Skip to main content
Public Preview. Helps you identify what needs to be upgraded and prepare a reviewable upgrade plan for your IaC across 300+ Cloud Native Projects. Works with Cursor and Claude Code.To apply changes to your IaC and open a PR, use the companion Upgrade Agent.

What is Upgrade Planning?

Upgrade Planning combines multiple agents and tools to give engineers a structured and reliable way to prepare for upgrades. The process produces three artifacts:
  • Upgrade Assessments: High-level reports that map the scope, impact, and dependencies of upgrades. Assessments identify control plane, nodes, and Cloud Native Projects that require attention, flag deprecated APIs or breaking changes, and surface potential blockers across platform and application layers.
  • Upgrade Plans: Environment-specific workflows that provide step-by-step instructions for safely upgrading Cloud Native Projects and application services. Plans include justifications from authoritative sources, explicit breaking-change notes, application-client impacts, and previews of IaC diffs.
  • Upgrade Context: Minimal, environment-aware details that power execution by the Upgrade Agent. Context includes compatible target versions, environment-specific diffs, reviewer notes, security fixes, notable features, and application-client changes.
Together, these artifacts make upgrades predictable, reviewable, and tied back to authoritative sources.

When to use Upgrade Planning

  • You want a cluster-scoped inventory of Cloud Native Projects/application services that should be upgraded, with reasons.
  • You need justification tied to compatibility, support windows, security advisories, and stability fixes.
  • You want a reviewable plan and change preview for your IaC across 300+ Cloud Native Projects.
  • You prefer to plan in your IDE (Cursor or Claude Code) before any repo changes.
  • You intend to hand the outputs (Plans and Context) to the Upgrade Agent (or other automation) to open a PR.

What it does

  • Analyzes the selected cluster to identify Projects and application services that require an upgrade.
  • Evaluates each candidate against compatibility requirements, support timelines, security advisories, and notable bug fixes; explains the “why.”
  • Produces structured, reviewable artifacts: Assessments, Plans, and Context.
  • Optionally hands off to the Upgrade Agent to update charts/values while preserving customizations and open a focused PR.

Getting started

  1. Enable Chkk in your IDE. Follow the setup guides for Cursor or Claude Code.
  2. Open your IaC repo and ask your assistant, for example:
    • “Check what needs upgrading in the cluster ‘prod-vas-01’.”
  3. Select a Cloud Native Project or application service from the results and ask:
    • “Upgrade cert-manager.”

Examples

Ask: What needs to be updated and why?

You're in a k8s IaC repo. Run the upgrade-planning from Chkk MCP against cluster "prod-vas-01". What needs to be updated and why?
NameNamespace(s)CurrentSuggestedPriorityWhy
cert-managercert-manager1.14.41.18.2RequiredIncompatible with upcoming Kubernetes version; current version is end of life
CoreDNSkube-system1.11.31.12.3OptionalCurrent version is outside maintainers’ support window
Kube Proxykube-system1.32.8-Not neededCompatible and supported

Ask: Which version of a project should I upgrade to and why?

For "cert-manager" in cluster "prod-vas-01", which version should I upgrade to and why? Include compatibility and notable changes that might affect our IaC.
Why cert-manager must be upgraded
  • Incompatible with Kubernetes 1.33 (supported: 1.17–1.18)
  • v1.14 is End‑of‑Life (since Oct 2024)
Impact Preview: cert-manager 1.14.4 → 1.18.2
  • Private key rotation now defaults to “always rotate” on renewal
  • Revision history limit defaults to 1 (automatic cleanup)
  • Ingress PathType change: ImplementationSpecificExact
  • Structured logging (may break string-based log parsers)
  • Venafi TPP: API Key removed; OAuth required

Ask: Which one should I upgrade first and why?

Prioritize the recommended upgrades for cluster "prod-vas-01". Which should be upgraded first and why?
  • cert-manager — Required now (Kubernetes 1.33 incompatibility; current version EOL)
  • CoreDNS — Optional; outside maintainers’ support window
  • Kube Proxy — No action; compatible and supported

Ask: Generate an Upgrade Plan for me

Generate a Chkk Upgrade Plan to upgrade "cert-manager" in cluster "prod-vas-01".
An upgrade plan to update cert-manager from v1.14.4 to v1.18.2 in cluster prod-vas-01 is now available. The plan ID is: upgr_1d04e00a-4976-421b-b0c9-91ccb1215d48. You can view the plan in Chkk UI under: Upgrade Copilot → Upgrade Plans → Add-ons & Application Services. What you’ll review:
  • Chkk Upgrade Plan for the selected Cloud Native Project or application service
  • Important notes: breaking changes, compatibility, and notable fixes

Ask: Generate the Upgrade Context for the Upgrade Agent so it can open precise environment‑aware IaC pull requests

Generate the Upgrade Context for the Upgrade Agent based on the current Chkk Upgrade Plan for "cert-manager" in cluster "prod-vas-01". Ensure it is environment‑aware so the agent can open precise IaC pull requests.
A new upgrade context snapshot for cert-manager from v1.14.4 to v1.18.2 has been generated. It has been saved at: .chkk/scratchpad/downloads/.

What to do next

  • Hand off to the Upgrade Agent to update Helm charts/values, preserve customizations, and open a focused PR

FAQs

Does the Planning Agent change my repo? No. It does not modify or commit code. It generates a reviewable Chkk Upgrade Plan and a change preview in your IDE session. Only the Upgrade Agent, when you ask it to, updates your IaC and opens a PR. Can I select a different Cloud Native Project or application service? Yes. The agent lists Cloud Native Projects and application services with upgrade recommendations; you can pick any (or filter by priority/security) and ask it to create a plan. How is this different from the Upgrade Agent? The Planning Agent discovers, analyzes, and prepares a reviewable plan plus impact/change preview. The Upgrade Agent applies the plan to your IaC, preserves customizations, and opens a PR. Which IDEs are supported? Cursor and Claude Code.