code when there are changes\n  -D, --find-renames float32                     Enable rename detection if set to any value greater than 0. If specified, the value denotes the maximum fraction of changed content as lines added + removed compared to total lines in a diff for considering it a rename. Only objects of the same Kind are attempted to be matched\n  -h, --help                                     help for rollback\n      --include-tests                            enable the diffing of the helm test hooks\n      --normalize-manifests                      normalize manifests before running diff to exclude style differences from the output\n      --output string                            Possible values: diff, simple, template, json, structured, dyff. When set to \"template\", use the env var HELM_DIFF_TPL to specify the template. (default \"diff\")\n      --show-secrets                             do not redact secret values in the output\n      --show-secrets-decoded                     decode secret values in the output\n      --strip-trailing-cr                        strip trailing carriage return on input\n      --suppress stringArray                     allows suppression of the kinds listed in the diff output (can specify multiple, like '--suppress Deployment --suppress Service')\n      --suppress-output-line-regex stringArray   a regex to suppress diff output lines that match\n  -q, --suppress-secrets                         suppress secrets in the output\n\nGlobal Flags:\n      --color      color output. You can control the value for this flag via HELM_DIFF_COLOR=[true|false]. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n      --no-color   remove colors from the output. If both --no-color and --color are unspecified, coloring enabled only when the stdout is a term and TERM is not \"dumb\"\n```\n\n## Build\n\nClone the repository into your `$GOPATH` and then build it.\n\n```\n$ mkdir -p $GOPATH/src/github.com/databus23/\n$ cd $GOPATH/src/github.com/databus23/\n$ git clone https://github.com/databus23/helm-diff.git\n$ cd helm-diff\n$ make install\n```\n\nThe above will install this plugin into your `$HELM_HOME/plugins` directory.\n\n### Prerequisites\n\n- You need to have [Go](http://golang.org) installed. Make sure to set `$GOPATH`\n\n### Running Tests\nAutomated tests are implemented with [*testing*](https://golang.org/pkg/testing/).\n\nTo run all tests:\n```\ngo test -v ./...\n```\n\n## Release\n\nBump `version` in `plugin.yaml`:\n\n```\n$ code plugin.yaml\n$ git commit -s -m 'Bump helm-diff version to 3.x.y'\n```\n\nSet `GITHUB_TOKEN` and run:\n\n```\n$ make docker-run-release\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatabus23%2Fhelm-diff","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdatabus23%2Fhelm-diff","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatabus23%2Fhelm-diff/lists"}