From 113e2e8dd1060183f5622eb6b6257e5f45113320 Mon Sep 17 00:00:00 2001 From: Geoff Baskwill Date: Tue, 30 Oct 2018 16:13:37 -0400 Subject: [PATCH] cmd/helm: add '--password-stdin' option where '--password' is allowed Mirrors similar behaviour in the Docker CLI client, minus the warning that providing passwords on the command line is insecure. Signed-off-by: Geoff Baskwill --- cmd/helm/fetch.go | 12 +++-- cmd/helm/helm.go | 52 ++++++++++++++++++++ cmd/helm/helm_test.go | 81 ++++++++++++++++++++++++++++++++ cmd/helm/inspect.go | 37 +++++++++------ cmd/helm/install.go | 19 +++++--- cmd/helm/repo_add.go | 33 ++++--------- cmd/helm/upgrade.go | 20 +++++--- docs/helm/helm_fetch.md | 3 +- docs/helm/helm_inspect.md | 7 +-- docs/helm/helm_inspect_chart.md | 7 +-- docs/helm/helm_inspect_readme.md | 5 +- docs/helm/helm_inspect_values.md | 7 +-- docs/helm/helm_install.md | 7 +-- docs/helm/helm_repo_add.md | 3 +- docs/helm/helm_upgrade.md | 9 ++-- 15 files changed, 227 insertions(+), 75 deletions(-) diff --git a/cmd/helm/fetch.go b/cmd/helm/fetch.go index d6f622bb6..f7ddc9d90 100644 --- a/cmd/helm/fetch.go +++ b/cmd/helm/fetch.go @@ -52,8 +52,8 @@ type fetchCmd struct { destdir string version string repoURL string - username string - password string + + credentials verify bool verifyLater bool @@ -76,6 +76,10 @@ func newFetchCmd(out io.Writer) *cobra.Command { Short: "download a chart from a repository and (optionally) unpack it in local directory", Long: fetchDesc, RunE: func(cmd *cobra.Command, args []string) error { + if err := fch.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + if len(args) == 0 { return fmt.Errorf("need at least one argument, url or repo/name of the chart") } @@ -108,8 +112,8 @@ func newFetchCmd(out io.Writer) *cobra.Command { f.StringVar(&fch.keyFile, "key-file", "", "identify HTTPS client using this SSL key file") f.StringVar(&fch.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle") f.BoolVar(&fch.devel, "devel", false, "use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored.") - f.StringVar(&fch.username, "username", "", "chart repository username") - f.StringVar(&fch.password, "password", "", "chart repository password") + + fch.credentials.addFlags(f) return cmd } diff --git a/cmd/helm/helm.go b/cmd/helm/helm.go index f7628e44c..f72ccef82 100644 --- a/cmd/helm/helm.go +++ b/cmd/helm/helm.go @@ -17,13 +17,18 @@ limitations under the License. package main // import "k8s.io/helm/cmd/helm" import ( + "errors" "fmt" + "io" "io/ioutil" "log" "os" "strings" + "syscall" "github.com/spf13/cobra" + flag "github.com/spf13/pflag" + "golang.org/x/crypto/ssh/terminal" "google.golang.org/grpc/grpclog" "google.golang.org/grpc/status" "k8s.io/client-go/kubernetes" @@ -291,3 +296,50 @@ func newClient() helm.Interface { } return helm.NewClient(options...) } + +type credentials struct { + username string + password string + passwordStdin bool +} + +func (c *credentials) addFlags(f *flag.FlagSet) { + f.StringVar(&c.username, "username", "", "chart repository username") + f.StringVar(&c.password, "password", "", "chart repository password") + f.BoolVar(&c.passwordStdin, "password-stdin", false, "take the chart repository password from stdin") +} + +func (c *credentials) readPassword(r io.Reader, w io.Writer) error { + if c.password != "" && c.passwordStdin { + return errors.New("--password and --password-stdin are mutually exclusive") + } + + if c.passwordStdin && c.username == "" { + return errors.New("must provide --username with --password-stdin") + } + + if (c.username != "" && c.password == "") || c.passwordStdin { + if r == os.Stdin && terminal.IsTerminal(syscall.Stdin) { + fmt.Fprint(w, "Password: ") + defer fmt.Fprintln(w) + + password, err := terminal.ReadPassword(int(syscall.Stdin)) + + if err == nil { + c.password = string(password) + } + + return err + } + + contents, err := ioutil.ReadAll(r) + if err != nil { + return err + } + + c.password = strings.TrimSuffix(string(contents), "\n") + c.password = strings.TrimSuffix(c.password, "\r") + } + + return nil +} diff --git a/cmd/helm/helm_test.go b/cmd/helm/helm_test.go index 3551eb534..2b3ae0384 100644 --- a/cmd/helm/helm_test.go +++ b/cmd/helm/helm_test.go @@ -550,3 +550,84 @@ func resetEnv() func() { } } } + +func Test_Credentials_ReadPassword(t *testing.T) { + tests := []struct { + name