msb-public
/
helm
mirror of https://github.com/helm/helm
1
0
Code Issues Projects Releases Wiki Activity

fix bug where os.ExpandEnv() on the default value causes differing behaviour

Browse Source 
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
pull/4657/head
Matthew Fisher 7 years ago
parent 5d1f447690
commit 25de1d0eb9
No known key found for this signature in database
GPG Key ID: 92AA783CBAAE8E3B
3 changed files with 60 additions and 49 deletions
Show Stats Download Patch File Download Diff File

35
cmd/helm/helm.go
Unescape View File

@ -80,9 +80,21 @@ func newRootCmd(args []string) *cobra.Command {
Long: globalUsage, Long: globalUsage,
SilenceUsage: true, SilenceUsage: true,
PersistentPreRun: func(*cobra.Command, []string) { PersistentPreRun: func(*cobra.Command, []string) {
tlsCaCertFile = os.ExpandEnv(tlsCaCertFile) if settings.TLSCaCertFile == helm_env.DefaultTLSCaCert || settings.TLSCaCertFile == "" {
tlsCertFile = os.ExpandEnv(tlsCertFile) settings.TLSCaCertFile = settings.Home.TLSCaCert()
tlsKeyFile = os.ExpandEnv(tlsKeyFile) } else {
settings.TLSCaCertFile = os.ExpandEnv(settings.TLSCaCertFile)
}
if settings.TLSCertFile == helm_env.DefaultTLSCert || settings.TLSCertFile == "" {
settings.TLSCertFile = settings.Home.TLSCert()
} else {
settings.TLSCertFile = os.ExpandEnv(settings.TLSCertFile)
}
if settings.TLSKeyFile == helm_env.DefaultTLSKeyFile || settings.TLSKeyFile == "" {
settings.TLSKeyFile = settings.Home.TLSKey()
} else {
settings.TLSKeyFile = os.ExpandEnv(settings.TLSKeyFile)
}
}, },
PersistentPostRun: func(*cobra.Command, []string) { PersistentPostRun: func(*cobra.Command, []string) {
teardown() teardown()
@ -271,24 +283,15 @@ func newClient() helm.Interface {
options := []helm.Option{helm.Host(settings.TillerHost), helm.ConnectTimeout(settings.TillerConnectionTimeout)} options := []helm.Option{helm.Host(settings.TillerHost), helm.ConnectTimeout(settings.TillerConnectionTimeout)}
if settings.TLSVerify || settings.TLSEnable { if settings.TLSVerify || settings.TLSEnable {
if tlsCaCertFile == "" { debug("Host=%q, Key=%q, Cert=%q, CA=%q\n", settings.TLSServerName, settings.TLSKeyFile, settings.TLSCertFile, settings.TLSCaCertFile)
tlsCaCertFile = settings.Home.TLSCaCert()
}
if tlsCertFile == "" {
tlsCertFile = settings.Home.TLSCert()
}
if tlsKeyFile == "" {
tlsKeyFile = settings.Home.TLSKey()
}
debug("Host=%q, Key=%q, Cert=%q, CA=%q\n", settings.TLSServerName, tlsKeyFile, tlsCertFile, tlsCaCertFile)
tlsopts := tlsutil.Options{ tlsopts := tlsutil.Options{
ServerName: settings.TLSServerName, ServerName: settings.TLSServerName,
KeyFile: tlsKeyFile, KeyFile: settings.TLSKeyFile,
CertFile: tlsCertFile, CertFile: settings.TLSCertFile,
InsecureSkipVerify: true, InsecureSkipVerify: true,
} }
if settings.TLSVerify { if settings.TLSVerify {
tlsopts.CaCertFile = tlsCaCertFile tlsopts.CaCertFile = settings.TLSCaCertFile
tlsopts.InsecureSkipVerify = false tlsopts.InsecureSkipVerify = false
} }
tlscfg, err := tlsutil.ClientConfig(tlsopts) tlscfg, err := tlsutil.ClientConfig(tlsopts)

66
cmd/helm/helm_test.go
Unescape View File

@ -261,9 +261,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -280,9 +280,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: true, TLSEnable: true,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -299,9 +299,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: true, TLSVerify: true,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -318,9 +318,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "foo", TLSServerName: "foo",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -338,8 +338,8 @@ func TestTLSFlags(t *testing.T) {
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "/foo", TLSCaCertFile: "/foo",
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -356,9 +356,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "/foo", TLSCertFile: "/foo",
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -375,8 +375,8 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "/foo", TLSKeyFile: "/foo",
}, },
}, },
@ -395,9 +395,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: true, TLSEnable: true,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -415,9 +415,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: true, TLSVerify: true,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -435,9 +435,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "foo", TLSServerName: "foo",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -456,8 +456,8 @@ func TestTLSFlags(t *testing.T) {
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "/foo", TLSCaCertFile: "/foo",
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -475,9 +475,9 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "/foo", TLSCertFile: "/foo",
TLSKeyFile: "$HELM_HOME/key.pem", TLSKeyFile: home.TLSKey(),
}, },
}, },
{ {
@ -495,8 +495,8 @@ func TestTLSFlags(t *testing.T) {
TLSEnable: false, TLSEnable: false,
TLSVerify: false, TLSVerify: false,
TLSServerName: "", TLSServerName: "",
TLSCaCertFile: "$HELM_HOME/ca.pem", TLSCaCertFile: home.TLSCaCert(),
TLSCertFile: "$HELM_HOME/cert.pem", TLSCertFile: home.TLSCert(),
TLSKeyFile: "/foo", TLSKeyFile: "/foo",
}, },
}, },

8
cmd/helm/init.go
Unescape View File

@ -173,6 +173,14 @@ func (i *initCmd) tlsOptions() error {
return errors.New("missing required TLS CA file") return errors.New("missing required TLS CA file")
} }
} }
// FIXME: refactor this all to pkg/helm/environment
settings.TLSEnable = tlsEnable
settings.TLSVerify = tlsVerify
settings.TLSServerName = tlsServerName
settings.TLSCaCertFile = tlsCaCertFile
settings.TLSCertFile = tlsCertFile
settings.TLSKeyFile = tlsKeyFile
} }
return nil return nil
} }

Write Preview
Loading…
Cancel
Save