feat: add values.schema.json for strict Helm values validation

[christhegrand]

Summary

• Adds a values.schema.json (JSON Schema) that covers all 157 top-level values properties used across templates
• Uses additionalProperties: false at every object level so typos and misspelled field names are caught at helm install/helm upgrade time instead of being silently dropped
• Includes type constraints, enums (e.g. logLevel, logFormat, pullPolicy), and range validations where applicable

Motivation

Without a schema, Helm silently ignores unknown values keys. A misspelled field name (e.g. iamge instead of image) passes without error and the intended configuration is never applied.

Validation

• helm lint . passes with default values
• helm template renders successfully with default values and examples/full-example.yaml
• Unknown properties are correctly rejected:

  $ helm template test . --set wrongFieldName=true
  Error: values don't meet the specifications of the schema(s):
  - (root): Additional property wrongFieldName is not allowed
  
  $ helm template test . --set iamge.tag=latest
  Error: values don't meet the specifications of the schema(s):
  - (root): Additional property iamge is not allowed
  

Test plan

• helm lint . passes
• helm template test . renders successfully
• helm template test . -f examples/full-example.yaml renders successfully
• helm template test . --set typoField=true is rejected
• Verify no legitimate values are blocked by the schema

🤖 Generated with Claude Code

[levkk]

Nice. How are you generating this?

[christhegrand]

I added a 'generate schema' script together with an 'overrides' file for some other fields that the script was having trouble inferring properly.

[levkk]

Aight, let's try this! Thanks for writing it up.

Edit: Woops, couple CI failures (the test job)

[christhegrand]

I'll fix the failures.

[christhegrand]

validate-configs is failing with this error: "Error: Input required and not supplied: token". Is there something I need to do to get that to pass?

[levkk]

That one is fine, doesn't work on forks :/ it'll run on main

[christhegrand]

Is there anything else I should add or change here in order to get this merged?

[levkk]

My bad. Merging now.

[frodsan]

We just upgraded and we're receiving the following error:

helm_release.pgdog[0]: Modifying... [id=pgdog]
╷
│ Error: Error upgrading chart
│ 
│   with helm_release.pgdog[0],
│   on addon_pgdog.tf line 240, in resource "helm_release" "pgdog":
│  240: resource "helm_release" "pgdog" {
│ 
│ Upgrade failed: values don't meet the specifications of the schema(s) in
│ the following chart(s):
│ pgdog:
│ - preparedStatements: Invalid type. Expected: integer, given: string
│ - databases.1.readOnly: Invalid type. Expected: boolean, given: string

This is how we have set up preparedStatements, and it's definitely a string:

"preparedStatements": "disabled"

[frodsan]

I created a PR to fix these cases: #103