Merge pull request #11896 from mattfarina/go-1.20

Bump the Go version
3 years ago · 952708b436
parent 299a6463a0 046646c944
commit 952708b436
90 changed files with 279 additions and 1096 deletions
--- a/.github/workflows/build-test.yml
+++ b/.github/workflows/build-test.yml
@ -17,7 +17,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@3.5.0
        with:
-          go-version: '1.18'
+          go-version: '1.20'
      - name: Install golangci-lint
        run: |
          curl -sSLO https://github.com/golangci/golangci-lint/releases/download/v$GOLANGCI_LINT_VERSION/golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.tar.gz
@ -26,8 +26,8 @@ jobs:
          sudo mv golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64/golangci-lint /usr/local/bin/golangci-lint
          rm -rf golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64*
        env:
-          GOLANGCI_LINT_VERSION: '1.46.2'
-          GOLANGCI_LINT_SHA256: '242cd4f2d6ac0556e315192e8555784d13da5d1874e51304711570769c4f2b9b'
+          GOLANGCI_LINT_VERSION: '1.51.2'
+          GOLANGCI_LINT_SHA256: '4de479eb9d9bc29da51aec1834e7c255b333723d38dbd56781c68e5dddc6a90b'
      - name: Test style
        run: make test-style
      - name: Run unit tests
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -23,7 +23,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@3.5.0
        with:
-          go-version: '1.18'
+          go-version: '1.20'
      
      - name: Run unit tests
        run: make test-coverage
@ -54,7 +54,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@3.5.0
        with:
-          go-version: '1.18'
+          go-version: '1.20'

      - name: Run unit tests
        run: make test-coverage
--- a/cmd/helm/create_test.go
+++ b/cmd/helm/create_test.go
@ -18,7 +18,6 @@ package main

 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -77,7 +76,7 @@ func TestCreateStarterCmd(t *testing.T) {
 		t.Logf("Created %s", dest)
 	}
 	tplpath := filepath.Join(starterchart, "starterchart", "templates", "foo.tpl")
-	if err := ioutil.WriteFile(tplpath, []byte("test"), 0644); err != nil {
+	if err := os.WriteFile(tplpath, []byte("test"), 0644); err != nil {
 		t.Fatalf("Could not write template: %s", err)
 	}

@ -140,7 +139,7 @@ func TestCreateStarterAbsoluteCmd(t *testing.T) {
 		t.Logf("Created %s", dest)
 	}
 	tplpath := filepath.Join(starterchart, "starterchart", "templates", "foo.tpl")
-	if err := ioutil.WriteFile(tplpath, []byte("test"), 0644); err != nil {
+	if err := os.WriteFile(tplpath, []byte("test"), 0644); err != nil {
 		t.Fatalf("Could not write template: %s", err)
 	}

--- a/cmd/helm/helm.go
+++ b/cmd/helm/helm.go
@ -18,7 +18,7 @@ package main // import "helm.sh/helm/v3/cmd/helm"

 import (
 	"fmt"
-	"io/ioutil"
+	"io"
 	"log"
 	"os"
 	"strings"
@ -106,10 +106,10 @@ func loadReleasesInMemory(actionConfig *action.Configuration) {
 		return
 	}

-	actionConfig.KubeClient = &kubefake.PrintingKubeClient{Out: ioutil.Discard}
+	actionConfig.KubeClient = &kubefake.PrintingKubeClient{Out: io.Discard}

 	for _, path := range filePaths {
-		b, err := ioutil.ReadFile(path)
+		b, err := os.ReadFile(path)
 		if err != nil {
 			log.Fatal("Unable to read memory driver data", err)
 		}
--- a/cmd/helm/helm_test.go
+++ b/cmd/helm/helm_test.go
@ -18,7 +18,7 @@ package main

 import (
 	"bytes"
-	"io/ioutil"
+	"io"
 	"os"
 	"os/exec"
 	"runtime"
@ -92,7 +92,7 @@ func executeActionCommandStdinC(store *storage.Storage, in *os.File, cmd string)

 	actionConfig := &action.Configuration{
 		Releases:     store,
-		KubeClient:   &kubefake.PrintingKubeClient{Out: ioutil.Discard},
+		KubeClient:   &kubefake.PrintingKubeClient{Out: io.Discard},
 		Capabilities: chartutil.DefaultCapabilities,
 		Log:          func(format string, v ...interface{}) {},
 	}
--- a/cmd/helm/load_plugins.go
+++ b/cmd/helm/load_plugins.go
@ -19,7 +19,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"os"
 	"os/exec"
@ -311,7 +310,7 @@ func addPluginCommands(plugin *plugin.Plugin, baseCmd *cobra.Command, cmds *plug
 // loadFile takes a yaml file at the given path, parses it and returns a pluginCommand object
 func loadFile(path string) (*pluginCommand, error) {
 	cmds := new(pluginCommand)
-	b, err := ioutil.ReadFile(path)
+	b, err := os.ReadFile(path)
 	if err != nil {
 		return cmds, fmt.Errorf("file (%s) not provided by plugin. No plugin auto-completion possible", path)
 	}
--- a/cmd/helm/package.go
+++ b/cmd/helm/package.go
@ -19,7 +19,6 @@ package main
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -87,7 +86,7 @@ func newPackageCmd(cfg *action.Configuration, out io.Writer) *cobra.Command {

 				if client.DependencyUpdate {
 					downloadManager := &downloader.Manager{
-						Out:              ioutil.Discard,
+						Out:              io.Discard,
 						ChartPath:        path,
 						Keyring:          client.Keyring,
 						Getters:          p,
--- a/cmd/helm/registry_login.go
+++ b/cmd/helm/registry_login.go
@ -21,7 +21,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"strings"

@ -90,7 +89,7 @@ func getUsernamePassword(usernameOpt string, passwordOpt string, passwordFromStd
 	password := passwordOpt

 	if passwordFromStdinOpt {
-		passwordFromStdin, err := ioutil.ReadAll(os.Stdin)
+		passwordFromStdin, err := io.ReadAll(os.Stdin)
 		if err != nil {
 			return "", "", err
 		}
--- a/cmd/helm/repo_add.go
+++ b/cmd/helm/repo_add.go
@ -20,7 +20,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -134,7 +133,7 @@ func (o *repoAddOptions) run(out io.Writer) error {
 		return err
 	}

-	b, err := ioutil.ReadFile(o.repoFile)
+	b, err := os.ReadFile(o.repoFile)
 	if err != nil && !os.IsNotExist(err) {
 		return err
 	}
--- a/cmd/helm/repo_add_test.go
+++ b/cmd/helm/repo_add_test.go
@ -18,7 +18,7 @@ package main

 import (
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"strings"
@ -102,7 +102,7 @@ func TestRepoAdd(t *testing.T) {
 	}
 	os.Setenv(xdg.CacheHomeEnvVar, rootDir)

-	if err := o.run(ioutil.Discard); err != nil {
+	if err := o.run(io.Discard); err != nil {
 		t.Error(err)
 	}

@ -126,11 +126,11 @@ func TestRepoAdd(t *testing.T) {

 	o.forceUpdate = true

-	if err := o.run(ioutil.Discard); err != nil {
+	if err := o.run(io.Discard); err != nil {
 		t.Errorf("Repository was not updated: %s", err)
 	}

-	if err := o.run(ioutil.Discard); err != nil {
+	if err := o.run(io.Discard); err != nil {
 		t.Errorf("Duplicate repository name was added")
 	}
 }
@ -159,7 +159,7 @@ func TestRepoAddCheckLegalName(t *testing.T) {

 	wantErrorMsg := fmt.Sprintf("repository name (%s) contains '/', please specify a different name without '/'", testRepoName)

-	if err := o.run(ioutil.Discard); err != nil {
+	if err := o.run(io.Discard); err != nil {
 		if wantErrorMsg != err.Error() {
 			t.Fatalf("Actual error %s, not equal to expected error %s", err, wantErrorMsg)
 		}
@ -211,14 +211,14 @@ func repoAddConcurrent(t *testing.T, testName, repoFile string) {
 				forceUpdate:        false,
 				repoFile:           repoFile,
 			}
-			if err := o.run(ioutil.Discard); err != nil {
+			if err := o.run(io.Discard); err != nil {
 				t.Error(err)
 			}
 		}(fmt.Sprintf("%s-%d", testName, i))
 	}
 	wg.Wait()

-	b, err := ioutil.ReadFile(repoFile)
+	b, err := os.ReadFile(repoFile)
 	if err != nil {
 		t.Error(err)
 	}
--- a/cmd/helm/repo_update_test.go
+++ b/cmd/helm/repo_update_test.go
@ -19,7 +19,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -119,7 +118,7 @@ func TestUpdateCustomCacheCmd(t *testing.T) {
 		repoFile:  filepath.Join(ts.Root(), "repositories.yaml"),
 		repoCache: cachePath,
 	}
-	b := ioutil.Discard
+	b := io.Discard
 	if err := o.run(b); err != nil {
 		t.Fatal(err)
 	}
--- a/cmd/helm/require/args_test.go
+++ b/cmd/helm/require/args_test.go
@ -17,7 +17,7 @@ package require

 import (
 	"fmt"
-	"io/ioutil"
+	"io"
 	"strings"
 	"testing"

@ -71,7 +71,7 @@ func runTestCases(t *testing.T, testCases []testCase) {
 				Args: tc.validateFunc,
 			}
 			cmd.SetArgs(tc.args)
-			cmd.SetOutput(ioutil.Discard)
+			cmd.SetOutput(io.Discard)

 			err := cmd.Execute()
 			if tc.wantError == "" {
--- a/cmd/helm/search/search.go
+++ b/cmd/helm/search/search.go
@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package search provides client-side repository searching.
+/*
+Package search provides client-side repository searching.

