chore(release): 2.1.0 [skip ci]

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.github/workflows/README.md

@@ -15,9 +15,8 @@ Use this for all version releases:
 - ✅ Updates chart version
 - ✅ Creates git tag
 - ✅ Builds Docker image with all proper tags
-- ✅ Publishes Helm chart to GHCR
+- ✅ Publishes Helm chart to GitHub Pages (`https://cpfarhood.github.io/devcontainer`)
 - ✅ Creates GitHub Release with changelog
-- ✅ No more `[skip ci]` blocking builds!
 
 ### 2️⃣ For Quick Fixes → **Quick Fix Build**
 Use this for emergency fixes without version changes:
@@ -30,8 +29,8 @@ Use this for emergency fixes without version changes:
 
 ### 3️⃣ Automatic CI → **Build and Push**
 Runs automatically on:
+- Pushes to `main` (builds and pushes; skipped for release commits via `[skip ci]`)
 - Pull requests (builds but doesn't push)
-- Tags starting with `v*` (builds and pushes)
 - Manual trigger available
 
 ## Workflow Files
@@ -90,5 +89,5 @@ gh run watch
 ### After (Simple! 🎉)
 - **3 total workflows** (down from 6+)
 - **1 button** for complete releases
-- **No more `[skip ci]`** blocking builds
+- Release builds its own Docker image — `[skip ci]` on the version commit prevents duplicate CI builds
 - **Clear separation** of concerns

.github/workflows/build-and-push.yaml

@@ -4,7 +4,6 @@ on:
   push:
     branches:
       - main
-      - 'feature/serverless-*'  # Build development images for serverless features
   pull_request:
     branches:
       - main
@@ -17,13 +16,12 @@ env:
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
-    # Skip builds triggered by release-unified.yaml commits (github-actions[bot])
-    # to prevent racing with the release workflow's own Docker build
-    if: github.event_name == 'workflow_dispatch' || github.event_name == 'pull_request' || github.actor != 'github-actions[bot]'
+    if: >-
+      github.event_name != 'push'
+      || !contains(github.event.head_commit.message, '[skip ci]')
     permissions:
       contents: read
       packages: write
-      id-token: write
 
     steps:
       - name: Checkout repository
@@ -50,8 +48,6 @@ jobs:
             type=ref,event=pr
             type=sha,prefix=sha-
             type=raw,value=latest,enable={{is_default_branch}}
-            # Development tags for serverless features
-            type=raw,value=2.0.0-dev,enable=${{ github.ref == 'refs/heads/feature/serverless-2.0.0' }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@v6
@@ -63,48 +59,3 @@ jobs:
           cache-from: type=gha
           cache-to: type=gha,mode=max
           platforms: linux/amd64
-
-  # Build routing proxy image for serverless features
-  build-routing-proxy:
-    runs-on: ubuntu-latest
-    # Only build routing proxy for serverless feature branches
-    if: github.ref == 'refs/heads/feature/serverless-2.0.0' && github.event_name != 'pull_request'
-    permissions:
-      contents: read
-      packages: write
-      id-token: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata for routing proxy
-        id: meta-proxy
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/cpfarhood/devcontainer-routing-proxy
-          tags: |
-            type=raw,value=latest
-            type=raw,value=2.0.0-dev
-            type=sha,prefix=sha-
-
-      - name: Build and push routing proxy image
-        uses: docker/build-push-action@v6
-        with:
-          context: ./serverless/routing-proxy
-          push: true
-          tags: ${{ steps.meta-proxy.outputs.tags }}
-          labels: ${{ steps.meta-proxy.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          platforms: linux/amd64

.github/workflows/quick-fix.yaml

@@ -16,7 +16,9 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
     permissions:
+      contents: read
       packages: write
 
     steps:

.github/workflows/release-unified.yaml

@@ -4,11 +4,11 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        description: 'Version to release (e.g., 0.1.25)'
-        required: true
+        description: 'Explicit version (e.g., 1.2.3). Leave blank to auto-increment.'
+        required: false
         type: string
       release_type:
-        description: 'Release type'
+        description: 'Release type (used when version is blank)'
         required: true
         default: 'patch'
         type: choice
@@ -49,37 +49,34 @@ jobs:
       - name: Determine Version
         id: version
         run: |
-          if [ "${{ github.event.inputs.version }}" != "" ]; then
-            VERSION="${{ github.event.inputs.version }}"
+          INPUT_VERSION="${{ github.event.inputs.version }}"
+          if [ -n "$INPUT_VERSION" ]; then
+            VERSION="$INPUT_VERSION"
           else
-            # Auto-determine next version based on release type
+            # Auto-increment based on release_type
             CURRENT=$(grep '^version:' chart/Chart.yaml | awk '{print $2}')
-            MAJOR=$(echo $CURRENT | cut -d. -f1)
-            MINOR=$(echo $CURRENT | cut -d. -f2)
-            PATCH=$(echo $CURRENT | cut -d. -f3)
+            # Strip any pre-release suffix (e.g., 2.0.0-dev -> 2.0.0)
+            CURRENT=$(echo "$CURRENT" | sed 's/-.*//')
+            MAJOR=$(echo "$CURRENT" | cut -d. -f1)
+            MINOR=$(echo "$CURRENT" | cut -d. -f2)
+            PATCH=$(echo "$CURRENT" | cut -d. -f3)
 
             case "${{ github.event.inputs.release_type }}" in
-              major)
-                VERSION="$((MAJOR + 1)).0.0"
-                ;;
-              minor)
-                VERSION="${MAJOR}.$((MINOR + 1)).0"
-                ;;
-              patch)
-                VERSION="${MAJOR}.${MINOR}.$((PATCH + 1))"
-                ;;
+              major) VERSION="$((MAJOR + 1)).0.0" ;;
+              minor) VERSION="${MAJOR}.$((MINOR + 1)).0" ;;
+              patch) VERSION="${MAJOR}.${MINOR}.$((PATCH + 1))" ;;
             esac
           fi
 
           echo "version=${VERSION}" >> $GITHUB_OUTPUT
           echo "tag=v${VERSION}" >> $GITHUB_OUTPUT
-          echo "🚀 Releasing version ${VERSION}"
+          echo "Releasing version ${VERSION}"
 
       - name: Update Chart Version
         run: |
           sed -i "s/^version: .*/version: ${{ steps.version.outputs.version }}/" chart/Chart.yaml
           git add chart/Chart.yaml
-          git diff --quiet --staged || git commit -m "chore: release version ${{ steps.version.outputs.version }}"
+          git diff --quiet --staged || git commit -m "chore(release): ${{ steps.version.outputs.version }} [skip ci]"
 
       - name: Create and Push Tag
         run: |
@@ -107,53 +104,90 @@ jobs:
           cache-to: type=gha,mode=max
           platforms: linux/amd64
 
-      - name: Package Helm Chart
+      - name: Publish Helm Chart to GitHub Pages
         run: |
-          helm registry login ghcr.io \
-            --username ${{ github.actor }} \
-            --password ${{ secrets.GITHUB_TOKEN }}
           helm package chart/
-          helm push devcontainer-${{ steps.version.outputs.version }}.tgz oci://ghcr.io/cpfarhood/charts
+          CHART_TGZ="devcontainer-${{ steps.version.outputs.version }}.tgz"
 
