baobun parent
Not OP but I've lived through this too and my conclusion from that is that if you're doing tofu/terraform you're better off not introducing helm at all. Just tf the k8s.
Yes, this is what we do for example for the tailscale operator - but it's tedious to convert yaml to tf - and more importantly: error prone to correctly adapt upstream changes to update deployments as upstream refine their helm/k8s yaml files.
Terraform/OpenTofu is good for infrastructure but it becomes a pain if you use it for k8s deployments. I suggest using GitOps (ArgoCD / flux) for everything inside the cluster and OpenTofu for the cluster itself.
Downside with that is having DNS, managed databases, cloud storage (s3) outside K8s - When deployments are also managed with tf, it's easy to connect a deployment in K8s to resources outside K8s (via tf state).
You can still do that by reading the values you need directly from the state file. I suggest that you define outputs and access them through the state file from other projects, otherwise the external dependency will be hidden.
And splice into deployment definitions via something like kustomize?
It depends on your use case what the best option would be. You can put variables into kustomize templates and replace them via envsubst. For helm charts you can just supply the values for the variables during the install / upgrade.
Another possibility would be to create a ConfigMap with the values you read from the state file.