 This supports building an in-memory search index based on the contents of
 multiple repositories, and then using string matching or regular expressions
--- a/cmd/helm/search_repo.go
+++ b/cmd/helm/search_repo.go
@ -21,7 +21,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -259,7 +258,7 @@ func compListChartsOfRepo(repoName string, prefix string) []string {
 	var charts []string

 	path := filepath.Join(settings.RepositoryCache, helmpath.CacheChartsFile(repoName))
-	content, err := ioutil.ReadFile(path)
+	content, err := os.ReadFile(path)
 	if err == nil {
 		scanner := bufio.NewScanner(bytes.NewReader(content))
 		for scanner.Scan() {
--- a/cmd/helm/upgrade_test.go
+++ b/cmd/helm/upgrade_test.go
@ -18,7 +18,6 @@ package main

 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -359,7 +358,7 @@ func TestUpgradeInstallWithValuesFromStdin(t *testing.T) {

 func prepareMockRelease(releaseName string, t *testing.T) (func(n string, v int, ch *chart.Chart) *release.Release, *chart.Chart, string) {
 	tmpChart := ensure.TempDir(t)
-	configmapData, err := ioutil.ReadFile("testdata/testcharts/upgradetest/templates/configmap.yaml")
+	configmapData, err := os.ReadFile("testdata/testcharts/upgradetest/templates/configmap.yaml")
 	if err != nil {
 		t.Fatalf("Error loading template yaml %v", err)
 	}
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module helm.sh/helm/v3

-go 1.17
+go 1.19

 require (
 	github.com/BurntSushi/toml v1.2.1
@ -14,6 +14,7 @@ require (
 	github.com/cyphar/filepath-securejoin v0.2.3
 	github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2
 	github.com/evanphx/json-patch v5.6.0+incompatible
+	github.com/foxcpp/go-mockdns v1.0.0
 	github.com/gobwas/glob v0.2.3
 	github.com/gofrs/flock v0.8.1
 	github.com/gosuri/uitable v0.0.4
@ -107,6 +108,7 @@ require (
 	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/mattn/go-runewidth v0.0.9 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/miekg/dns v1.1.25 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/moby/locker v1.0.1 // indirect
--- a/go.sum
+++ b/go.sum
--- a/internal/fileutil/fileutil.go
+++ b/internal/fileutil/fileutil.go
@ -18,7 +18,6 @@ package fileutil

 import (
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -28,7 +27,7 @@ import (
 // AtomicWriteFile atomically (as atomic as os.Rename allows) writes a file to a
 // disk.
 func AtomicWriteFile(filename string, reader io.Reader, mode os.FileMode) error {
-	tempFile, err := ioutil.TempFile(filepath.Split(filename))
+	tempFile, err := os.CreateTemp(filepath.Split(filename))
 	if err != nil {
 		return err
 	}
--- a/internal/fileutil/fileutil_test.go
+++ b/internal/fileutil/fileutil_test.go
@ -18,7 +18,6 @@ package fileutil

 import (
 	"bytes"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -37,7 +36,7 @@ func TestAtomicWriteFile(t *testing.T) {
 		t.Errorf("AtomicWriteFile error: %s", err)
 	}

-	got, err := ioutil.ReadFile(testpath)
+	got, err := os.ReadFile(testpath)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/ignore/doc.go
+++ b/internal/ignore/doc.go
@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package ignore provides tools for writing ignore files (a la .gitignore).
+/*
+Package ignore provides tools for writing ignore files (a la .gitignore).

 This provides both an ignore parser and a file-aware processor.

@ -23,19 +24,19 @@ format for .gitignore files (https://git-scm.com/docs/gitignore).

 The formatting rules are as follows:

-	- Parsing is line-by-line
-	- Empty lines are ignored
-	- Lines the begin with # (comments) will be ignored
-	- Leading and trailing spaces are always ignored
-	- Inline comments are NOT supported ('foo* # Any foo' does not contain a comment)
-	- There is no support for multi-line patterns
-	- Shell glob patterns are supported. See Go's "path/filepath".Match
-	- If a pattern begins with a leading !, the match will be negated.
-	- If a pattern begins with a leading /, only paths relatively rooted will match.
-	- If the pattern ends with a trailing /, only directories will match
-	- If a pattern contains no slashes, file basenames are tested (not paths)
-	- The pattern sequence "**", while legal in a glob, will cause an error here
-	  (to indicate incompatibility with .gitignore).
+  - Parsing is line-by-line
+  - Empty lines are ignored
+  - Lines the begin with # (comments) will be ignored
+  - Leading and trailing spaces are always ignored
+  - Inline comments are NOT supported ('foo* # Any foo' does not contain a comment)
+  - There is no support for multi-line patterns
+  - Shell glob patterns are supported. See Go's "path/filepath".Match
+  - If a pattern begins with a leading !, the match will be negated.
+  - If a pattern begins with a leading /, only paths relatively rooted will match.
+  - If the pattern ends with a trailing /, only directories will match
+  - If a pattern contains no slashes, file basenames are tested (not paths)
+  - The pattern sequence "**", while legal in a glob, will cause an error here
+    (to indicate incompatibility with .gitignore).

 Example:

@ -58,10 +59,10 @@ Example:
 	a[b-d].txt

 Notable differences from .gitignore:
-	- The '**' syntax is not supported.
-	- The globbing library is Go's 'filepath.Match', not fnmatch(3)
-	- Trailing spaces are always ignored (there is no supported escape sequence)
-	- The evaluation of escape sequences has not been tested for compatibility
-	- There is no support for '\!' as a special leading sequence.
+  - The '**' syntax is not supported.
+  - The globbing library is Go's 'filepath.Match', not fnmatch(3)
+  - Trailing spaces are always ignored (there is no supported escape sequence)
+  - The evaluation of escape sequences has not been tested for compatibility
+  - There is no support for '\!' as a special leading sequence.
 */
 package ignore // import "helm.sh/helm/v3/internal/ignore"
--- a/internal/test/ensure/ensure.go
+++ b/internal/test/ensure/ensure.go
@ -17,7 +17,6 @@ limitations under the License.
 package ensure

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -44,7 +43,7 @@ func HelmHome(t *testing.T) func() {
 // TempDir ensures a scratch test directory for unit testing purposes.
 func TempDir(t *testing.T) string {
 	t.Helper()
-	d, err := ioutil.TempDir("", "helm")
+	d, err := os.MkdirTemp("", "helm")
 	if err != nil {
 		t.Fatal(err)
 	}
@ -57,13 +56,13 @@ func TempDir(t *testing.T) string {
 //
 // You must clean up the directory that is returned.
 //
-// 	tempdir := TempFile(t, "foo", []byte("bar"))
-// 	defer os.RemoveAll(tempdir)
-// 	filename := filepath.Join(tempdir, "foo")
+//	tempdir := TempFile(t, "foo", []byte("bar"))
+//	defer os.RemoveAll(tempdir)
+//	filename := filepath.Join(tempdir, "foo")
 func TempFile(t *testing.T, name string, data []byte) string {
 	path := TempDir(t)
 	filename := filepath.Join(path, name)
-	if err := ioutil.WriteFile(filename, data, 0755); err != nil {
+	if err := os.WriteFile(filename, data, 0755); err != nil {
 		t.Fatal(err)
 	}
 	return path
--- a/internal/test/test.go
+++ b/internal/test/test.go
@ -19,7 +19,7 @@ package test
 import (
 	"bytes"
 	"flag"
-	"io/ioutil"
+	"os"
 	"path/filepath"

 	"github.com/pkg/errors"
@ -53,7 +53,7 @@ func AssertGoldenString(t TestingT, actual, filename string) {
 func AssertGoldenFile(t TestingT, actualFileName string, expectedFilename string) {
 	t.Helper()

-	actual, err := ioutil.ReadFile(actualFileName)
+	actual, err := os.ReadFile(actualFileName)
 	if err != nil {
 		t.Fatalf("%v", err)
 	}
@ -73,7 +73,7 @@ func compare(actual []byte, filename string) error {
 		return err
 	}

-	expected, err := ioutil.ReadFile(filename)
+	expected, err := os.ReadFile(filename)
 	if err != nil {
 		return errors.Wrapf(err, "unable to read testdata %s", filename)
 	}
@ -88,7 +88,7 @@ func update(filename string, in []byte) error {
 	if !*updateGolden {
 		return nil
 	}
-	return ioutil.WriteFile(filename, normalize(in), 0666)
+	return os.WriteFile(filename, normalize(in), 0666)
 }

 func normalize(in []byte) []byte {
--- a/internal/third_party/dep/fs/fs_test.go
+++ b/internal/third_party/dep/fs/fs_test.go
@ -32,7 +32,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 package fs

 import (
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
@ -137,7 +136,7 @@ func TestCopyDir(t *testing.T) {
 			t.Fatalf("expected %s to be a directory", dn)
 		}

