From 2c19838295b9b1efd7fb548d047eaff53095ab52 Mon Sep 17 00:00:00 2001 From: wawa0210 Date: Thu, 22 Oct 2020 16:07:42 +0800 Subject: [PATCH] Fix that the invalid version number of the helm package command will escape Signed-off-by: wawa0210 --- pkg/action/package.go | 16 ++++----- pkg/action/package_test.go | 67 +++++++++++++++++++++++++------------- 2 files changed, 52 insertions(+), 31 deletions(-) diff --git a/pkg/action/package.go b/pkg/action/package.go index 8f53bcac4..38dd1ac91 100644 --- a/pkg/action/package.go +++ b/pkg/action/package.go @@ -27,7 +27,6 @@ import ( "github.com/pkg/errors" "golang.org/x/crypto/ssh/terminal" - "helm.sh/helm/v3/pkg/chart" "helm.sh/helm/v3/pkg/chart/loader" "helm.sh/helm/v3/pkg/chartutil" "helm.sh/helm/v3/pkg/provenance" @@ -64,9 +63,11 @@ func (p *Package) Run(path string, vals map[string]interface{}) (string, error) // If version is set, modify the version. if p.Version != "" { - if err := setVersion(ch, p.Version); err != nil { - return "", err - } + ch.Metadata.Version = p.Version + } + + if err := validateVersion(ch.Metadata.Version); err != nil { + return "", err } if p.AppVersion != "" { @@ -103,14 +104,11 @@ func (p *Package) Run(path string, vals map[string]interface{}) (string, error) return name, err } -func setVersion(ch *chart.Chart, ver string) error { - // Verify that version is a Version, and error out if it is not. +// validateVersion Verify that version is a Version, and error out if it is not. +func validateVersion(ver string) error { if _, err := semver.NewVersion(ver); err != nil { return err } - - // Set the version field on the chart. - ch.Metadata.Version = ver return nil } diff --git a/pkg/action/package_test.go b/pkg/action/package_test.go index 9a202cde4..5c5fed571 100644 --- a/pkg/action/package_test.go +++ b/pkg/action/package_test.go @@ -22,31 +22,11 @@ import ( "path" "testing" + "github.com/Masterminds/semver/v3" + "helm.sh/helm/v3/internal/test/ensure" - "helm.sh/helm/v3/pkg/chart" ) -func TestSetVersion(t *testing.T) { - c := &chart.Chart{ - Metadata: &chart.Metadata{ - Name: "prow", - Version: "0.0.1", - }, - } - expect := "1.2.3-beta.5" - if err := setVersion(c, expect); err != nil { - t.Fatal(err) - } - - if c.Metadata.Version != expect { - t.Errorf("Expected %q, got %q", expect, c.Metadata.Version) - } - - if err := setVersion(c, "monkeyface"); err == nil { - t.Error("Expected bogus version to return an error.") - } -} - func TestPassphraseFileFetcher(t *testing.T) { secret := "secret" directory := ensure.TempFile(t, "passphrase-file", []byte(secret)) @@ -100,3 +80,46 @@ func TestPassphraseFileFetcher_WithInvalidStdin(t *testing.T) { t.Error("Expected passphraseFileFetcher returning an error") } } + +func TestValidateVersion(t *testing.T) { + type args struct { + ver string + } + tests := []struct { + name string + args args + wantErr error + }{ + { + "normal semver version", + args{ + ver: "1.1.3-23658", + }, + nil, + }, + { + "Pre version number starting with 0", + args{ + ver: "1.1.3-023658", + }, + semver.ErrSegmentStartsZero, + }, + { + "Invalid version number", + args{ + ver: "1.1.3.sd.023658", + }, + semver.ErrInvalidSemVer, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if err := validateVersion(tt.args.ver); err != nil { + if err != tt.wantErr { + t.Errorf("Expected {%v}, got {%v}", tt.wantErr, err) + } + + } + }) + } +}