chore: install helm-schema plugin via nix

[Dav-14]

Summary

• Move the helm-values-schema-json plugin out of helm plugin install and into the dev shell via wrapHelm so its version is pinned in flake.lock alongside everything else
• Update the helm-schema recipe to use the v2.x cobra flag syntax (--values/--output); the legacy -input/-output form was silently broken once the on-disk binary drifted past v2.0
• Bump nixpkgs to 25.11 (0.2511.*) so kubernetes-helmPlugins.helm-schema is available, and bump goVersion to 26 (go 1.23 was removed as EOL in newer nixpkgs)

Why

helm plugin install … --version vX.Y.Z || true no-ops when the plugin is already installed, so the install hook never re-runs and the binary stays on whatever was last fetched. That's how just pc ended up calling a cobra-based v2 binary with v1 flags. Owning the plugin in nix removes that whole drift class.

Test plan

• nix develop --command helm plugin list shows schema 2.3.0
• nix develop --command just helm-schema ./charts/regions succeeds with new flags
• Re-ran helm schema against all 9 charts — every one generates cleanly
• CI green

🤖 Generated with Claude Code

[coderabbitai]

Walkthrough

The Justfile removes the dedicated helm-schema-install step and updates the helm-schema recipe to use --values flag instead of -input. The flake.nix upgrades nixpkgs and Go toolchain, replacing direct Helm installation with a wrapped version that includes the helm-schema plugin.

Changes

Cohort / File(s)	Summary
Helm Schema Build Recipe Justfile	Removed helm-schema-install recipe and its invocation from helm-all. Updated helm-schema command to use --values and --output flags instead of -input option for generating values.schema.json.
Development Environment Setup flake.nix	Upgraded nixpkgs to newer flakehub tarball pattern and Go toolchain version. Replaced direct kubernetes-helm installation with wrapHelm wrapper that includes the helm-schema plugin in the dev shell.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 With schemas wrapped and workflows lean,
We trim the steps that once were seen,
A cleaner path, the flags now bright—
The Helm flows swift, the build feels light! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: moving the helm-schema plugin installation from manual helm commands into the Nix dev shell via wrapHelm, which is the central focus of this PR.
Description check	✅ Passed	The description is directly related to the changeset, explaining the motivation, implementation details, and test verification for the helm-schema plugin management changes across both Justfile and flake.nix.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/helm-schema-plugin-via-nix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@Justfile`:
- Around line 16-17: The helm-schema justfile recipe uses a default path value
of '' which yields absolute paths like /values.yaml when invoked without args;
change the default for the parameter named path in the helm-schema recipe from
an empty string to '.' so the template invocations (helm schema --values
{{path}}/values.yaml --output {{path}}/values.schema.json) resolve to
project-relative ./values.yaml and ./values.schema.json instead of root-level
files.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ddf2ae2c-af07-4810-b28a-1f8e161d8a31

📥 Commits

Reviewing files that changed from the base of the PR and between effd790 and 1ac0b51.

⛔ Files ignored due to path filters (1)

• flake.lock is excluded by !**/*.lock, !**/*.lock

📒 Files selected for processing (2)

• Justfile
• flake.nix

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Default path='' can produce invalid absolute paths.

If called without args, Line 17 targets /values.yaml and /values.schema.json. Default to . to keep paths project-relative.

Suggested fix

-helm-schema path='':
-  helm schema --values {{path}}/values.yaml --output {{path}}/values.schema.json
+helm-schema path='.':
+  helm schema --values {{path}}/values.yaml --output {{path}}/values.schema.json

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	helm-schema path='':
	helm schema -input {{path}}/values.yaml -output {{path}}/values.schema.json
	helm schema --values {{path}}/values.yaml --output {{path}}/values.schema.json
	helm-schema path='.':
	helm schema --values {{path}}/values.yaml --output {{path}}/values.schema.json

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Justfile` around lines 16 - 17, The helm-schema justfile recipe uses a
default path value of '' which yields absolute paths like /values.yaml when
invoked without args; change the default for the parameter named path in the
helm-schema recipe from an empty string to '.' so the template invocations (helm
schema --values {{path}}/values.yaml --output {{path}}/values.schema.json)
resolve to project-relative ./values.yaml and ./values.schema.json instead of
root-level files.