-		got, err := ioutil.ReadFile(fn)
+		got, err := os.ReadFile(fn)
 		if err != nil {
 			t.Fatal(err)
 		}
@ -337,7 +336,7 @@ func TestCopyFile(t *testing.T) {
 		t.Fatal(err)
 	}

-	got, err := ioutil.ReadFile(destf)
+	got, err := os.ReadFile(destf)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -396,11 +395,11 @@ func TestCopyFileSymlink(t *testing.T) {
 				// Creating symlinks on Windows require an additional permission
 				// regular users aren't granted usually. So we copy the file
 				// content as a fall back instead of creating a real symlink.
-				srcb, err := ioutil.ReadFile(symlink)
+				srcb, err := os.ReadFile(symlink)
 				if err != nil {
 					t.Fatalf("%+v", err)
 				}
-				dstb, err := ioutil.ReadFile(dst)
+				dstb, err := os.ReadFile(dst)
 				if err != nil {
 					t.Fatalf("%+v", err)
 				}
--- a/internal/third_party/k8s.io/kubernetes/deployment/util/deploymentutil.go
+++ b/internal/third_party/k8s.io/kubernetes/deployment/util/deploymentutil.go
@ -92,9 +92,9 @@ func FindNewReplicaSet(deployment *apps.Deployment, rsList []*apps.ReplicaSet) *

 // EqualIgnoreHash returns true if two given podTemplateSpec are equal, ignoring the diff in value of Labels[pod-template-hash]
 // We ignore pod-template-hash because:
-// 1. The hash result would be different upon podTemplateSpec API changes
-//    (e.g. the addition of a new field will cause the hash code to change)
-// 2. The deployment template won't have hash labels
+//  1. The hash result would be different upon podTemplateSpec API changes
+//     (e.g. the addition of a new field will cause the hash code to change)
+//  2. The deployment template won't have hash labels
 func EqualIgnoreHash(template1, template2 *v1.PodTemplateSpec) bool {
 	t1Copy := template1.DeepCopy()
 	t2Copy := template2.DeepCopy()
--- a/internal/tlsutil/tls.go
+++ b/internal/tlsutil/tls.go
@ -19,7 +19,7 @@ package tlsutil
 import (
 	"crypto/tls"
 	"crypto/x509"
-	"io/ioutil"
+	"os"

 	"github.com/pkg/errors"
 )
@ -54,7 +54,7 @@ func NewClientTLS(certFile, keyFile, caFile string, insecureSkipTLSverify bool)
 // Returns an error if the file could not be read, a certificate could not
 // be parsed, or if the file does not contain any certificates
 func CertPoolFromFile(filename string) (*x509.CertPool, error) {
-	b, err := ioutil.ReadFile(filename)
+	b, err := os.ReadFile(filename)
 	if err != nil {
 		return nil, errors.Errorf("can't read CA file: %v", filename)
 	}
--- a/pkg/action/action_test.go
+++ b/pkg/action/action_test.go
@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
@ -17,7 +17,7 @@ package action

 import (
 	"flag"
-	"io/ioutil"
+	"io"
 	"testing"

 	fakeclientset "k8s.io/client-go/kubernetes/fake"
@ -44,7 +44,7 @@ func actionConfigFixture(t *testing.T) *Configuration {

 	return &Configuration{
 		Releases:       storage.Init(driver.NewMemory()),
-		KubeClient:     &kubefake.FailingKubeClient{PrintingKubeClient: kubefake.PrintingKubeClient{Out: ioutil.Discard}},
+		KubeClient:     &kubefake.FailingKubeClient{PrintingKubeClient: kubefake.PrintingKubeClient{Out: io.Discard}},
 		Capabilities:   chartutil.DefaultCapabilities,
 		RegistryClient: registryClient,
 		Log: func(format string, v ...interface{}) {
--- a/pkg/action/install.go
+++ b/pkg/action/install.go
@ -20,7 +20,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/url"
 	"os"
 	"path"
@ -246,7 +246,7 @@ func (i *Install) RunWithContext(ctx context.Context, chrt *chart.Chart, vals ma
 			i.cfg.Capabilities.KubeVersion = *i.KubeVersion
 		}
 		i.cfg.Capabilities.APIVersions = append(i.cfg.Capabilities.APIVersions, i.APIVersions...)
-		i.cfg.KubeClient = &kubefake.PrintingKubeClient{Out: ioutil.Discard}
+		i.cfg.KubeClient = &kubefake.PrintingKubeClient{Out: io.Discard}

 		mem := driver.NewMemory()
 		mem.SetNamespace(i.Namespace)
--- a/pkg/action/install_test.go
+++ b/pkg/action/install_test.go
@ -19,7 +19,7 @@ package action
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"regexp"
@ -132,7 +132,7 @@ func TestInstallReleaseClientOnly(t *testing.T) {
 	instAction.Run(buildChart(), nil) // disregard output

 	is.Equal(instAction.cfg.Capabilities, chartutil.DefaultCapabilities)
-	is.Equal(instAction.cfg.KubeClient, &kubefake.PrintingKubeClient{Out: ioutil.Discard})
+	is.Equal(instAction.cfg.KubeClient, &kubefake.PrintingKubeClient{Out: io.Discard})
 }

 func TestInstallRelease_NoName(t *testing.T) {
--- a/pkg/action/lint.go
+++ b/pkg/action/lint.go
@ -17,7 +17,6 @@ limitations under the License.
 package action

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -91,7 +90,7 @@ func lintChart(path string, vals map[string]interface{}, namespace string, stric
 	linter := support.Linter{}

 	if strings.HasSuffix(path, ".tgz") || strings.HasSuffix(path, ".tar.gz") {
-		tempDir, err := ioutil.TempDir("", "helm-lint")
+		tempDir, err := os.MkdirTemp("", "helm-lint")
 		if err != nil {
 			return linter, errors.Wrap(err, "unable to create temp dir to extract tarball")
 		}
--- a/pkg/action/package.go
+++ b/pkg/action/package.go
@ -19,7 +19,6 @@ package action
 import (
 	"bufio"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"syscall"

@ -137,7 +136,7 @@ func (p *Package) Clearsign(filename string) error {
 		return err
 	}

-	return ioutil.WriteFile(filename+".prov", []byte(sig), 0644)
+	return os.WriteFile(filename+".prov", []byte(sig), 0644)
 }

 // promptUser implements provenance.PassphraseFetcher
--- a/pkg/action/package_test.go
+++ b/pkg/action/package_test.go
@ -17,7 +17,6 @@ limitations under the License.
 package action

 import (
-	"io/ioutil"
 	"os"
 	"path"
 	"testing"
@ -71,7 +70,7 @@ func TestPassphraseFileFetcher_WithInvalidStdin(t *testing.T) {
 	directory := ensure.TempDir(t)
 	defer os.RemoveAll(directory)

-	stdin, err := ioutil.TempFile(directory, "non-existing")
+	stdin, err := os.CreateTemp(directory, "non-existing")
 	if err != nil {
 		t.Fatal("Unable to create test file", err)
 	}
--- a/pkg/action/pull.go
+++ b/pkg/action/pull.go
@ -18,7 +18,6 @@ package action

 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -114,7 +113,7 @@ func (p *Pull) Run(chartRef string) (string, error) {
 	dest := p.DestDir
 	if p.Untar {
 		var err error
-		dest, err = ioutil.TempDir("", "helm-")
+		dest, err = os.MkdirTemp("", "helm-")
 		if err != nil {
 			return out.String(), errors.Wrap(err, "failed to untar")
 		}
--- a/pkg/chart/chart_test.go
+++ b/pkg/chart/chart_test.go
@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
--- a/pkg/chart/dependency_test.go
+++ b/pkg/chart/dependency_test.go
@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
--- a/pkg/chart/loader/directory.go
+++ b/pkg/chart/loader/directory.go
@ -19,7 +19,6 @@ package loader
 import (
 	"bytes"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -102,7 +101,7 @@ func LoadDir(dir string) (*chart.Chart, error) {
 			return fmt.Errorf("cannot load irregular file %s as it has file mode type bits set", name)
 		}

-		data, err := ioutil.ReadFile(name)
+		data, err := os.ReadFile(name)
 		if err != nil {
 			return errors.Wrapf(err, "error reading %s", n)
 		}
--- a/pkg/chart/loader/load_test.go
+++ b/pkg/chart/loader/load_test.go
@ -21,7 +21,6 @@ import (
 	"bytes"
 	"compress/gzip"
 	"io"
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
@ -90,13 +89,13 @@ func TestLoadDirWithSymlink(t *testing.T) {
 func TestBomTestData(t *testing.T) {
 	testFiles := []string{"frobnitz_with_bom/.helmignore", "frobnitz_with_bom/templates/template.tpl", "frobnitz_with_bom/Chart.yaml"}
 	for _, file := range testFiles {
-		data, err := ioutil.ReadFile("testdata/" + file)
+		data, err := os.ReadFile("testdata/" + file)
 		if err != nil || !bytes.HasPrefix(data, utf8bom) {
 			t.Errorf("Test file has no BOM or is invalid: testdata/%s", file)
 		}
 	}