string + credentials credentials + r io.Reader + expectedPassword string + expectedOutput string + expectedError string + }{ + { + name: "password and password-stdin are mutually exclusive", + credentials: credentials{ + password: "password", + passwordStdin: true, + }, + expectedError: "--password and --password-stdin are mutually exclusive", + expectedPassword: "password", // unchanged from initial state + }, + { + name: "must provide username with password-stdin", + credentials: credentials{ + passwordStdin: true, + }, + expectedError: "must provide --username with --password-stdin", + }, + { + name: "reads password if username provided but password not provided", // repo-add backwards compatibility + credentials: credentials{ + username: "user", + }, + r: bytes.NewBufferString("password"), + expectedPassword: "password", + }, + { + name: "reads password if --password-stdin provided", + credentials: credentials{ + username: "user", + passwordStdin: true, + }, + r: bytes.NewBufferString("password"), + expectedPassword: "password", + }, + { + name: "strips CRLF from input", + credentials: credentials{ + username: "user", + passwordStdin: true, + }, + r: bytes.NewBufferString("password\r\n"), + expectedPassword: "password", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + w := new(bytes.Buffer) + err := tt.credentials.readPassword(tt.r, w) + + if err == nil && tt.expectedError != "" { + t.Errorf("expected error %v, got none", tt.expectedError) + return + } + + if err != nil { + if s := err.Error(); s != tt.expectedError { + t.Errorf("expected error %v, got %v", tt.expectedError, s) + return + } + } + + if s := w.String(); tt.expectedOutput != s { + t.Errorf("expected output %v, got %v", tt.expectedOutput, s) + } + + if tt.expectedPassword != tt.credentials.password { + t.Errorf("expected password %v, got %v", tt.expectedPassword, tt.credentials.password) + } + }) + } +} diff --git a/cmd/helm/inspect.go b/cmd/helm/inspect.go index c1861f7c5..514cbe606 100644 --- a/cmd/helm/inspect.go +++ b/cmd/helm/inspect.go @@ -19,6 +19,7 @@ package main import ( "fmt" "io" + "os" "strings" "github.com/ghodss/yaml" @@ -59,8 +60,8 @@ type inspectCmd struct { out io.Writer version string repoURL string - username string - password string + + credentials certFile string keyFile string @@ -87,6 +88,10 @@ func newInspectCmd(out io.Writer) *cobra.Command { Short: "inspect a chart", Long: inspectDesc, RunE: func(cmd *cobra.Command, args []string) error { + if err := insp.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + if err := checkArgsLength(len(args), "chart name"); err != nil { return err } @@ -105,6 +110,10 @@ func newInspectCmd(out io.Writer) *cobra.Command { Short: "shows inspect values", Long: inspectValuesDesc, RunE: func(cmd *cobra.Command, args []string) error { + if err := insp.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + insp.output = valuesOnly if err := checkArgsLength(len(args), "chart name"); err != nil { return err @@ -124,6 +133,10 @@ func newInspectCmd(out io.Writer) *cobra.Command { Short: "shows inspect chart", Long: inspectChartDesc, RunE: func(cmd *cobra.Command, args []string) error { + if err := insp.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + insp.output = chartOnly if err := checkArgsLength(len(args), "chart name"); err != nil { return err @@ -143,6 +156,10 @@ func newInspectCmd(out io.Writer) *cobra.Command { Short: "shows inspect readme", Long: readmeChartDesc, RunE: func(cmd *cobra.Command, args []string) error { + if err := insp.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + insp.output = readmeOnly if err := checkArgsLength(len(args), "chart name"); err != nil { return err @@ -183,18 +200,6 @@ func newInspectCmd(out io.Writer) *cobra.Command { subCmd.Flags().StringVar(&insp.repoURL, repoURL, "", repoURLdesc) } - username := "username" - usernamedesc := "chart repository username where to locate the requested chart" - inspectCommand.Flags().StringVar(&insp.username, username, "", usernamedesc) - valuesSubCmd.Flags().StringVar(&insp.username, username, "", usernamedesc) - chartSubCmd.Flags().StringVar(&insp.username, username, "", usernamedesc) - - password := "password" - passworddesc := "chart repository password where to locate the requested