DEV.co
Open-Source Testing · helm

chart-testing

chart-testing (ct) is a CLI tool for linting and testing Helm charts, designed to run in CI/CD pipelines. It automatically detects changed charts, validates YAML syntax, and can install charts to verify their functionality before merge.

Source: GitHub — github.com/helm/chart-testing
1.6k
GitHub stars
251
Forks
Go
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryhelm/chart-testing
Ownerhelm
Primary languageGo
LicenseApache-2.0 — OSI-approved
Stars1.6k
Forks251
Open issues7
Latest releasev3.14.0 (2025-10-08)
Last updated2026-07-06
Sourcehttps://github.com/helm/chart-testing

What chart-testing is

Written in Go, ct integrates Helm, Yamllint, Yamale, and Kubectl to provide chart validation, schema checking, and installation testing. It supports configuration via CLI flags, environment variables, or config files with precedence rules, and includes Docker image distribution for consistent test environments.

Quickstart

Get the chart-testing source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/helm/chart-testing.gitcd chart-testing# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Helm chart CI/CD validation

Automate linting and testing of Helm charts in pull requests before merge to catch YAML errors, schema violations, and deployment issues early in the release pipeline.

Multi-chart repository testing

Test multiple chart directories and detect only changed charts against a target branch, reducing redundant validation in monorepo chart repositories.

Container-native test environment

Use the official Docker image (quay.io/helmpack/chart-testing) to standardize test environments across developers and CI systems without local dependency management.

Implementation considerations

  • Requires Helm, Git (≥2.17.0), Yamllint, Yamale, and Kubectl installed or use the provided Docker image to eliminate local setup.
  • Configuration supports CLI flags, environment variables (CT_ prefix), and config files with explicit precedence; mix strategies carefully to avoid conflicts.
  • Linting requires yamllint and yamale config files discoverable in ./ct, $HOME/.ct, or /etc/ct; provide explicit paths or use the Docker image with bundled defaults.
  • Private chart repositories can be authenticated via helm-repo-extra-args for both HTTPS and OCI registries; plan credential injection carefully for CI/CD security.
  • Chart install tests require a running Kubernetes cluster; ensure your CI runner has kubeconfig access or use kind/minikube for isolated test clusters.

When to avoid it — and what to weigh

  • Non-Helm deployment tooling — ct is Helm-specific; if your infrastructure uses Kustomize, Terraform, or other non-Helm tools, this tool will not be applicable.
  • Runtime security testing required — ct performs static linting and schema validation only; it does not provide container image scanning, network policy validation, or dynamic security testing.
  • Minimal dependencies preferred — Installation requires Helm, Git, Yamllint, Yamale, Kubectl, and optionally Docker; if dependency minimization is a constraint, consider the overhead.
  • Custom chart testing logic — ct offers standard linting and install tests; if your charts require domain-specific or complex post-deployment validation, custom testing frameworks may be necessary.

License & commercial use

Apache License 2.0 (Apache-2.0). Permissive OSI-approved license permitting commercial use, modification, and distribution with attribution and liability disclaimer.

Apache-2.0 is a permissive OSI license explicitly permitting commercial use. No additional licensing restrictions are evident. Review the LICENSE file in the repository for the authoritative text if legal certainty is critical for your organization.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

ct itself is a linting and testing tool with no data exposure. Security considerations center on: (1) Helm and Kubectl are invoked; ensure kubeconfig and cluster access are restricted; (2) chart-repos config and helm-repo-extra-args may carry credentials; inject via environment variables or CI secrets, not plain config files; (3) Yamllint and Yamale configurations can be customized; review for unexpected validation bypasses; (4) Docker image sourced from quay.io/helmpack/chart-testing; verify image provenance and scan for vulnerabilities in bundled dependencies.

Alternatives to consider

Helm lint + custom shell scripts

Lightweight alternative if you only need basic YAML validation; requires manual integration of Yamllint and Yamale, no automatic change detection.

Datree

Commercial SaaS tool for Helm and Kubernetes YAML validation with policy engines and dashboard; better for centralized governance but adds external dependency and cost.

Pulumi (policy-as-code)

Programmatic infrastructure-as-code with validation and testing; requires rewriting charts as Pulumi code, suitable for organizations already using Pulumi.

Software development agency

Build on chart-testing with DEV.co software developers

Integrate chart-testing into your CI/CD pipeline for reliable, consistent Helm chart validation. Start with the Docker image or binary distribution and review the charts-repo-actions-demo for workflow examples.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

chart-testing FAQ

Do I need Kubernetes running to use ct?
Only if you use the `ct install` or `ct lint-and-install` commands, which deploy charts to verify them. `ct lint` and `ct list-changed` do not require a cluster.
Can I use ct with private Helm repositories?
Yes, via the chart-repos and helm-repo-extra-args config options. You can pass --username, --password, --ca-file, and other helm repo add arguments per repository.
How does ct detect which charts changed?
It uses Git diff against a target branch (default is origin/main or specified via --target-branch). The `ct list-changed` command shows detected charts without running tests.
Is the Docker image production-ready?
The Docker image from quay.io/helmpack/chart-testing is the recommended distribution and includes all dependencies; verify image provenance and scan for vulnerabilities per your security policy.

Software developers & web developers for hire

From first prototype to production, DEV.co delivers software development services around tools like chart-testing. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source testing and beyond.

Ready to automate Helm chart testing?

Integrate chart-testing into your CI/CD pipeline for reliable, consistent Helm chart validation. Start with the Docker image or binary distribution and review the charts-repo-actions-demo for workflow examples.