-	archive, err := ioutil.ReadFile("testdata/frobnitz_with_bom.tgz")
+	archive, err := os.ReadFile("testdata/frobnitz_with_bom.tgz")
 	if err != nil {
 		t.Fatalf("Error reading archive frobnitz_with_bom.tgz: %s", err)
 	}
--- a/pkg/chart/metadata_test.go
+++ b/pkg/chart/metadata_test.go
@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
--- a/pkg/chartutil/chartfile.go
+++ b/pkg/chartutil/chartfile.go
@ -17,7 +17,6 @@ limitations under the License.
 package chartutil

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -29,7 +28,7 @@ import (

 // LoadChartfile loads a Chart.yaml file into a *chart.Metadata.
 func LoadChartfile(filename string) (*chart.Metadata, error) {
-	b, err := ioutil.ReadFile(filename)
+	b, err := os.ReadFile(filename)
 	if err != nil {
 		return nil, err
 	}
@ -55,7 +54,7 @@ func SaveChartfile(filename string, cf *chart.Metadata) error {
 	if err != nil {
 		return err
 	}
-	return ioutil.WriteFile(filename, out, 0644)
+	return os.WriteFile(filename, out, 0644)
 }

 // IsChartDir validate a chart directory.
@ -73,7 +72,7 @@ func IsChartDir(dirName string) (bool, error) {
 		return false, errors.Errorf("no %s exists in directory %q", ChartfileName, dirName)
 	}

-	chartYamlContent, err := ioutil.ReadFile(chartYaml)
+	chartYamlContent, err := os.ReadFile(chartYaml)
 	if err != nil {
 		return false, errors.Errorf("cannot read %s in directory %q", ChartfileName, dirName)
 	}
--- a/pkg/chartutil/chartfile_test.go
+++ b/pkg/chartutil/chartfile_test.go
@ -35,11 +35,11 @@ func TestLoadChartfile(t *testing.T) {

 func verifyChartfile(t *testing.T, f *chart.Metadata, name string) {

-	if f == nil {
+	if f == nil { //nolint:staticcheck
 		t.Fatal("Failed verifyChartfile because f is nil")
 	}

-	if f.APIVersion != chart.APIVersionV1 {
+	if f.APIVersion != chart.APIVersionV1 { //nolint:staticcheck
 		t.Errorf("Expected API Version %q, got %q", chart.APIVersionV1, f.APIVersion)
 	}

--- a/pkg/chartutil/coalesce.go
+++ b/pkg/chartutil/coalesce.go
@ -37,11 +37,11 @@ func concatPrefix(a, b string) string {
 //
 // Values are coalesced together using the following rules:
 //
-//	- Values in a higher level chart always override values in a lower-level
-//		dependency chart
-//	- Scalar values and arrays are replaced, maps are merged
-//	- A chart has access to all of the variables for it, as well as all of
-//		the values destined for its dependencies.
+//   - Values in a higher level chart always override values in a lower-level
+//     dependency chart
+//   - Scalar values and arrays are replaced, maps are merged
+//   - A chart has access to all of the variables for it, as well as all of
+//     the values destined for its dependencies.
 func CoalesceValues(chrt *chart.Chart, vals map[string]interface{}) (Values, error) {
 	v, err := copystructure.Copy(vals)
 	if err != nil {
--- a/pkg/chartutil/create.go
+++ b/pkg/chartutil/create.go
@ -19,7 +19,6 @@ package chartutil
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"regexp"
@ -673,7 +672,7 @@ func writeFile(name string, content []byte) error {
 	if err := os.MkdirAll(filepath.Dir(name), 0755); err != nil {
 		return err
 	}
-	return ioutil.WriteFile(name, content, 0644)
+	return os.WriteFile(name, content, 0644)
 }

 func validateChartName(name string) error {
--- a/pkg/chartutil/create_test.go
+++ b/pkg/chartutil/create_test.go
@ -18,7 +18,6 @@ package chartutil

 import (
 	"bytes"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -100,7 +99,7 @@ func TestCreateFrom(t *testing.T) {
 		}

 		// Check each file to make sure <CHARTNAME> has been replaced
-		b, err := ioutil.ReadFile(filepath.Join(dir, f))
+		b, err := os.ReadFile(filepath.Join(dir, f))
 		if err != nil {
 			t.Errorf("Unable to read file %s: %s", f, err)
 		}
@ -131,7 +130,7 @@ func TestCreate_Overwrite(t *testing.T) {
 		t.Fatal(err)
 	}

-	data, err := ioutil.ReadFile(tplname)
+	data, err := os.ReadFile(tplname)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/pkg/chartutil/doc.go
+++ b/pkg/chartutil/doc.go
@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package chartutil contains tools for working with charts.
+/*
+Package chartutil contains tools for working with charts.

 Charts are described in the chart package (pkg/chart).
 This package provides utilities for serializing and deserializing charts.

 A chart can be represented on the file system in one of two ways:

-	- As a directory that contains a Chart.yaml file and other chart things.
-	- As a tarred gzipped file containing a directory that then contains a
-	Chart.yaml file.
+  - As a directory that contains a Chart.yaml file and other chart things.
+  - As a tarred gzipped file containing a directory that then contains a
+    Chart.yaml file.

 This package provides utilities for working with those file formats.

--- a/pkg/chartutil/expand.go
+++ b/pkg/chartutil/expand.go
@ -18,7 +18,6 @@ package chartutil

 import (
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -72,7 +71,7 @@ func Expand(dir string, r io.Reader) error {
 			return err
 		}

-		if err := ioutil.WriteFile(outpath, file.Data, 0644); err != nil {
+		if err := os.WriteFile(outpath, file.Data, 0644); err != nil {
 			return err
 		}
 	}
--- a/pkg/chartutil/jsonschema_test.go
+++ b/pkg/chartutil/jsonschema_test.go
@ -17,7 +17,7 @@ limitations under the License.
 package chartutil

 import (
-	"io/ioutil"
+	"os"
 	"testing"

 	"helm.sh/helm/v3/pkg/chart"
@ -28,7 +28,7 @@ func TestValidateAgainstSingleSchema(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
-	schema, err := ioutil.ReadFile("./testdata/test-values.schema.json")
+	schema, err := os.ReadFile("./testdata/test-values.schema.json")
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
@ -43,7 +43,7 @@ func TestValidateAgainstInvalidSingleSchema(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
-	schema, err := ioutil.ReadFile("./testdata/test-values-invalid.schema.json")
+	schema, err := os.ReadFile("./testdata/test-values-invalid.schema.json")
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
@ -67,7 +67,7 @@ func TestValidateAgainstSingleSchemaNegative(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
-	schema, err := ioutil.ReadFile("./testdata/test-values.schema.json")
+	schema, err := os.ReadFile("./testdata/test-values.schema.json")
 	if err != nil {
 		t.Fatalf("Error reading YAML file: %s", err)
 	}
--- a/pkg/chartutil/values.go
+++ b/pkg/chartutil/values.go
@ -19,7 +19,7 @@ package chartutil
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
+	"os"
 	"strings"

 	"github.com/pkg/errors"
@ -114,7 +114,7 @@ func ReadValues(data []byte) (vals Values, err error) {

 // ReadValuesFile will parse a YAML file into a map of values.
 func ReadValuesFile(filename string) (Values, error) {
-	data, err := ioutil.ReadFile(filename)
+	data, err := os.ReadFile(filename)
 	if err != nil {
 		return map[string]interface{}{}, err
 	}
--- a/pkg/cli/values/options.go
+++ b/pkg/cli/values/options.go
@ -17,7 +17,7 @@ limitations under the License.
 package values

 import (
-	"io/ioutil"
+	"io"
 	"net/url"
 	"os"
 	"strings"
@ -119,7 +119,7 @@ func mergeMaps(a, b map[string]interface{}) map[string]interface{} {
 // readFile load a file from stdin, the local directory, or a remote file with a url.
 func readFile(filePath string, p getter.Providers) ([]byte, error) {
 	if strings.TrimSpace(filePath) == "-" {
-		return ioutil.ReadAll(os.Stdin)
+		return io.ReadAll(os.Stdin)
 	}
 	u, err := url.Parse(filePath)
 	if err != nil {
@ -129,7 +129,7 @@ func readFile(filePath string, p getter.Providers) ([]byte, error) {
 	// FIXME: maybe someone handle other protocols like ftp.
 	g, err := p.ByScheme(u.Scheme)
 	if err != nil {
-		return ioutil.ReadFile(filePath)
+		return os.ReadFile(filePath)
 	}
 	data, err := g.Get(filePath, getter.WithURL(filePath))
 	if err != nil {
--- a/pkg/downloader/chart_downloader.go
+++ b/pkg/downloader/chart_downloader.go
@ -184,11 +184,11 @@ func (c *ChartDownloader) getOciURI(ref, version string, u *url.URL) (*url.URL,
 //
 // A version is a SemVer string (1.2.3-beta.1+f334a6789).
 //
-//	- For fully qualified URLs, the version will be ignored (since URLs aren't versioned)
-//	- For a chart reference
-//		* If version is non-empty, this will return the URL for that version
-//		* If version is empty, this will return the URL for the latest version
-//		* If no version can be found, an error is returned
+//   - For fully qualified URLs, the version will be ignored (since URLs aren't versioned)
+//   - For a chart reference
+//   - If version is non-empty, this will return the URL for that version
+//   - If version is empty, this will return the URL for the latest version
+//   - If no version can be found, an error is returned
 func (c *ChartDownloader) ResolveChartVersion(ref, version string) (*url.URL, error) {
 	u, err := url.Parse(ref)
 	if err != nil {
--- a/pkg/downloader/doc.go
+++ b/pkg/downloader/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package downloader provides a library for downloading charts.
+/*
+Package downloader provides a library for downloading charts.