chart" - inspectCommand.Flags().StringVar(&insp.password, password, "", passworddesc) - valuesSubCmd.Flags().StringVar(&insp.password, password, "", passworddesc) - chartSubCmd.Flags().StringVar(&insp.password, password, "", passworddesc) - certFile := "cert-file" certFiledesc := "verify certificates of HTTPS-enabled servers using this CA bundle" for _, subCmd := range cmds { @@ -213,6 +218,10 @@ func newInspectCmd(out io.Writer) *cobra.Command { subCmd.Flags().StringVar(&insp.caFile, caFile, "", caFiledesc) } + for _, subCmd := range cmds { + insp.credentials.addFlags(subCmd.Flags()) + } + for _, subCmd := range cmds[1:] { inspectCommand.AddCommand(subCmd) } diff --git a/cmd/helm/install.go b/cmd/helm/install.go index c5c6b9a49..89992a6a7 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -131,11 +131,12 @@ type installCmd struct { timeout int64 wait bool repoURL string - username string - password string - devel bool - depUp bool - description string + + credentials + + devel bool + depUp bool + description string certFile string keyFile string @@ -171,6 +172,10 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { Long: installDesc, PreRunE: func(_ *cobra.Command, _ []string) error { return setupConnection() }, RunE: func(cmd *cobra.Command, args []string) error { + if err := inst.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + if err := checkArgsLength(len(args), "chart name"); err != nil { return err } @@ -211,8 +216,6 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { f.Int64Var(&inst.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)") f.BoolVar(&inst.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") f.StringVar(&inst.repoURL, "repo", "", "chart repository url where to locate the requested chart") - f.StringVar(&inst.username, "username", "", "chart repository username where to locate the requested chart") - f.StringVar(&inst.password, "password", "", "chart repository password where to locate the requested chart") f.StringVar(&inst.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file") f.StringVar(&inst.keyFile, "key-file", "", "identify HTTPS client using this SSL key file") f.StringVar(&inst.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle") @@ -220,6 +223,8 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { f.BoolVar(&inst.depUp, "dep-up", false, "run helm dependency update before installing the chart") f.StringVar(&inst.description, "description", "", "specify a description for the release") + inst.credentials.addFlags(f) + // set defaults from environment settings.InitTLS(f) diff --git a/cmd/helm/repo_add.go b/cmd/helm/repo_add.go index bfb3f0174..e97255845 100644 --- a/cmd/helm/repo_add.go +++ b/cmd/helm/repo_add.go @@ -19,24 +19,23 @@ package main import ( "fmt" "io" + "os" "github.com/spf13/cobra" - "golang.org/x/crypto/ssh/terminal" "k8s.io/helm/pkg/getter" "k8s.io/helm/pkg/helm/helmpath" "k8s.io/helm/pkg/repo" - "syscall" ) type repoAddCmd struct { name string url string - username string - password string home helmpath.Home noupdate bool + credentials + certFile string keyFile string caFile string @@ -51,6 +50,10 @@ func newRepoAddCmd(out io.Writer) *cobra.Command { Use: "add [flags] [NAME] [URL]", Short: "add a chart repository", RunE: func(cmd *cobra.Command, args []string) error { + if err := add.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + if err := checkArgsLength(len(args), "name for the chart repository", "the url of the chart repository"); err != nil { return err } @@ -64,27 +67,17 @@ func newRepoAddCmd(out io.Writer) *cobra.Command { } f := cmd.Flags() - f.StringVar(&add.username, "username", "", "chart repository username") - f.StringVar(&add.password, "password", "", "chart repository password") f.BoolVar(&add.noupdate, "no-update", false, "raise error if repo is already registered") f.StringVar(&add.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file") f.StringVar(&add.keyFile, "key-file", "", "identify HTTPS client using this SSL key file") f.StringVar(&add.