-      - name: Generate Release Notes
-        id: notes
+          # Set up gh-pages in a temporary directory
+          PAGES_DIR=$(mktemp -d)
+          if git ls-remote --heads origin gh-pages | grep -q gh-pages; then
+            # gh-pages exists — shallow clone just that branch
+            git clone --single-branch --branch gh-pages \
+              "https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git" \
+              "$PAGES_DIR"
+          else
+            # First time — initialize gh-pages
+            git init "$PAGES_DIR"
+            git -C "$PAGES_DIR" checkout --orphan gh-pages
+            git -C "$PAGES_DIR" remote add origin \
+              "https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
+            cat > "$PAGES_DIR/index.html" <<'HTMLEOF'
+          <!DOCTYPE html>
+          <html>
+          <head><title>Dev Container Helm Chart Repository</title></head>
+          <body>
+          <h1>Dev Container Helm Chart Repository</h1>
+          <p>Add this repository to Helm:</p>
+          <pre>helm repo add devcontainer https://cpfarhood.github.io/devcontainer</pre>
+          <p>Install the chart:</p>
+          <pre>helm install mydev devcontainer/devcontainer --set name=mydev</pre>
+          </body>
+          </html>
+          HTMLEOF
+          fi
+
+          git -C "$PAGES_DIR" config user.name "github-actions[bot]"
+          git -C "$PAGES_DIR" config user.email "github-actions[bot]@users.noreply.github.com"
+
+          # Copy chart package and rebuild index
+          cp "$CHART_TGZ" "$PAGES_DIR/"
+          if [ -f "$PAGES_DIR/index.yaml" ]; then
+            helm repo index "$PAGES_DIR" --url https://cpfarhood.github.io/devcontainer --merge "$PAGES_DIR/index.yaml"
+          else
+            helm repo index "$PAGES_DIR" --url https://cpfarhood.github.io/devcontainer
+          fi
+
+          # Commit and push
+          git -C "$PAGES_DIR" add .
+          git -C "$PAGES_DIR" commit -m "Publish chart ${{ steps.version.outputs.version }}"
+          git -C "$PAGES_DIR" push origin gh-pages
+
+      - name: Create GitHub Release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          # Get commits since last tag
-          PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
+          # Build release notes
+          PREV_TAG=$(git describe --tags --abbrev=0 HEAD~1 2>/dev/null || echo "")
           if [ -z "$PREV_TAG" ]; then
             COMMITS=$(git log --pretty=format:"- %s (%h)" HEAD)
           else
-            COMMITS=$(git log --pretty=format:"- %s (%h)" ${PREV_TAG}..HEAD)
+            COMMITS=$(git log --pretty=format:"- %s (%h)" "${PREV_TAG}..HEAD")
           fi
 
-          cat << EOF > release-notes.md
-          ## 🚀 Release ${{ steps.version.outputs.version }}
+          cat > release-notes.md <<'NOTESEOF'
+          ## Release RELEASE_VERSION
 
           ### Changes
-          ${COMMITS}
+          RELEASE_COMMITS
 
           ### Docker Image
-          \`\`\`bash
-          docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.tag }}
-          \`\`\`
+          ```bash
+          docker pull RELEASE_IMAGE
+          ```
 
           ### Helm Chart
-          \`\`\`bash
-          helm install devcontainer oci://ghcr.io/cpfarhood/charts/devcontainer --version ${{ steps.version.outputs.version }}
-          \`\`\`
-          EOF
+          ```bash
+          helm repo add devcontainer https://cpfarhood.github.io/devcontainer
+          helm repo update
+          helm install mydev devcontainer/devcontainer --version RELEASE_VERSION --set name=mydev
+          ```
+          NOTESEOF
+          sed -i 's/^          //' release-notes.md
+          sed -i "s|RELEASE_VERSION|${{ steps.version.outputs.version }}|g" release-notes.md
+          sed -i "s|RELEASE_IMAGE|${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.tag }}|g" release-notes.md
+          sed -i "s|RELEASE_COMMITS|${COMMITS}|g" release-notes.md
 
-          echo "notes<<EOF" >> $GITHUB_OUTPUT
-          cat release-notes.md >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-
-      - name: Create GitHub Release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          tag_name: ${{ steps.version.outputs.tag }}
-          release_name: Release ${{ steps.version.outputs.tag }}
-          body: ${{ steps.notes.outputs.notes }}
-          draft: false
-          prerelease: false
+          gh release create "${{ steps.version.outputs.tag }}" \
+            --title "Release ${{ steps.version.outputs.tag }}" \
+            --notes-file release-notes.md

.mcp.json

@@ -19,10 +19,9 @@
       "type": "sse",
       "url": "http://localhost:8086/sse"
     },
-    "pgtuner": {
+    "helm": {
       "type": "sse",
-      "url": "http://localhost:8085/sse"
+      "url": "http://localhost:8088/sse"
     }
   }
-}
-
+}

