mirror of https://github.com/helm/helm
ref: https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx * Skip invalid chart versions when reading the repository index file or when programmatically adding a chart version. * Adds semver validation and strips non-printable characters and normalizes spaces for string fields in Metadata.Validate() * Fixes a unit test that was pulling a remote repo. Now uses a local repo. * Fixes ignored error in repo update command Signed-off-by: Adam Reese <adam@reese.io>pull/9328/head
parent
b4010b7782
commit
657ce552cb
@ -1,2 +0,0 @@
|
||||
NAME CHART VERSION APP VERSION DESCRIPTION
|
||||
testing/nginx-ingress a.b.c.sdfsdf Chart for nginx-ingress
|
@ -1,2 +0,0 @@
|
||||
NAME CHART VERSION APP VERSION DESCRIPTION
|
||||
testing/mariadb 0.3.0-0565674 Chart for MariaDB
|
@ -0,0 +1,44 @@
|
||||
/*
|
||||
Copyright The Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
package chart
|
||||
|
||||
import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestValidateDependency(t *testing.T) {
|
||||
dep := &Dependency{
|
||||
Name: "example",
|
||||
}
|
||||
for value, shouldFail := range map[string]bool{
|
||||
"abcdefghijklmenopQRSTUVWXYZ-0123456780_": false,
|
||||
"-okay": false,
|
||||
"_okay": false,
|
||||
"- bad": true,
|
||||
" bad": true,
|
||||
"bad\nvalue": true,
|
||||
"bad ": true,
|
||||
"bad$": true,
|
||||
} {
|
||||
dep.Alias = value
|
||||
res := dep.Validate()
|
||||
if res != nil && !shouldFail {
|
||||
t.Errorf("Failed on case %q", dep.Alias)
|
||||
} else if res == nil && shouldFail {
|
||||
t.Errorf("Expected failure for %q", dep.Alias)
|
||||
}
|
||||
}
|
||||
}
|
@ -1,26 +1,28 @@
|
||||
apiVersion: v1
|
||||
entries:
|
||||
foo:
|
||||
- name: foo
|
||||
description: Foo Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- charts/foo-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
bar:
|
||||
- name: bar
|
||||
description: Bar Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- bar-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v1
|
||||
entries:
|
||||
foo:
|
||||
- name: foo
|
||||
description: Foo Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- charts/foo-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v2
|
||||
bar:
|
||||
- name: bar
|
||||
description: Bar Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- bar-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v2
|
||||
|
@ -1,26 +1,28 @@
|
||||
apiVersion: v1
|
||||
entries:
|
||||
foo:
|
||||
- name: foo
|
||||
description: Foo Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- charts/foo-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
bar:
|
||||
- name: bar
|
||||
description: Bar Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- bar-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v1
|
||||
entries:
|
||||
foo:
|
||||
- name: foo
|
||||
description: Foo Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- charts/foo-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v2
|
||||
bar:
|
||||
- name: bar
|
||||
description: Bar Chart With Relative Path
|
||||
home: https://helm.sh/helm
|
||||
keywords: []
|
||||
maintainers: []
|
||||
sources:
|
||||
- https://github.com/helm/charts
|
||||
urls:
|
||||
- bar-1.2.3.tgz
|
||||
version: 1.2.3
|
||||
checksum: 0e6661f193211d7a5206918d42f5c2a9470b737d
|
||||
apiVersion: v2
|
||||
|
Loading…
Reference in new issue