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle") + add.credentials.addFlags(f) + return cmd } func (a *repoAddCmd) run() error { - if a.username != "" && a.password == "" { - fmt.Fprint(a.out, "Password:") - password, err := readPassword() - fmt.Fprintln(a.out) - if err != nil { - return err - } - a.password = password - } - if err := addRepository(a.name, a.url, a.username, a.password, a.home, a.certFile, a.keyFile, a.caFile, a.noupdate); err != nil { return err } @@ -92,14 +85,6 @@ func (a *repoAddCmd) run() error { return nil } -func readPassword() (string, error) { - password, err := terminal.ReadPassword(int(syscall.Stdin)) - if err != nil { - return "", err - } - return string(password), nil -} - func addRepository(name, url, username, password string, home helmpath.Home, certFile, keyFile, caFile string, noUpdate bool) error { f, err := repo.LoadRepositoriesFile(home.RepositoryFile()) if err != nil { diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index d05987b8a..0c730d0c9 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -19,6 +19,7 @@ package main import ( "fmt" "io" + "os" "strings" "github.com/spf13/cobra" @@ -44,7 +45,7 @@ To customize the chart values, use any of - '--set-string' to provide key=val forcing val to be stored as a string, - '--set-file' to provide key=path to read a single large value from a file at path. -To edit or append to the existing customized values, add the +To edit or append to the existing customized values, add the '--reuse-values' flag, otherwise any existing customized values are ignored. If no chart value arguments are provided on the command line, any existing customized values are carried @@ -106,10 +107,11 @@ type upgradeCmd struct { reuseValues bool wait bool repoURL string - username string - password string - devel bool - description string + + credentials + + devel bool + description string certFile string keyFile string @@ -129,6 +131,10 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { Long: upgradeDesc, PreRunE: func(_ *cobra.Command, _ []string) error { return setupConnection() }, RunE: func(cmd *cobra.Command, args []string) error { + if err := upgrade.readPassword(os.Stdin, os.Stderr); err != nil { + return err + } + if err := checkArgsLength(len(args), "release name", "chart path"); err != nil { return err } @@ -167,14 +173,14 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { f.BoolVar(&upgrade.reuseValues, "reuse-values", false, "when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored.") f.BoolVar(&upgrade.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") f.StringVar(&upgrade.repoURL, "repo", "", "chart repository url where to locate the requested chart") - f.StringVar(&upgrade.username, "username", "", "chart repository username where to locate the requested chart") - f.StringVar(&upgrade.password, "password", "", "chart repository password where to locate the requested chart") f.StringVar(&upgrade.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file") f.StringVar(&upgrade.keyFile, "key-file", "", "identify HTTPS client using this SSL key file") f.StringVar(&upgrade.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle") f.BoolVar(&upgrade.devel, "devel", false, "use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored.") f.StringVar(&upgrade.description, "description", "", "specify the description to use for the upgrade, rather than the default") + upgrade.credentials.addFlags(f) + f.MarkDeprecated("disable-hooks", "use --no-hooks instead") // set defaults from environment diff --git a/docs/helm/helm_fetch.md b/docs/helm/helm_fetch.md index 81c0a9596..95d431376 100644 --- a/docs/helm/helm_fetch.md +++ b/docs/helm/helm_fetch.md @@ -34,6 +34,7 @@ helm fetch [flags] [chart URL | repo/chartname] [...] --key-file string identify HTTPS client using this SSL key file --keyring string keyring containing public keys (default "~/.gnupg/pubring.gpg") --password string chart repository password + --password-stdin take the chart repository password from stdin --prov fetch the provenance file, but don't perform verification --repo string chart repository url where to locate the requested chart --untar if set to true, will untar the chart after downloading it @@ -59,4 +60,4 @@ helm fetch [flags] [chart URL | repo/chartname] [...] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 30-Oct-2018 diff --git a/docs/helm/helm_inspect.md b/docs/helm/helm_inspect.md index 86689eeaa..3d742e62a 100644 --- a/docs/helm/helm_inspect.md +++ b/docs/helm/helm_inspect.md @@ -23,9 +23,10 @@ helm inspect [CHART] [flags] -h, --help help for inspect --key-file string identify HTTPS client using this SSL key file --keyring string path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg") - --password string chart repository password where to locate the requested chart + --password string chart repository password + --password-stdin take the chart repository password from stdin --repo string chart repository url where to locate the requested chart - --username string chart repository username where to locate the requested chart + --username string chart repository username --verify verify the provenance data for this chart --version string version of the chart. By default, the newest chart is shown ``` @@ -49,4 +50,4 @@ helm inspect [CHART] [flags] * [helm inspect readme](helm_inspect_readme.md) - shows inspect readme * [helm inspect values](helm_inspect_values.md) - shows inspect values -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 8-Nov-2018 diff --git a/docs/helm/helm_inspect_chart.md b/docs/helm/helm_inspect_chart.md index 2b9adbb7e..ffc01f69a 100644 --- a/docs/helm/helm_inspect_chart.md +++ b/docs/helm/helm_inspect_chart.md @@ -21,9 +21,10 @@ helm inspect chart [CHART] [flags] -h, --help help for chart --key-file string identify HTTPS client using this SSL key file --keyring string path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg") - --password string chart repository password where to locate the requested chart + --password string chart repository password + --password-stdin take the chart repository password from stdin --repo string chart repository url where to locate the requested chart - --username string chart repository username where to locate the requested chart + --username string chart repository username --verify verify the provenance data for this chart --version string version of the chart. By default, the newest chart is shown ``` @@ -44,4 +45,4 @@ helm inspect chart [CHART] [flags] * [helm inspect](helm_inspect.md) - inspect a chart -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 8-Nov-2018 diff --git a/docs/helm/helm_inspect_readme.md b/docs/helm/helm_inspect_readme.md index d222cd53a..935d91b32 100644 --- a/docs/helm/helm_inspect_readme.md +++ b/docs/helm/helm_inspect_readme.md @@ -21,7 +21,10 @@ helm inspect readme [CHART] [flags] -h, --help help for readme --key-file string identify HTTPS client using this SSL key file --keyring string path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg") + --password string chart repository password + --password-stdin take the chart repository password from stdin --repo string chart repository url where to locate the requested chart + --username string chart repository username --verify verify the provenance data for this chart --version string version of the chart. By default, the newest chart is shown ``` @@ -42,4 +45,4 @@ helm inspect readme [CHART] [flags] * [helm inspect](helm_inspect.md) - inspect a chart -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 8-Nov-2018 diff --git a/docs/helm/helm_inspect_values.md b/docs/helm/helm_inspect_values.md index 9cca2fc32..8f652969d 100644 --- a/docs/helm/helm_inspect_values.md +++ b/docs/helm/helm_inspect_values.md @@ -21,9 +21,10 @@ helm inspect values [CHART] [flags] -h, --help help for values --key-file string identify HTTPS client using this SSL key file --keyring string path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg") - --password string chart repository password where to locate the requested chart + --password string chart repository password + --password-stdin take the chart repository password from stdin --repo string chart repository url where to locate the requested chart - --username string chart repository username where to locate the requested chart + --username string chart repository username --verify verify the provenance data for this chart --version string version of the chart. By default, the newest chart is shown ``` @@ -44,4 +45,4 @@ helm inspect values [CHART] [flags] * [helm inspect](helm_inspect.md) - inspect a chart -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 8-Nov-2018 diff --git a/docs/helm/helm_install.md b/docs/helm/helm_install.md index 05cdf1e4a..52b3b91e7 100644 --- a/docs/helm/helm_install.md +++ b/docs/helm/helm_install.md @@ -92,7 +92,8 @@ helm install [CHART] [flags] --namespace string namespace to install the release into. Defaults to the current kube config namespace. --no-crd-hook prevent CRD hooks from running, but run other