CLAUDE.md

@@ -69,7 +69,7 @@ Container start
 
 | File | Purpose |
 |------|---------|
-| `Dockerfile` | Image definition — installs Chrome, Node.js, VSCode, Helm, Claude Code, Happy Coder, OpenCode, Crush; creates non-root user (UID 1000) |
+| `Dockerfile` | Image definition — installs Chrome, Node.js, VSCode, Helm, gh CLI, kubeseal, Claude Code, Happy Coder, OpenCode, Crush; creates non-root user (UID 1000) |
 | `scripts/init-repo.sh` | Configures git credentials, clones GitHub repo |
 | `scripts/startapp.sh` | Calls init-repo.sh then opens VSCode in the workspace |
 | `chart/` | Helm chart for Kubernetes deployment |
@@ -78,7 +78,7 @@ Container start
 | `chart/templates/pvc.yaml` | PersistentVolumeClaim for user home |
 | `chart/templates/service.yaml` | ClusterIP Service (VNC + optional SSH) |
 | `chart/values.yaml` | Default Helm values |
-| `.mcp.json` | MCP server connection config (GitHub Copilot, Kubernetes, Flux, Fetch, Sequential Thinking, Playwright, pgtuner) |
+| `.mcp.json` | MCP server connection config (GitHub Copilot, Kubernetes, Flux, Helm, Fetch, Sequential Thinking, Playwright, pgtuner) |
 | `Makefile` | Build/deploy automation |
 
 ### MCP Sidecars
@@ -89,6 +89,7 @@ MCP (Model Context Protocol) servers run as sidecar containers in the pod, enabl
 |---------|-------|---------|------|----------|---------|
 | `kubernetes-mcp` | `quay.io/containers/kubernetes_mcp_server` | v0.0.57 | 8080 | `http://localhost:8080/sse` | Enabled |
 | `flux-mcp` | `ghcr.io/controlplaneio-fluxcd/flux-operator-mcp` | v0.41.1 | 8081 | `http://localhost:8081/sse` | Enabled |
+| `helm-mcp` | `ghcr.io/zekker6/mcp-helm` | v1.3.1 | 8088 | `http://localhost:8088/sse` | Enabled |
 | `fetch-mcp` | `mcp/fetch` | latest | 8082 | `http://localhost:8082/sse` | Enabled |
 | `sequentialthinking-mcp` | `mcp/sequentialthinking` | latest | 8083 | `http://localhost:8083/sse` | Enabled |
 | `homeassistant-mcp` | `ghcr.io/homeassistant-ai/ha-mcp` | stable | 8087 | `http://localhost:8087/sse` | Disabled |
@@ -99,6 +100,7 @@ MCP (Model Context Protocol) servers run as sidecar containers in the pod, enabl
 - GitHub MCP is accessed via the Copilot API (`https://api.githubcopilot.com/mcp/`), not as a sidecar
 - Kubernetes and Flux sidecars require `clusterAccess` != `none` to be deployed (they need RBAC permissions)
 - Kubernetes and Flux sidecars inherit the pod's ServiceAccount RBAC permissions
+- Helm sidecar enables browsing Helm repositories and chart metadata
 - Fetch sidecar provides web content fetching capabilities and HTML to markdown conversion
 - Sequential thinking sidecar enables structured thinking and problem-solving processes
 - Home Assistant sidecar requires `HOMEASSISTANT_URL` and `HOMEASSISTANT_TOKEN` in the env secret
@@ -117,6 +119,8 @@ mcp:
       enabled: false
     flux:
       enabled: false
+    helm:
+      enabled: false
     fetch:
       enabled: false
     sequentialthinking:
@@ -135,6 +139,8 @@ mcp:
       enabled: true  # Keep Kubernetes MCP enabled
     flux:
       enabled: false # Disable Flux MCP
+    helm:
+      enabled: true  # Enable Helm MCP for chart browsing
     fetch:
       enabled: true  # Enable Fetch MCP for web content fetching
     sequentialthinking:
@@ -190,14 +196,16 @@ helm install my-devcontainer ./chart -f custom-values.yaml
 
 ### CI/CD
 
-- **`build-and-push.yaml`** — Builds and pushes to GHCR on every push to `main`, version tags (`v*`), and PRs. For version tags, also creates GitHub Release with Helm chart after Docker build completes. Tags: `latest` (main), semver, branch name, commit SHA.
+- **`build-and-push.yaml`** — Builds and pushes to GHCR on every push to `main`, version tags (`v*`), and PRs. Tags: `latest` (main), semver, branch name, commit SHA.
+- **`release-unified.yaml`** — Manual release workflow: bumps chart version, builds Docker image, publishes Helm chart to GitHub Pages (`https://cpfarhood.github.io/devcontainer`), and creates GitHub Release.
 - **`dependabot.yml`** — Weekly updates for GitHub Actions and Docker base image.
 