 This package contains various tools for downloading charts from repository
 servers, and then storing them in Helm-specific directory structures. This
--- a/pkg/downloader/manager.go
+++ b/pkg/downloader/manager.go
@ -20,7 +20,6 @@ import (
 	"encoding/hex"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/url"
 	"os"
@ -845,7 +844,7 @@ func writeLock(chartpath string, lock *chart.Lock, legacyLockfile bool) error {
 		lockfileName = "requirements.lock"
 	}
 	dest := filepath.Join(chartpath, lockfileName)
-	return ioutil.WriteFile(dest, data, 0644)
+	return os.WriteFile(dest, data, 0644)
 }

 // archive a dep chart from local directory and save it into destPath
--- a/pkg/engine/doc.go
+++ b/pkg/engine/doc.go
@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package engine implements the Go text template engine as needed for Helm.
+/*
+Package engine implements the Go text template engine as needed for Helm.

 When Helm renders templates it does so with additional functions and different
 modes (e.g., strict, lint mode). This package handles the helm specific
--- a/pkg/engine/files.go
+++ b/pkg/engine/files.go
@ -99,7 +99,8 @@ func (f files) Glob(pattern string) files {
 // The output will not be indented, so you will want to pipe this to the
 // 'indent' template function.
 //
-//   data:
+//	data:
+//
 // {{ .Files.Glob("config/**").AsConfig() | indent 4 }}
 func (f files) AsConfig() string {
 	if f == nil {
@ -128,7 +129,8 @@ func (f files) AsConfig() string {
 // The output will not be indented, so you will want to pipe this to the
 // 'indent' template function.
 //
-//   data:
+//	data:
+//
 // {{ .Files.Glob("secrets/*").AsSecrets() }}
 func (f files) AsSecrets() string {
 	if f == nil {
--- a/pkg/engine/funcs.go
+++ b/pkg/engine/funcs.go
@ -35,12 +35,11 @@ import (
 //
 // Known late-bound functions:
 //
-//	- "include"
-//	- "tpl"
+//   - "include"
+//   - "tpl"
 //
 // These are late-bound in Engine.Render().  The
 // version included in the FuncMap is a placeholder.
-//
 func funcMap() template.FuncMap {
 	f := sprig.TxtFuncMap()
 	delete(f, "env")
--- a/pkg/gates/doc.go
+++ b/pkg/gates/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package gates provides a general tool for working with experimental feature gates.
+/*
+Package gates provides a general tool for working with experimental feature gates.

 This provides convenience methods where the user can determine if certain experimental features are enabled.
 */
--- a/pkg/getter/doc.go
+++ b/pkg/getter/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package getter provides a generalize tool for fetching data by scheme.
+/*
+Package getter provides a generalize tool for fetching data by scheme.

 This provides a method by which the plugin system can load arbitrary protocol
 handlers based upon a URL scheme.
--- a/pkg/getter/httpgetter_test.go
+++ b/pkg/getter/httpgetter_test.go
@ -435,10 +435,10 @@ func verifyInsecureSkipVerify(t *testing.T, g *HTTPGetter, caseName string, expe
 		t.Fatal(err)
 	}

-	if returnVal == nil {
+	if returnVal == nil { //nolint:staticcheck
 		t.Fatalf("Expected non nil value for http client")
 	}
-	transport := (returnVal.Transport).(*http.Transport)
+	transport := (returnVal.Transport).(*http.Transport) //nolint:staticcheck
 	gotValue := false
 	if transport.TLSClientConfig != nil {
 		gotValue = transport.TLSClientConfig.InsecureSkipVerify
@ -459,11 +459,11 @@ func TestDefaultHTTPTransportReuse(t *testing.T) {
 		t.Fatal(err)
 	}

-	if httpClient1 == nil {
+	if httpClient1 == nil { //nolint:staticcheck
 		t.Fatalf("Expected non nil value for http client")
 	}

-	transport1 := (httpClient1.Transport).(*http.Transport)
+	transport1 := (httpClient1.Transport).(*http.Transport) //nolint:staticcheck

 	httpClient2, err := g.httpClient()

@ -471,11 +471,11 @@ func TestDefaultHTTPTransportReuse(t *testing.T) {
 		t.Fatal(err)
 	}

-	if httpClient2 == nil {
+	if httpClient2 == nil { //nolint:staticcheck
 		t.Fatalf("Expected non nil value for http client")
 	}

-	transport2 := (httpClient2.Transport).(*http.Transport)
+	transport2 := (httpClient2.Transport).(*http.Transport) //nolint:staticcheck

 	if transport1 != transport2 {
 		t.Fatalf("Expected default transport to be reused")
@ -493,11 +493,11 @@ func TestHTTPTransportOption(t *testing.T) {
 		t.Fatal(err)
 	}

-	if httpClient1 == nil {
+	if httpClient1 == nil { //nolint:staticcheck
 		t.Fatalf("Expected non nil value for http client")
 	}

-	transport1 := (httpClient1.Transport).(*http.Transport)
+	transport1 := (httpClient1.Transport).(*http.Transport) //nolint:staticcheck

 	if transport1 != transport {
 		t.Fatalf("Expected transport option to be applied")
@ -509,11 +509,11 @@ func TestHTTPTransportOption(t *testing.T) {
 		t.Fatal(err)
 	}

-	if httpClient2 == nil {
+	if httpClient2 == nil { //nolint:staticcheck
 		t.Fatalf("Expected non nil value for http client")
 	}

-	transport2 := (httpClient2.Transport).(*http.Transport)
+	transport2 := (httpClient2.Transport).(*http.Transport) //nolint:staticcheck

 	if transport1 != transport2 {
 		t.Fatalf("Expected applied transport to be reused")
--- a/pkg/kube/client_test.go
+++ b/pkg/kube/client_test.go
@ -19,7 +19,6 @@ package kube
 import (
 	"bytes"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"strings"
 	"testing"
@ -37,7 +36,7 @@ var unstructuredSerializer = resource.UnstructuredPlusDefaultContentConfig().Neg
 var codec = scheme.Codecs.LegacyCodec(scheme.Scheme.PrioritizedVersionsAllGroups()...)

 func objBody(obj runtime.Object) io.ReadCloser {
-	return ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, obj))))
+	return io.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, obj))))
 }

 func newPod(name string) v1.Pod {
@ -87,7 +86,7 @@ func notFoundBody() *metav1.Status {
 func newResponse(code int, obj runtime.Object) (*http.Response, error) {
 	header := http.Header{}
 	header.Set("Content-Type", runtime.ContentTypeJSON)
-	body := ioutil.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, obj))))
+	body := io.NopCloser(bytes.NewReader([]byte(runtime.EncodeOrDie(codec, obj))))
 	return &http.Response{StatusCode: code, Header: header, Body: body}, nil
 }

@ -123,7 +122,7 @@ func TestUpdate(t *testing.T) {
 			case p == "/namespaces/default/pods/otter" && m == "GET":
 				return newResponse(200, &listA.Items[1])
 			case p == "/namespaces/default/pods/otter" && m == "PATCH":
-				data, err := ioutil.ReadAll(req.Body)
+				data, err := io.ReadAll(req.Body)
 				if err != nil {
 					t.Fatalf("could not dump request: %s", err)
 				}
@ -136,7 +135,7 @@ func TestUpdate(t *testing.T) {
 			case p == "/namespaces/default/pods/dolphin" && m == "GET":
 				return newResponse(404, notFoundBody())
 			case p == "/namespaces/default/pods/starfish" && m == "PATCH":
-				data, err := ioutil.ReadAll(req.Body)
+				data, err := io.ReadAll(req.Body)
 				if err != nil {
 					t.Fatalf("could not dump request: %s", err)
 				}
--- a/pkg/kube/resource_policy.go
+++ b/pkg/kube/resource_policy.go
@ -22,5 +22,6 @@ const ResourcePolicyAnno = "helm.sh/resource-policy"
 // KeepPolicy is the resource policy type for keep
 //
 // This resource policy type allows resources to skip being deleted
-//   during an uninstallRelease action.
+//
+//	during an uninstallRelease action.
 const KeepPolicy = "keep"
--- a/pkg/lint/rules/chartfile.go
+++ b/pkg/lint/rules/chartfile.go
@ -18,7 +18,6 @@ package rules // import "helm.sh/helm/v3/pkg/lint/rules"

 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -200,7 +199,7 @@ func validateChartType(cf *chart.Metadata) error {
 // in a generic form of a map[string]interface{}, so that the type
 // of the values can be checked
 func loadChartFileForTypeCheck(filename string) (map[string]interface{}, error) {
-	b, err := ioutil.ReadFile(filename)
+	b, err := os.ReadFile(filename)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/lint/rules/dependencies_test.go
+++ b/pkg/lint/rules/dependencies_test.go
@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

