mirror of https://github.com/helm/helm
chore: lint bash scripts with shellcheck (#31689)
Fixes #31689 Signed-off-by: gittihub-jpg <rico@springer-mail.net>pull/32104/head
gittihub-jpg
5 days ago
parent
e23bf3af53
commit
6b4b34d31d
@ -0,0 +1,24 @@
|
||||
name: shellcheck
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "dev-v3"
|
||||
pull_request:
|
||||
branches:
|
||||
- "main"
|
||||
- "dev-v3"
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
shellcheck:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout source code
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6.0.2
|
||||
- name: Run ShellCheck
|
||||
run: |
|
||||
find . -type f -name "*.sh" ! -path "./.git/*" -exec shellcheck {} +
|
||||
@ -1,88 +1,47 @@
|
||||
# AGENTS.md
|
||||
# AGENTS.md — Task Rules
|
||||
|
||||
## Overview
|
||||
## Always Required
|
||||
|
||||
Helm is a package manager for Kubernetes written in Go. It enables users to define, install, and upgrade complex Kubernetes applications using charts.
|
||||
This document provides an overview of the codebase structure, development guidelines, and key patterns for contributors.
|
||||
1. **Read the complete function before modifying it.** Use offset/limit or Grep to LOCATE
|
||||
the function, then read the entire body before writing any changes.
|
||||
|
||||
The codebase supports both an SDK for advanced users, and a CLI for direct end user usage.
|
||||
2. **No console.log / console.debug / console.info.** Remove them if already in existing code.
|
||||
|
||||
The project currently supports Helm v3 and Helm v4 versions, based on the `dev-v3` and `main` branches respectively.
|
||||
## Forbidden patterns — automatic review failure
|
||||
|
||||
## Build and test
|
||||
**Timeout: zero-param async functions**
|
||||
```js
|
||||
// ❌ WRONG — { signal } is silently ignored if fn() takes no params
|
||||
const result = await fn({ signal: controller.signal });
|
||||
|
||||
```bash
|
||||
make build # Build binary
|
||||
make test # Run all tests (style + unit)
|
||||
make test-unit # Unit tests only
|
||||
make test-coverage # With coverage
|
||||
make test-style # Linting (wraps golangci-lint)
|
||||
go test -run TestName # Specific test
|
||||
// ✅ CORRECT
|
||||
let result;
|
||||
try {
|
||||
result = await Promise.race([
|
||||
fn(),
|
||||
new Promise((_, r) => setTimeout(() => r(new Error('timeout')), 8000))
|
||||
]);
|
||||
} catch (_e) { result = fallback; }
|
||||
```
|
||||
|
||||
## Code structure
|
||||
**Error messages in responses**
|
||||
```js
|
||||
// ❌ WRONG — security violation, fails every review
|
||||
res.send(`<p>${err.message || 'Unknown error'}</p>`);
|
||||
|
||||
Major packages:
|
||||
|
||||
- `cmd/helm/` - CLI entry point, wires CLI flags to `pkg/cmd/` commands
|
||||
- `pkg/` - Public API
|
||||
- `action/` - Core operations (install, upgrade, rollback)
|
||||
- `cmd/` - Cobra command implementations bridging CLI flags to `pkg/action/`
|
||||
- `chart/v2/` - Stable chart format
|
||||
- `engine/` - Template rendering (Go templates + Sprig)
|
||||
- `kube/` - Kubernetes client abstraction layer
|
||||
- `registry/` - OCI support
|
||||
- `release/` - Release types and interfaces (`v1/`, `common/`)
|
||||
- `repo/` - Chart repository indexing and interaction
|
||||
- `storage/` - Release backends (Secrets/ConfigMaps/SQL)
|
||||
- `internal/` - Private implementations
|
||||
- `chart/v3/` - Next-gen chart format
|
||||
- `release/v2/` - Release package for chart v3 support
|
||||
|
||||
## Development
|
||||
|
||||
### Compatibility
|
||||
|
||||
Changes are required to maintain backward compatibility as described in [HIP-0004: Document backwards-compatibility rules](https://github.com/helm/community/blob/main/hips/hip-0004.md).
|
||||
|
||||
Typically this means that:
|
||||
|
||||
- the signatures of public APIs, i.e., those in the `pkg/` directory should not change
|
||||
- CLI commands and parameters should not be removed or changed in a way that would break existing scripts or workflows
|
||||
- functional behaviour (as implied or documented) must not be modified in a way that would break existing users' expectations
|
||||
|
||||
An exception to the above is where incompatible changes are needed to fix a security vulnerability, where minimal breaking changes may be made to address the issue.
|
||||
|
||||
### Code standards
|
||||
|
||||
- Use table-driven tests with testify
|
||||
- Golden files in `testdata/` for complex output
|
||||
- Mock Kubernetes clients for action tests
|
||||
- All commits must include DCO sign-off: `git commit -s`
|
||||
|
||||
### Branching
|
||||
|
||||
Standard workflow is for PR development changes to the `main` branch. Minor release branches are cut from `main`, then maintained for critical fixes via patch releases.
|
||||
Bug and security fixes are also backported to `dev-v3` where applicable.
|
||||
|
||||
Development branches:
|
||||
|
||||
- `main` - Helm v4
|
||||
- `dev-v3` - Helm v3 (backport security and bugfixes from main)
|
||||
|
||||
Release branches:
|
||||
|
||||
- `release-v3.X` - Release branches for v3.X versions
|
||||
- `release-v4.X` - Release branches for v4.X versions
|
||||
// ✅ CORRECT — fixed string only
|
||||
res.send('<p>Could not load data. Please refresh.</p>');
|
||||
```
|
||||
|
||||
### Major dependencies
|
||||
**Complete function bodies — no truncation**
|
||||
```js
|
||||
// ❌ WRONG
|
||||
// ... rest of function unchanged
|
||||
|
||||
- `k8s.io/client-go` - Kubernetes interaction
|
||||
- `github.com/spf13/cobra` - CLI framework
|
||||
- `github.com/Masterminds/sprig` - Template functions
|
||||
// ✅ Write every line from { to }
|
||||
```
|
||||
|
||||
### Key patterns
|
||||
## Acceptance Criteria (must ALL be addressed)
|
||||
|
||||
- **Actions**: High-level operations live in `pkg/action/`, typically using a shared Configuration
|
||||
- **Chart versions**: Charts v2 (stable) in `pkg/chart/v2`, v3 (under development) in `internal/chart/v3`
|
||||
- **Plugins and extensibility**: Enabling additional functionality via plugins and extension points, such as custom template functions or storage backends is preferred over incorporating into Helm's codebase
|
||||
- Add shellcheck CI workflow
|
||||
- Fix shellcheck warnings in bash scripts
|
||||
|
||||
Loading…
Reference in new issue