 Image registry: `ghcr.io/cpfarhood/devcontainer`
+Helm repo: `https://cpfarhood.github.io/devcontainer`
 
 ## Kubernetes Notes
 
-- Deployed via Helm chart (`chart/`), published as OCI artifact to GHCR, reconciled by Flux
+- Deployed via Helm chart (`chart/`), published to GitHub Pages Helm repo, reconciled by Flux
 - Storage class is `ceph-filesystem` by default — change via `storage.className` in values
 - Resource limits: 1–4 CPU, 2–8Gi memory
 - Health checks (liveness/readiness probes) on port 5800

Dockerfile

@@ -56,13 +56,19 @@ exec /usr/bin/google-chrome-stable \\\n\
   "$@"\n' > /usr/local/bin/google-chrome && \
     chmod +x /usr/local/bin/google-chrome
 
-# Install Node.js (LTS version for Happy Coder)
+# Install Node.js LTS (required by Happy Coder)
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - && \
     apt-get install -y nodejs && \
     rm -rf /var/lib/apt/lists/*
 
-# Install Happy Coder and Claude Code globally
-RUN npm install -g happy-coder @anthropic-ai/claude-code
+# Install Happy Coder globally via npm (stable, rarely changes)
+RUN npm install -g happy-coder
+
+# Install Claude Code native binary (npm wrapper breaks remote control)
+RUN curl -fsSL https://claude.ai/install.sh | bash && \
+    cp /root/.local/bin/claude /usr/local/bin/claude && \
+    rm -rf /root/.local/bin/claude && \
+    claude --version
 
 # Install OpenCode AI coding agent
 RUN OPENCODE_VERSION=$(curl -sL https://api.github.com/repos/opencode-ai/opencode/releases/latest | jq -r '.tag_name') && \
@@ -84,9 +90,26 @@ RUN curl -fsSL "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" |
     tar -xz --strip-components=1 -C /usr/local/bin linux-amd64/helm && \
     chmod +x /usr/local/bin/helm
 
-# Install VSCode
-RUN wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/packages.microsoft.gpg && \
-    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/packages.microsoft.gpg] https://packages.microsoft.com/repos/code stable main" > /etc/apt/sources.list.d/vscode.list && \
+# Install GitHub CLI (gh) via official APT repo
+RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
+    chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg && \
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" > /etc/apt/sources.list.d/github-cli.list && \
+    apt-get update && \
+    apt-get install -y gh && \
+    rm -rf /var/lib/apt/lists/*
+
+# Install kubeseal CLI for Bitnami Sealed Secrets
+RUN KUBESEAL_VERSION=$(curl -sL https://api.github.com/repos/bitnami-labs/sealed-secrets/releases/latest | jq -r '.tag_name' | sed 's/^v//') && \
+    curl -fsSL "https://github.com/bitnami-labs/sealed-secrets/releases/download/v${KUBESEAL_VERSION}/kubeseal-${KUBESEAL_VERSION}-linux-amd64.tar.gz" | \
+    tar -xz -C /usr/local/bin kubeseal && \
+    chmod +x /usr/local/bin/kubeseal
+
+# Install VSCode (using Microsoft's current recommended setup)
+RUN wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /tmp/microsoft.gpg && \
+    install -D -o root -g root -m 644 /tmp/microsoft.gpg /usr/share/keyrings/microsoft.gpg && \
+    rm -f /tmp/microsoft.gpg && \
+    printf 'Types: deb\nURIs: https://packages.microsoft.com/repos/code\nSuites: stable\nComponents: main\nArchitectures: amd64\nSigned-By: /usr/share/keyrings/microsoft.gpg\n' \
+      > /etc/apt/sources.list.d/vscode.sources && \
     apt-get update && \
     apt-get install -y code && \
     rm -rf /var/lib/apt/lists/*

README.md

@@ -14,23 +14,30 @@ A containerized cloud development environment with web-based GUI access, featuri
 