-    http://www.apache.org/licenses/LICENSE-2.0
+	http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
--- a/pkg/lint/rules/values.go
+++ b/pkg/lint/rules/values.go
@ -17,7 +17,6 @@ limitations under the License.
 package rules

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"

@ -76,7 +75,7 @@ func validateValuesFile(valuesPath string, overrides map[string]interface{}) err

 	ext := filepath.Ext(valuesPath)
 	schemaPath := valuesPath[:len(valuesPath)-len(ext)] + ".schema.json"
-	schema, err := ioutil.ReadFile(schemaPath)
+	schema, err := os.ReadFile(schemaPath)
 	if len(schema) == 0 {
 		return nil
 	}
--- a/pkg/lint/rules/values_test.go
+++ b/pkg/lint/rules/values_test.go
@ -17,7 +17,6 @@ limitations under the License.
 package rules

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -168,7 +167,7 @@ func TestValidateValuesFile(t *testing.T) {
 func createTestingSchema(t *testing.T, dir string) string {
 	t.Helper()
 	schemafile := filepath.Join(dir, "values.schema.json")
-	if err := ioutil.WriteFile(schemafile, []byte(testSchema), 0700); err != nil {
+	if err := os.WriteFile(schemafile, []byte(testSchema), 0700); err != nil {
 		t.Fatalf("Failed to write schema to tmpdir: %s", err)
 	}
 	return schemafile
--- a/pkg/lint/support/doc.go
+++ b/pkg/lint/support/doc.go
@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package support contains tools for linting charts.
+/*
+Package support contains tools for linting charts.

 Linting is the process of testing charts for errors or warnings regarding
 formatting, compilation, or standards compliance.
--- a/pkg/plugin/installer/local_installer_test.go
+++ b/pkg/plugin/installer/local_installer_test.go
@ -16,7 +16,6 @@ limitations under the License.
 package installer // import "helm.sh/helm/v3/pkg/plugin/installer"

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@ -29,7 +28,7 @@ var _ Installer = new(LocalInstaller)
 func TestLocalInstaller(t *testing.T) {
 	// Make a temp dir
 	tdir := t.TempDir()
-	if err := ioutil.WriteFile(filepath.Join(tdir, "plugin.yaml"), []byte{}, 0644); err != nil {
+	if err := os.WriteFile(filepath.Join(tdir, "plugin.yaml"), []byte{}, 0644); err != nil {
 		t.Fatal(err)
 	}

--- a/pkg/plugin/plugin.go
+++ b/pkg/plugin/plugin.go
@ -17,7 +17,6 @@ package plugin // import "helm.sh/helm/v3/pkg/plugin"

 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"regexp"
@ -216,7 +215,7 @@ func detectDuplicates(plugs []*Plugin) error {
 // LoadDir loads a plugin from the given directory.
 func LoadDir(dirname string) (*Plugin, error) {
 	pluginfile := filepath.Join(dirname, PluginFileName)
-	data, err := ioutil.ReadFile(pluginfile)
+	data, err := os.ReadFile(pluginfile)
 	if err != nil {
 		return nil, errors.Wrapf(err, "failed to read plugin at %q", pluginfile)
 	}
--- a/pkg/postrender/exec_test.go
+++ b/pkg/postrender/exec_test.go
@ -18,7 +18,6 @@ package postrender

 import (
 	"bytes"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"runtime"
@ -167,7 +166,7 @@ func setupTestingScript(t *testing.T) (filepath string, cleanup func()) {

 	tempdir := ensure.TempDir(t)

-	f, err := ioutil.TempFile(tempdir, "post-render-test.sh")
+	f, err := os.CreateTemp(tempdir, "post-render-test.sh")
 	if err != nil {
 		t.Fatalf("unable to create tempfile for testing: %s", err)
 	}
--- a/pkg/provenance/doc.go
+++ b/pkg/provenance/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package provenance provides tools for establishing the authenticity of a chart.
+/*
+Package provenance provides tools for establishing the authenticity of a chart.

 In Helm, provenance is established via several factors. The primary factor is the
 cryptographic signature of a chart. Chart authors may sign charts, which in turn
--- a/pkg/provenance/sign.go
+++ b/pkg/provenance/sign.go
@ -20,7 +20,6 @@ import (
 	"crypto"
 	"encoding/hex"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -42,9 +41,13 @@ var defaultPGPConfig = packet.Config{
 // SumCollection represents a collection of file and image checksums.
 //
 // Files are of the form:
+//
 //	FILENAME: "sha256:SUM"
+//
 // Images are of the form:
+//
 //	"IMAGE:TAG": "sha256:SUM"
+//
 // Docker optionally supports sha512, and if this is the case, the hash marker
 // will be 'sha512' instead of 'sha256'.
 type SumCollection struct {
@ -293,7 +296,7 @@ func (s *Signatory) Verify(chartpath, sigpath string) (*Verification, error) {
 }

 func (s *Signatory) decodeSignature(filename string) (*clearsign.Block, error) {
-	data, err := ioutil.ReadFile(filename)
+	data, err := os.ReadFile(filename)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/provenance/sign_test.go
+++ b/pkg/provenance/sign_test.go
@ -19,7 +19,6 @@ import (
 	"crypto"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@ -277,7 +276,7 @@ func TestDecodeSignature(t *testing.T) {
 		t.Fatal(err)
 	}

-	f, err := ioutil.TempFile("", "helm-test-sig-")
+	f, err := os.CreateTemp("", "helm-test-sig-")
 	if err != nil {
 		t.Fatal(err)
 	}
@ -334,7 +333,7 @@ func TestVerify(t *testing.T) {

 // readSumFile reads a file containing a sum generated by the UNIX shasum tool.
 func readSumFile(sumfile string) (string, error) {
-	data, err := ioutil.ReadFile(sumfile)
+	data, err := os.ReadFile(sumfile)
 	if err != nil {
 		return "", err
 	}
--- a/pkg/pusher/ocipusher.go
+++ b/pkg/pusher/ocipusher.go
@ -17,7 +17,6 @@ package pusher

 import (
 	"fmt"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"os"
@ -71,7 +70,7 @@ func (pusher *OCIPusher) push(chartRef, href string) error {
 		client = c
 	}

-	chartBytes, err := ioutil.ReadFile(chartRef)
+	chartBytes, err := os.ReadFile(chartRef)
 	if err != nil {
 		return err
 	}
@ -79,7 +78,7 @@ func (pusher *OCIPusher) push(chartRef, href string) error {
 	var pushOpts []registry.PushOption
 	provRef := fmt.Sprintf("%s.prov", chartRef)
 	if _, err := os.Stat(provRef); err == nil {
-		provBytes, err := ioutil.ReadFile(provRef)
+		provBytes, err := os.ReadFile(provRef)
 		if err != nil {
 			return err
 		}
--- a/pkg/registry/client.go
+++ b/pkg/registry/client.go
@ -21,7 +21,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"sort"
 	"strings"
@ -72,7 +71,7 @@ type (
 // NewClient returns a new registry client with config
 func NewClient(options ...ClientOption) (*Client, error) {
 	client := &Client{
-		out: ioutil.Discard,
+		out: io.Discard,
 	}
 	for _, option := range options {
 		option(client)
--- a/pkg/registry/client_tls_test.go
+++ b/pkg/registry/client_tls_test.go
@ -36,6 +36,7 @@ func (suite *TLSRegistryClientTestSuite) SetupSuite() {
 }

 func (suite *TLSRegistryClientTestSuite) TearDownSuite() {
+	teardown(&suite.TestSuite)
 	os.RemoveAll(suite.WorkspaceDir)
 }

--- a/pkg/registry/utils_test.go
+++ b/pkg/registry/utils_test.go
@ -22,7 +22,7 @@ import (
 	"crypto/tls"
 	"fmt"
 	"io"
-	"io/ioutil"
+	"net"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
@ -35,6 +35,7 @@ import (
 	"github.com/distribution/distribution/v3/registry"
 	_ "github.com/distribution/distribution/v3/registry/auth/htpasswd"
 	_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
+	"github.com/foxcpp/go-mockdns"
 	"github.com/phayes/freeport"
 	"github.com/stretchr/testify/suite"
 	"golang.org/x/crypto/bcrypt"
@ -64,6 +65,9 @@ type TestSuite struct {
 	CompromisedRegistryHost string
 	WorkspaceDir            string
 	RegistryClient          *Client
+
+	// A mock DNS server needed for TLS connection testing.
+	srv *mockdns.Server
 }

 func setup(suite *TestSuite, tlsEnabled bool, insecure bool) *registry.Registry {
@ -110,7 +114,7 @@ func setup(suite *TestSuite, tlsEnabled bool, insecure bool) *registry.Registry
 	pwBytes, err := bcrypt.GenerateFromPassword([]byte(testPassword), bcrypt.DefaultCost)
 	suite.Nil(err, "no error generating bcrypt password for test htpasswd file")
 	htpasswdPath := filepath.Join(suite.WorkspaceDir, testHtpasswdFileBasename)
-	err = ioutil.WriteFile(htpasswdPath, []byte(fmt.Sprintf("%s:%s\n", testUsername, string(pwBytes))), 0644)
+	err = os.WriteFile(htpasswdPath, []byte(fmt.Sprintf("%s:%s\n", testUsername, string(pwBytes))), 0644)
 	suite.Nil(err, "no error creating test htpasswd file")