hooks --no-hooks prevent hooks from running during install - --password string chart repository password where to locate the requested chart + --password string chart repository password + --password-stdin take the chart repository password from stdin --replace re-use the given name, even if that name is already used. This is unsafe in production --repo string chart repository url where to locate the requested chart --set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) @@ -105,7 +106,7 @@ helm install [CHART] [flags] --tls-hostname string the server name used to verify the hostname on the returned certificates from the server --tls-key string path to TLS key file (default "$HELM_HOME/key.pem") --tls-verify enable TLS for request and verify remote - --username string chart repository username where to locate the requested chart + --username string chart repository username -f, --values valueFiles specify values in a YAML file or a URL(can specify multiple) (default []) --verify verify the package before installing it --version string specify the exact chart version to install. If this is not specified, the latest version is installed @@ -128,4 +129,4 @@ helm install [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 10-Aug-2018 +###### Auto generated by spf13/cobra on 7-Nov-2018 diff --git a/docs/helm/helm_repo_add.md b/docs/helm/helm_repo_add.md index 29947147d..ef16b9a31 100644 --- a/docs/helm/helm_repo_add.md +++ b/docs/helm/helm_repo_add.md @@ -19,6 +19,7 @@ helm repo add [flags] [NAME] [URL] --key-file string identify HTTPS client using this SSL key file --no-update raise error if repo is already registered --password string chart repository password + --password-stdin take the chart repository password from stdin --username string chart repository username ``` @@ -38,4 +39,4 @@ helm repo add [flags] [NAME] [URL] * [helm repo](helm_repo.md) - add, list, remove, update, and index chart repositories -###### Auto generated by spf13/cobra on 1-Aug-2018 +###### Auto generated by spf13/cobra on 30-Oct-2018 diff --git a/docs/helm/helm_upgrade.md b/docs/helm/helm_upgrade.md index f18bcf6a7..0ccdab982 100644 --- a/docs/helm/helm_upgrade.md +++ b/docs/helm/helm_upgrade.md @@ -19,7 +19,7 @@ To customize the chart values, use any of - '--set-string' to provide key=val forcing val to be stored as a string, - '--set-file' to provide key=path to read a single large value from a file at path. -To edit or append to the existing customized values, add the +To edit or append to the existing customized values, add the '--reuse-values' flag, otherwise any existing customized values are ignored. If no chart value arguments are provided on the command line, any existing customized values are carried @@ -77,7 +77,8 @@ helm upgrade [RELEASE] [CHART] [flags] --keyring string path to the keyring that contains public signing keys (default "~/.gnupg/pubring.gpg") --namespace string namespace to install the release into (only used if --install is set). Defaults to the current kube config namespace --no-hooks disable pre/post upgrade hooks - --password string chart repository password where to locate the requested chart + --password string chart repository password + --password-stdin take the chart repository password from stdin --recreate-pods performs pods restart for the resource if applicable --repo string chart repository url where to locate the requested chart --reset-values when upgrading, reset the values to the ones built into the chart @@ -92,7 +93,7 @@ helm upgrade [RELEASE] [CHART] [flags] --tls-hostname string the server name used to verify the hostname on the returned certificates from the server --tls-key string path to TLS key file (default "$HELM_HOME/key.pem") --tls-verify enable TLS for request and verify remote - --username string chart repository username where to locate the requested chart + --username string chart repository username -f, --values valueFiles specify values in a YAML file or a URL(can specify multiple) (default []) --verify verify the provenance of the chart before upgrading --version string specify the exact chart version to use. If this is not specified, the latest version is used @@ -115,4 +116,4 @@ helm upgrade [RELEASE] [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 24-Aug-2018 +###### Auto generated by spf13/cobra on 7-Nov-2018