 ## Quick Start
 
-### Option A: Quickstart (Recommended)
-
-For 80% of users, use the simplified quickstart values:
+### Option A: Install from Helm Repo (Recommended)
 
 ```bash
-# Copy and customize the quickstart template
+# Add the Helm repository
+helm repo add devcontainer https://cpfarhood.github.io/devcontainer
+helm repo update
+
+# Deploy with one command
+helm install mydev devcontainer/devcontainer \
+  --set name=mydev \
+  --set githubRepo=https://github.com/youruser/yourrepo
+```
+
+### Option B: Install from Source
+
+```bash
+# Clone and customize the quickstart template
 cp chart/values-quickstart.yaml my-values.yaml
+# Edit my-values.yaml to set your name and repository
 
-# Edit my-values.yaml to set your name and repository:
-# name: mydev
-# githubRepo: https://github.com/youruser/yourrepo
-
-# Deploy with minimal configuration
 helm install mydev ./chart -f my-values.yaml
 ```
 
-### Option B: One-Command Deploy
+### Option C: One-Command from Source
 
 ```bash
 helm install mydev ./chart \

chart/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: devcontainer
 description: Dev Container with AI coding agents and MCP sidecars - supports persistent and dynamic deployment modes
 type: application
-version: 2.0.0-dev
+version: 2.1.0
 appVersion: "latest"
 keywords:
   - development

chart/templates/deployment.yaml

@@ -88,8 +88,10 @@ spec:
               value: {{ .Values.happy.serverUrl | quote }}
             - name: HAPPY_WEBAPP_URL
               value: {{ .Values.happy.webappUrl | quote }}
+            {{- if .Values.githubRepo }}
             - name: GITHUB_REPO
               value: {{ .Values.githubRepo | quote }}
+            {{- end }}
           envFrom:
             - secretRef:
                 name: {{ include "devcontainer.envSecretName" . }}
@@ -177,6 +179,29 @@ spec:
           resources:
             {{- toYaml .Values.mcp.sidecars.flux.resources | nindent 12 }}
         {{- end }}
+        {{- if .Values.mcp.sidecars.helm.enabled }}
+        - name: helm-mcp
+          image: "{{ .Values.mcp.sidecars.helm.image.repository }}:{{ .Values.mcp.sidecars.helm.image.tag }}"
+          args:
+            - -mode=sse
+            - -port={{ .Values.mcp.sidecars.helm.port }}
+          ports:
+            - containerPort: {{ .Values.mcp.sidecars.helm.port }}
+              name: helm-mcp
+              protocol: TCP
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.mcp.sidecars.helm.port }}
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.mcp.sidecars.helm.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 5
+          resources:
+            {{- toYaml .Values.mcp.sidecars.helm.resources | nindent 12 }}
+        {{- end }}
         {{- if .Values.mcp.sidecars.homeassistant.enabled }}
         - name: homeassistant-mcp
           image: "{{ .Values.mcp.sidecars.homeassistant.image.repository }}:{{ .Values.mcp.sidecars.homeassistant.image.tag }}"

chart/values.schema.json

@@ -270,6 +270,9 @@
             "pgtuner": {
               "$ref": "#/$defs/mcpSidecar"
             },
+            "helm": {
+              "$ref": "#/$defs/mcpSidecar"
+            },
             "playwright": {
               "$ref": "#/$defs/mcpSidecar"
             }

chart/values.yaml

@@ -13,7 +13,7 @@ deploymentMode: persistent  # persistent | dynamic
 # Container image configuration
 image:
   repository: ghcr.io/cpfarhood/devcontainer
-  tag: 2.0.0-dev
+  tag: latest
   pullPolicy: Always
 
 # GitHub repository to clone into /workspace (ignored in dynamic mode - uses URL routing)
@@ -124,6 +124,20 @@ mcp:
           cpu: "500m"
 
 
+    # Helm chart browsing and management
+    helm:
+      enabled: true
+      image:
+        repository: ghcr.io/zekker6/mcp-helm
+        tag: v1.3.1
+      port: 8088
+      resources:
+        requests:
+          memory: "64Mi"
+          cpu: "50m"
+        limits:
+          memory: "256Mi"
+          cpu: "500m"
 
     # Home Assistant smart home control
     homeassistant:
@@ -217,7 +231,7 @@ dynamic:
     replicas: 2                    # High availability
     image:
       repository: ghcr.io/cpfarhood/devcontainer-routing-proxy
-      tag: 2.0.0-dev
+      tag: latest
       pullPolicy: Always
 
     resources: