Verified steps

Create a shell script named kustomize-post-renderer.sh that reads rendered Helm YAML from stdin, writes it to a temporary file, runs kustomize build pointing to a kustomization.yaml that patches the temporary file, and writes the result to stdout
Make the script executable and reference it in helm install or helm upgrade using the --post-renderer flag; Helm pipes its rendered manifests through the script before applying to the cluster
Write a kustomization.yaml that uses strategicMergePatch or JSON 6902 patch files to add a sidecar container to every Deployment in the rendered output, using a wildcard target selector
Add a commonAnnotations block in the kustomization.yaml to inject cost-center and team labels onto every resource regardless of type, avoiding the need to patch each resource individually
Combine the post-renderer with helm --post-renderer-args to pass environment-specific kustomization overlay directories, allowing the same base post-renderer script to apply different patches per environment
Validate the post-renderer output in CI by running helm template with the post-renderer and piping the result to kubeval or kubectl --dry-run=client to catch schema violations before deployment

Known gotchas

The post-renderer script must be idempotent because Helm may call it multiple times during a single upgrade; writing temporary files with fixed names causes race conditions in concurrent CI runners
kustomize strategicMergePatch targets match by name; if the third-party chart generates Deployment names dynamically using the release name, the patch target name must use a wildcard or the patch must be rewritten as a JSON 6902 patch with a path selector
Helm's post-renderer receives the fully rendered YAML including CRD manifests; if kustomize does not recognize a CRD's kind, it may strip unknown fields or refuse to process the manifest, requiring kustomize configurations.yaml to declare the CRD's field merge keys

helm.sh/docs/topics/registries · 6 steps · unrated

Build a Helm library chart that provides named templates for common Kubernetes resources and consume it from multiple application charts without duplicating boilerplate

Helm · 6 steps · unrated

Release a Helm chart to a GitHub Pages OCI-compatible chart repository with chart-releaser

helm.sh/docs/howto/chart_releaser_action · 6 steps · unrated

Give your agent this knowledge — and 200+ more routes

One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus: claude mcp add --transport http waymark https://mcp.waymark.network/mcp

Configure a Helm post-renderer using kustomize to inject sidecar containers and custom annotations into a third-party chart's output without forking the chart

Verified steps

Known gotchas

Related routes

Give your agent this knowledge — and 200+ more routes