Skip to main content

Overview

Third-party applications are infrastructure components deployed via Helm charts, things like traefik, cert-manager, external-secrets, and ArgoCD itself. This page covers how to update their versions and configurations.

Infrastructure Components

The kit includes these third-party components in kubernetes/src/infrastructure/:

Update Chart Versions

Each component uses a “wrapper chart” pattern: a local Helm chart that includes the upstream chart as a dependency.
1

Find the current version

Check the current version in the component’s values.yaml:
Look for the chartVersions section:
2

Check for new versions

Find the latest version from the chart repository:
3

Update the version

Edit the values file to update the version:
For environment-specific versions, edit values.staging.yaml or values.production.yaml. Setting these independently allows for testing upgrades in lower environments before rolling out to production.
4

Update Chart.lock

Regenerate the lock file with the new dependency:
5

Render and commit

Update Configuration

To change component settings without upgrading versions:
1

Edit the values file

Modify values.yaml for base configuration or values.{environment}.yaml for environment-specific settings:
For example, increase controller replicas:
2

Render manifests

3

Review and commit

ArgoCD automatically syncs the changes.

Add Additional Manifests

Many components need additional manifests beyond the upstream chart (ClusterIssuers, StorageClasses, etc.). Add these in the wrapper chart’s templates/ directory:
These templates are rendered alongside the upstream chart resources.

Environment-Specific Configuration

Use values overlay files for environment differences:
The render process merges base values with environment-specific overrides.

Enable/Disable Components

Components are enabled/disabled in the ArgoCD infrastructure app-of-apps:
After changing, render and push:

Upgrade Strategies

Minor/Patch Updates

For minor and patch version updates (e.g., 4.12.24.12.3):
  1. Update the version in values.yaml
  2. Run helm dependency update
  3. Render, commit, and push
  4. ArgoCD syncs automatically

Major Updates

For major version updates (e.g., 4.x5.x):
  1. Read the changelog for breaking changes
  2. Test in staging first before production
  3. Update values if configuration schema changed
  4. Have a rollback plan if the component is critical
Major version upgrades may require CRD updates. Check the component’s upgrade guide and apply CRD changes before upgrading the chart.

CRD Updates

Some components (cert-manager, ArgoCD, Karpenter) use CRDs that may need manual updates:
Check the component’s documentation for CRD upgrade procedures.

Best Practices

  1. Test in staging first - Always upgrade staging before production
  2. Read changelogs - Especially for major versions
  3. Update one component at a time - Easier to isolate issues
  4. Keep versions consistent - Use the same version across environments when possible
  5. Monitor after upgrades - Watch metrics and logs for regressions

Next Steps