msb-public
/
helm
mirror of https://github.com/helm/helm
1
0
Code Issues Projects Releases Wiki Activity

fix bug where os.ExpandEnv() on the default value causes differing behaviour

Browse Source 
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
pull/4657/head
Matthew Fisher 7 years ago
parent 5d1f447690
commit 25de1d0eb9
No known key found for this signature in database
GPG Key ID: 92AA783CBAAE8E3B
3 changed files with 60 additions and 49 deletions
Show Stats Download Patch File Download Diff File

35
cmd/helm/helm.go
Unescape View File

@ -80,9 +80,21 @@ func newRootCmd(args []string) *cobra.Command {
Long: globalUsage,
SilenceUsage: true,
PersistentPreRun: func(*cobra.Command, []string) {
tlsCaCertFile = os.ExpandEnv(tlsCaCertFile)
tlsCertFile = os.ExpandEnv(tlsCertFile)
tlsKeyFile = os.ExpandEnv(tlsKeyFile)
if settings.TLSCaCertFile == helm_env.DefaultTLSCaCert || settings.TLSCaCertFile == "" {
settings.TLSCaCertFile = settings.Home.TLSCaCert()
} else {
settings.TLSCaCertFile = os.ExpandEnv(settings.TLSCaCertFile)
}
if settings.TLSCertFile == helm_env.DefaultTLSCert || settings.TLSCertFile == "" {
settings.TLSCertFile = settings.Home.TLSCert()
} else {
settings.TLSCertFile = os.ExpandEnv(settings.TLSCertFile)
}
if settings.TLSKeyFile == helm_env.DefaultTLSKeyFile || settings.TLSKeyFile == "" {
settings.TLSKeyFile = settings.Home.TLSKey()
} else {
settings.TLSKeyFile = os.ExpandEnv(settings.TLSKeyFile)
}
},
PersistentPostRun: func(*cobra.Command, []string) {
teardown()
@ -271,24 +283,15 @@ func newClient() helm.Interface {
options := []helm.Option{helm.Host(settings.TillerHost), helm.ConnectTimeout(settings.TillerConnectionTimeout)}
if settings.TLSVerify || settings.TLSEnable {
if tlsCaCertFile == "" {
tlsCaCertFile = settings.Home.TLSCaCert()
}
if tlsCertFile == "" {
tlsCertFile = settings.Home.TLSCert()
}
if tlsKeyFile == "" {
tlsKeyFile = settings.Home.TLSKey()
}
debug("Host=%q, Key=%q, Cert=%q, CA=%q\n", settings.TLSServerName, tlsKeyFile, tlsCertFile, tlsCaCertFile)
debug("Host=%q, Key=%q, Cert=%q, CA=%q\n", settings.TLSServerName, settings.TLSKeyFile, settings.TLSCertFile, settings.TLSCaCertFile)
tlsopts := tlsutil.Options{
ServerName: settings.TLSServerName,
KeyFile: tlsKeyFile,
CertFile: tlsCertFile,
KeyFile: settings.TLSKeyFile,
CertFile: settings.TLSCertFile,
InsecureSkipVerify: true,
}
if settings.TLSVerify {
tlsopts.CaCertFile = tlsCaCertFile
tlsopts.CaCertFile = settings.TLSCaCertFile
tlsopts.InsecureSkipVerify = false
}
tlscfg, err := tlsutil.ClientConfig(tlsopts)

66
cmd/helm/helm_test.go
Unescape View File

@ -261,9 +261,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -280,9 +280,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: true,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -299,9 +299,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: true,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -318,9 +318,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "foo",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -338,8 +338,8 @@ func TestTLSFlags(t *testing.T) {
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "/foo",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -356,9 +356,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "/foo",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSKeyFile: home.TLSKey(),
},
},
{
@ -375,8 +375,8 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: "/foo",
},
},
@ -395,9 +395,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: true,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -415,9 +415,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: true,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -435,9 +435,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "foo",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -456,8 +456,8 @@ func TestTLSFlags(t *testing.T) {
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "/foo",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSCertFile: home.TLSCert(),
TLSKeyFile: home.TLSKey(),
},
},
{
@ -475,9 +475,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "/foo",
TLSKeyFile: "$HELM_HOME/key.pem",
TLSKeyFile: home.TLSKey(),
},
},
{
@ -495,8 +495,8 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false,
TLSVerify: false,
TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem",
TLSCertFile: "$HELM_HOME/cert.pem",
TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: home.TLSCert(),
TLSKeyFile: "/foo",
},
},

8
cmd/helm/init.go
Unescape View File

@ -173,6 +173,14 @@ func (i *initCmd) tlsOptions() error {
return errors.New("missing required TLS CA file")
}
}
// FIXME: refactor this all to pkg/helm/environment
settings.TLSEnable = tlsEnable
settings.TLSVerify = tlsVerify
settings.TLSServerName = tlsServerName
settings.TLSCaCertFile = tlsCaCertFile
settings.TLSCertFile = tlsCertFile
settings.TLSKeyFile = tlsKeyFile
}
return nil
}

Write Preview
Loading…
Cancel
Save