Stored in your browser only. Never sent to our servers. Get a free key
Rollout Summary
Paste your kubectl diff or helm diff output and get an instant AI summary: what changes, what could break, and what RBAC risks exist. Free, browser-only, BYO Anthropic API key.
Stored in your browser only. Never sent to our servers. Get a free key
Run kubectl diff -f ./k8s/ against your cluster or use helm diff upgrade with the helm-diff plugin.
Rollout Summary for a quick overview, Breaking Changes before deploying to prod, Resource Delta for a full inventory, Security Review for RBAC and privilege risks.
Copy to a Slack message, PR comment, or Confluence page. Share a permalink so teammates see the same diff context.
Paste the kubectl diff into the PR so reviewers see what Kubernetes resources change without running the cluster locally.
Present plain-English K8s changes to non-Kubernetes stakeholders before a production deployment window.
Before ArgoCD or Flux syncs, run kubectl diff in CI and attach the AI summary to the sync PR for context.
Catch new cluster-admin bindings, hostPath mounts, or privileged containers before they reach production.
Run kubectl diff -f manifest.yaml for a single file or kubectl diff -R -f ./k8s/ for a whole directory. kubectl diff compares your local manifests against the live cluster state and outputs a unified diff. Note: this requires kubectl to be authenticated against your cluster. If you don't have cluster access handy, use the example diffs above to try the tool.
Yes. Install the helm-diff plugin (helm plugin install https://github.com/databus23/helm-diff) and run helm diff upgrade my-release ./my-chart. The output is the same unified diff format. Paste it here and the AI will summarize what Helm chart values, templates, or dependencies are changing.
Rollout Summary gives a plain-English paragraph suitable for a PR comment or Slack message — covers what changes and how the rollout will proceed. Breaking Changes specifically hunts for things that could cause downtime, CrashLoopBackOff, or degraded availability: image pull failures, missing ConfigMap keys, incompatible resource limits, etc. Resource Delta lists every Kubernetes resource type and name that changes with field-level details. Security & RBAC Review flags new role bindings, privileged containers, hostPath mounts, exposed ports, and other security-sensitive changes.
Yes. Any change to a Deployment's pod template spec (image, env vars via ConfigMap reference, resource limits, etc.) triggers a rolling update. The AI flags this in the Rollout Summary mode. If you're using imagePullPolicy: Always and a mutable tag like :latest, even a redeploy without an image change triggers a restart — the diff won't show an image change, but a redeploy will pull the latest image regardless.
Yes. Run kubectl diff -k ./overlays/production/ to get a diff of what Kustomize would apply. The output is standard kubectl diff format. You can also run kustomize build ./overlays/production/ | kubectl diff -f - for the same result. Both formats paste cleanly into this tool.
Your diff goes directly from your browser to Anthropic's API using your own API key. Nothing passes through any intermediate server, and nothing is stored on our end. That said, kubectl diff output contains your resource names, namespace names, image tags, and configuration values. If your organization restricts sending infrastructure details to external APIs, check your data classification policy or use a sanitized diff.
kubectl diff shows you the raw YAML delta — which is precise but hard to parse for humans unfamiliar with the resource's full schema. This tool translates that raw delta into plain English, explains what the change means operationally (will it restart pods? could it cause OOMKilled? does it grant cluster-admin?), and formats the output for sharing in PRs, Slack, or incident tickets. Think of it as a human-readable layer on top of kubectl diff.