Coming soon — join the waitlist

Stop Burning Sprints on
Addon Upgrades

Renovate bumps the version — but you still read changelogs, hunt for breaking CRD changes, rewrite values, and pray nothing breaks in prod. Kapstan automates the entire upgrade: research, migration, and a ready-to-merge PR with the actual YAML changes.

Zero cluster accessWorks with RenovateYou stay in control

Join the waitlist for early access. No spam, ever.

Plans from $49/mo — free during early access

Even with all the automated testing, keeping infrastructure components up to date is the biggest chunk of work we do to maintain the platforms.

r/kubernetes

Studying release notes is just part of the job. Can't figure out any other solution to this except using AI.

r/kubernetes

Biggest lesson was accepting that some amount of platform maintenance is just unavoidable once the cluster tooling stack grows.

r/kubernetes

github.com / your-org / infra / pull / 142

chore: upgrade argo-cd to v3.4.1

Open
kapstan-bot opened · 6 commits · 4 files changedRisk: HIGHBreaking Changes

Summary

Addonargocd
SourceCRD · argoproj/argo-cd
Upgrade pathv3.3.8 → v3.4.1
Risk levelHIGH — crosses deprecation boundary

Breaking Changes

v3.4.0ALL manifests now require Server-Side Apply. kubectl apply (client-side) is no longer supported.
v3.4.0Cluster version label format change. argocd.argoproj.io/kubernetes-version must use vMajor.Minor.Patch format.

Rollback Prerequisites

1.Back up all Argo CD CRDs and custom resources before merging.
2.Add ServerSideApply=true sync option before merging to prevent conflict errors.
apps/argocd/values.yaml +4 −2Chart.yaml +1 −1Generated by Kapstan · 0 cluster permissions used

Every Skipped Version Makes the Next Upgrade Harder

ArgoCD skipped from v2.8 to v3.4? That's not an upgrade — it's a migration. And Renovate won't help you with that.

3 days/month
Spent on platform maintenance per team
And that's when you keep up. Fall behind two versions and it becomes a full sprint.
$200K+
Cost of a dedicated upgrade engineer
Some companies hire a full-time role just to manage EKS version upgrades across clusters.
6× harder
Each skipped major version
Cascading CRD changes, removed APIs, renamed fields. Two versions behind means rewriting from scratch.

How versions compound

v3.0safe
v3.1safe
v3.2breaking CRDs
v3.3deprecated values
v3.4requires SSA

Existing Tools Stop at Detection

They tell you something is outdated. You still do all the work.

RenovateHere's a new version
Pluto / kubentThis API is deprecated
NovaYour chart is outdated
KargoHere's how to promote safely
Kapstan
Kapstan“Here’s what changed, what will break, and a ready-to-merge PR with the fix”

Renovate Gets You 20% There

It bumps the version. Everything after that — the research, the migration, the actual YAML changes — is still on you.

Today — You + Renovate
  1. 1Renovate opens a version-bump PR
  2. 2Read release notes and changelogs for every version in betweenyou
  3. 3Hunt for breaking CRD schema changes that could kill existing resourcesyou
  4. 4Figure out which values were renamed, deprecated, or restructuredyou
  5. 5Rewrite values.yaml and any dependent manifestsyou
  6. 6Write rollback prerequisites so the on-call knows what to doyou
  7. 7Open a proper PR with enough context for reviewers to approveyou
With Kapstan
1Kapstan reads the changelogs, detects CRD changes, rewrites your values, and opens a PR with the full migration — risk-graded and rollback-ready.
2You review, merge, and let your GitOps pipeline handle the rest.

Same upgrade. Research + migration automated. Hours → minutes.

From Outdated to Upgraded — Automatically

No cluster agents. No credentials. Just your Git repo.

01

Detect

Kapstan monitors your GitOps repo against upstream releases. When an addon falls behind, it maps the full upgrade path — even across major version boundaries.

Supports ArgoCD, cert-manager, ingress-nginx, Kyverno, kube-prometheus-stack, and 40+ CNCF addons.

02

Research & Migrate

AI reads every changelog, release note, and CRD diff in the path. It identifies deprecated fields, renamed values, removed APIs — then rewrites your manifests.

Example: scanned 4 changelogs, found 2 breaking CRD changes, rewrote 3 values in 12 seconds.

03

Deliver

You get a PR with the actual YAML changes, a risk grade, breaking-change summary, rollback prerequisites, and links to relevant security advisories.

Review it like any PR. Merge when ready. Your GitOps pipeline handles the rest.

Stop Reading Changelogs. Start Merging PRs.

Get early access to Kapstan and automate your next addon upgrade.

Join the waitlist for early access. No spam, ever.

Plans from $49/mo — free during early access