 	// Registry config
@ -123,6 +127,15 @@ func setup(suite *TestSuite, tlsEnabled bool, insecure bool) *registry.Registry
 		// That function does not handle matching of ip addresses in octal,
 		// decimal or hex form.
 		suite.DockerRegistryHost = fmt.Sprintf("0x7f000001:%d", port)
+
+		// As of Go 1.20, Go may lookup "0x7f000001" as a DNS entry and fail.
+		// Using a mock DNS server to handle the address.
+		suite.srv, _ = mockdns.NewServer(map[string]mockdns.Zone{
+			"0x7f000001.": {
+				A: []string{"127.0.0.1"},
+			},
+		}, false)
+		suite.srv.PatchNet(net.DefaultResolver)
 	} else {
 		suite.DockerRegistryHost = fmt.Sprintf("localhost:%d", port)
 	}
@ -153,6 +166,13 @@ func setup(suite *TestSuite, tlsEnabled bool, insecure bool) *registry.Registry
 	return dockerRegistry
 }

+func teardown(suite *TestSuite) {
+	if suite.srv != nil {
+		mockdns.UnpatchNet(net.DefaultResolver)
+		suite.srv.Close()
+	}
+}
+
 func initCompromisedRegistryTestServer() string {
 	s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if strings.Contains(r.URL.Path, "manifests") {
@ -200,7 +220,7 @@ func testPush(suite *TestSuite) {
 	suite.NotNil(err, "error pushing non-chart bytes")

 	// Load a test chart
-	chartData, err := ioutil.ReadFile("../repo/repotest/testdata/examplechart-0.1.0.tgz")
+	chartData, err := os.ReadFile("../repo/repotest/testdata/examplechart-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err := extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")
@ -224,7 +244,7 @@ func testPush(suite *TestSuite) {
 	suite.Nil(err, "no error pushing non-strict ref (bad tag), with strict mode disabled")

 	// basic push, good ref
-	chartData, err = ioutil.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
+	chartData, err = os.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err = extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")
@ -236,13 +256,13 @@ func testPush(suite *TestSuite) {
 	suite.Nil(err, "no error pulling a simple chart")

 	// Load another test chart
-	chartData, err = ioutil.ReadFile("../downloader/testdata/signtest-0.1.0.tgz")
+	chartData, err = os.ReadFile("../downloader/testdata/signtest-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err = extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")

 	// Load prov file
-	provData, err := ioutil.ReadFile("../downloader/testdata/signtest-0.1.0.tgz.prov")
+	provData, err := os.ReadFile("../downloader/testdata/signtest-0.1.0.tgz.prov")
 	suite.Nil(err, "no error loading test prov")

 	// push with prov
@ -284,7 +304,7 @@ func testPull(suite *TestSuite) {
 	suite.NotNil(err, "error on bad/missing ref")

 	// Load test chart (to build ref pushed in previous test)
-	chartData, err := ioutil.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
+	chartData, err := os.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err := extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")
@ -306,14 +326,14 @@ func testPull(suite *TestSuite) {
 		"no error pulling a chart with prov when no prov exists, ignoring missing")

 	// Load test chart (to build ref pushed in previous test)
-	chartData, err = ioutil.ReadFile("../downloader/testdata/signtest-0.1.0.tgz")
+	chartData, err = os.ReadFile("../downloader/testdata/signtest-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err = extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")
 	ref = fmt.Sprintf("%s/testrepo/%s:%s", suite.DockerRegistryHost, meta.Name, meta.Version)

 	// Load prov file
-	provData, err := ioutil.ReadFile("../downloader/testdata/signtest-0.1.0.tgz.prov")
+	provData, err := os.ReadFile("../downloader/testdata/signtest-0.1.0.tgz.prov")
 	suite.Nil(err, "no error loading test prov")

 	// no chart and no prov causes error
@ -358,7 +378,7 @@ func testPull(suite *TestSuite) {

 func testTags(suite *TestSuite) {
 	// Load test chart (to build ref pushed in previous test)
-	chartData, err := ioutil.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
+	chartData, err := os.ReadFile("../downloader/testdata/local-subchart-0.1.0.tgz")
 	suite.Nil(err, "no error loading test chart")
 	meta, err := extractChartMeta(chartData)
 	suite.Nil(err, "no error extracting chart meta")
--- a/pkg/releaseutil/manifest_sorter.go
+++ b/pkg/releaseutil/manifest_sorter.go
@ -117,19 +117,19 @@ func SortManifests(files map[string]string, apis chartutil.VersionSet, ordering
 //
 // To determine hook type, it looks for a YAML structure like this:
 //
-//  kind: SomeKind
-//  apiVersion: v1
-// 	metadata:
-//		annotations:
-//			helm.sh/hook: pre-install
+//	 kind: SomeKind
+//	 apiVersion: v1
+//		metadata:
+//			annotations:
+//				helm.sh/hook: pre-install
 //
 // To determine the policy to delete the hook, it looks for a YAML structure like this:
 //
-//  kind: SomeKind
-//  apiVersion: v1
-//  metadata:
-// 		annotations:
-// 			helm.sh/hook-delete-policy: hook-succeeded
+//	 kind: SomeKind
+//	 apiVersion: v1
+//	 metadata:
+//			annotations:
+//				helm.sh/hook-delete-policy: hook-succeeded
 func (file *manifestFile) sort(result *result) error {
 	// Go through manifests in order found in file (function `SplitManifests` creates integer-sortable keys)
 	var sortedEntryKeys []string
--- a/pkg/repo/chartrepo.go
+++ b/pkg/repo/chartrepo.go
@ -21,7 +21,7 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"log"
 	"net/url"
 	"os"
@ -131,7 +131,7 @@ func (r *ChartRepository) DownloadIndexFile() (string, error) {
 		return "", err
 	}

-	index, err := ioutil.ReadAll(resp)
+	index, err := io.ReadAll(resp)
 	if err != nil {
 		return "", err
 	}
@ -148,12 +148,12 @@ func (r *ChartRepository) DownloadIndexFile() (string, error) {
 	}
 	chartsFile := filepath.Join(r.CachePath, helmpath.CacheChartsFile(r.Config.Name))
 	os.MkdirAll(filepath.Dir(chartsFile), 0755)
-	ioutil.WriteFile(chartsFile, []byte(charts.String()), 0644)
+	os.WriteFile(chartsFile, []byte(charts.String()), 0644)

 	// Create the index file in the cache directory
 	fname := filepath.Join(r.CachePath, helmpath.CacheIndexFile(r.Config.Name))
 	os.MkdirAll(filepath.Dir(fname), 0755)
-	return fname, ioutil.WriteFile(fname, index, 0644)
+	return fname, os.WriteFile(fname, index, 0644)
 }

 // Index generates an index for the chart repository and writes an index.yaml file.
@ -170,7 +170,7 @@ func (r *ChartRepository) saveIndexFile() error {
 	if err != nil {
 		return err
 	}
-	return ioutil.WriteFile(filepath.Join(r.Config.Name, indexPath), index, 0644)
+	return os.WriteFile(filepath.Join(r.Config.Name, indexPath), index, 0644)
 }

 func (r *ChartRepository) generateIndex() error {
--- a/pkg/repo/chartrepo_test.go
+++ b/pkg/repo/chartrepo_test.go
@ -18,7 +18,6 @@ package repo

 import (
 	"bytes"
-	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"os"
@ -151,7 +150,7 @@ func TestIndexCustomSchemeDownload(t *testing.T) {
 	repo.CachePath = ensure.TempDir(t)
 	defer os.RemoveAll(repo.CachePath)

-	tempIndexFile, err := ioutil.TempFile("", "test-repo")
+	tempIndexFile, err := os.CreateTemp("", "test-repo")
 	if err != nil {
 		t.Fatalf("Failed to create temp index file: %v", err)
 	}
@ -266,7 +265,7 @@ func verifyIndex(t *testing.T, actual *IndexFile) {
 // startLocalServerForTests Start the local helm server
 func startLocalServerForTests(handler http.Handler) (*httptest.Server, error) {
 	if handler == nil {
-		fileBytes, err := ioutil.ReadFile("testdata/local-index.yaml")
+		fileBytes, err := os.ReadFile("testdata/local-index.yaml")
 		if err != nil {
 			return nil, err
 		}
@ -281,7 +280,7 @@ func startLocalServerForTests(handler http.Handler) (*httptest.Server, error) {
 // startLocalTLSServerForTests Start the local helm server with TLS
 func startLocalTLSServerForTests(handler http.Handler) (*httptest.Server, error) {
 	if handler == nil {
-		fileBytes, err := ioutil.ReadFile("testdata/local-index.yaml")
+		fileBytes, err := os.ReadFile("testdata/local-index.yaml")
 		if err != nil {
 			return nil, err
 		}
--- a/pkg/repo/doc.go
+++ b/pkg/repo/doc.go
@ -14,7 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package repo implements the Helm Chart Repository.
+/*
+Package repo implements the Helm Chart Repository.

 A chart repository is an HTTP server that provides information on charts. A local
 repository cache is an on-disk representation of a chart repository.
@ -83,9 +84,9 @@ The format of a repository.yaml file is:

 This file maps three bits of information about a repository:

-	- The name the user uses to refer to it
-	- The fully qualified URL to the repository (index.yaml will be appended)
-    - The name of the local cachefile
+  - The name the user uses to refer to it
+  - The fully qualified URL to the repository (index.yaml will be appended)
+  - The name of the local cachefile

 The format for both files was changed after Helm v2.0.0-Alpha.4. Helm is not
 backwards compatible with those earlier versions.
--- a/pkg/repo/index.go
+++ b/pkg/repo/index.go
@ -18,7 +18,6 @@ package repo

 import (
 	"bytes"
-	"io/ioutil"
 	"log"
 	"os"
 	"path"
@ -104,7 +103,7 @@ func NewIndexFile() *IndexFile {

 // LoadIndexFile takes a file at the given path and returns an IndexFile object
 func LoadIndexFile(path string) (*IndexFile, error) {
-	b, err := ioutil.ReadFile(path)
+	b, err := os.ReadFile(path)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/repo/index_test.go
+++ b/pkg/repo/index_test.go
@ -19,7 +19,6 @@ package repo
 import (
 	"bufio"
 	"bytes"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"path/filepath"
@ -273,7 +272,7 @@ func TestDownloadIndexFile(t *testing.T) {
 			t.Fatalf("error finding created charts file: %#v", err)
 		}

-		b, err := ioutil.ReadFile(idx)
+		b, err := os.ReadFile(idx)
 		if err != nil {
 			t.Fatalf("error reading charts file: %#v", err)
 		}
@ -282,7 +281,7 @@ func TestDownloadIndexFile(t *testing.T) {

 	t.Run("should not decode the path in the repo url while downloading index", func(t *testing.T) {
 		chartRepoURLPath := "/some%2Fpath/test"
-		fileBytes, err := ioutil.ReadFile("testdata/local-index.yaml")
+		fileBytes, err := os.ReadFile("testdata/local-index.yaml")
 		if err != nil {
 			t.Fatal(err)
 		}
@ -326,7 +325,7 @@ func TestDownloadIndexFile(t *testing.T) {
 			t.Fatalf("error finding created charts file: %#v", err)
 		}

-		b, err := ioutil.ReadFile(idx)
+		b, err := os.ReadFile(idx)
 		if err != nil {
 			t.Fatalf("error reading charts file: %#v", err)
 		}
@ -533,7 +532,7 @@ func TestIndexWrite(t *testing.T) {
 	testpath := filepath.Join(dir, "test")
 	i.WriteFile(testpath, 0600)

-	got, err := ioutil.ReadFile(testpath)
+	got, err := os.ReadFile(testpath)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/pkg/repo/repo.go
+++ b/pkg/repo/repo.go
@ -17,7 +17,6 @@ limitations under the License.
 package repo // import "helm.sh/helm/v3/pkg/repo"

 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"time"
@ -47,7 +46,7 @@ func NewFile() *File {
 // LoadFile takes a file at the given path and returns a File object
 func LoadFile(path string) (*File, error) {
 	r := new(File)
-	b, err := ioutil.ReadFile(path)
+	b, err := os.ReadFile(path)
 	if err != nil {
 		return r, errors.Wrapf(err, "couldn't load repositories file (%s)", path)
 	}
@ -122,5 +121,5 @@ func (r *File) WriteFile(path string, perm os.FileMode) error {
 	if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
 		return err
 	}
-	return ioutil.WriteFile(path, data, perm)
+	return os.WriteFile(path, data, perm)
 }
--- a/pkg/repo/repo_test.go
+++ b/pkg/repo/repo_test.go
@ -17,7 +17,6 @@ limitations under the License.
 package repo

 import (
-	"io/ioutil"
 	"os"
 	"strings"
 	"testing"
@ -115,11 +114,11 @@ func TestRepoFile_Get(t *testing.T) {
 	name := "second"

 	entry := repo.Get(name)
-	if entry == nil {
+	if entry == nil { //nolint:staticcheck
 		t.Fatalf("Expected repo entry %q to be found", name)
 	}

-	if entry.URL != "https://example.com/second" {
+	if entry.URL != "https://example.com/second" { //nolint:staticcheck
 		t.Errorf("Expected repo URL to be %q but got %q", "https://example.com/second", entry.URL)
 	}

@ -198,7 +197,7 @@ func TestWriteFile(t *testing.T) {
 		},
 	)

-	file, err := ioutil.TempFile("", "helm-repo")
+	file, err := os.CreateTemp("", "helm-repo")
 	if err != nil {
 		t.Errorf("failed to create test-file (%v)", err)
 	}
--- a/pkg/repo/repotest/doc.go
+++ b/pkg/repo/repotest/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package repotest provides utilities for testing.
+/*
+Package repotest provides utilities for testing.

 The server provides a testing server that can be set up and torn down quickly.
 */
--- a/pkg/repo/repotest/server.go
+++ b/pkg/repo/repotest/server.go
@ -18,7 +18,6 @@ package repotest
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"os"
@ -102,7 +101,7 @@ func NewOCIServer(t *testing.T, dir string) (*OCIServer, error) {
 		t.Fatal("error generating bcrypt password for test htpasswd file")
 	}
 	htpasswdPath := filepath.Join(dir, testHtpasswdFileBasename)
-	err = ioutil.WriteFile(htpasswdPath, []byte(fmt.Sprintf("%s:%s\n", testUsername, string(pwBytes))), 0644)
+	err = os.WriteFile(htpasswdPath, []byte(fmt.Sprintf("%s:%s\n", testUsername, string(pwBytes))), 0644)
 	if err != nil {
 		t.Fatalf("error creating test htpasswd file")
 	}
@ -194,7 +193,7 @@ func (srv *OCIServer) Run(t *testing.T, opts ...OCIServerOpt) {
 	}

 	// load it into memory...
-	contentBytes, err := ioutil.ReadFile(absPath)
+	contentBytes, err := os.ReadFile(absPath)
 	if err != nil {
 		t.Fatal("could not load chart into memory")
 	}
@ -222,7 +221,7 @@ func (srv *OCIServer) Run(t *testing.T, opts ...OCIServerOpt) {
 	// load it into memory...
 	absPath = filepath.Join(srv.Dir,
 		fmt.Sprintf("%s-%s.tgz", c.Metadata.Name, c.Metadata.Version))
-	contentBytes, err = ioutil.ReadFile(absPath)
+	contentBytes, err = os.ReadFile(absPath)
 	if err != nil {
 		t.Fatal("could not load chart into memory")
 	}
@ -249,7 +248,7 @@ func (srv *OCIServer) Run(t *testing.T, opts ...OCIServerOpt) {
 //
 // Deprecated: use NewTempServerWithCleanup
 func NewTempServer(glob string) (*Server, error) {
-	tdir, err := ioutil.TempDir("", "helm-repotest-")
+	tdir, err := os.MkdirTemp("", "helm-repotest-")
 	if err != nil {
 		return nil, err
 	}
@ -317,11 +316,11 @@ func (s *Server) CopyCharts(origin string) ([]string, error) {
 	for i, f := range files {
 		base := filepath.Base(f)
 		newname := filepath.Join(s.docroot, base)
-		data, err := ioutil.ReadFile(f)
+		data, err := os.ReadFile(f)
 		if err != nil {
 			return []string{}, err
 		}
-		if err := ioutil.WriteFile(newname, data, 0644); err != nil {
+		if err := os.WriteFile(newname, data, 0644); err != nil {
 			return []string{}, err
 		}
 		copied[i] = newname
@ -345,7 +344,7 @@ func (s *Server) CreateIndex() error {
 	}

 	ifile := filepath.Join(s.docroot, "index.yaml")
-	return ioutil.WriteFile(ifile, d, 0644)
+	return os.WriteFile(ifile, d, 0644)
 }

 func (s *Server) Start() {
--- a/pkg/repo/repotest/server_test.go
+++ b/pkg/repo/repotest/server_test.go
@ -16,7 +16,7 @@ limitations under the License.
 package repotest

 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 	"os"
 	"path/filepath"
@ -68,7 +68,7 @@ func TestServer(t *testing.T) {
 		t.Fatal(err)
 	}

-	data, err := ioutil.ReadAll(res.Body)
+	data, err := io.ReadAll(res.Body)
 	res.Body.Close()
 	if err != nil {
 		t.Fatal(err)
--- a/pkg/storage/driver/cfgmaps.go
+++ b/pkg/storage/driver/cfgmaps.go
@ -220,13 +220,12 @@ func (cfgmaps *ConfigMaps) Delete(key string) (rls *rspb.Release, err error) {
 //
 // The following labels are used within each configmap:
 //
-//    "modifiedAt"     - timestamp indicating when this configmap was last modified. (set in Update)
-//    "createdAt"      - timestamp indicating when this configmap was created. (set in Create)
-//    "version"        - version of the release.
-//    "status"         - status of the release (see pkg/release/status.go for variants)
-//    "owner"          - owner of the configmap, currently "helm".
-//    "name"           - name of the release.
-//
+//	"modifiedAt"     - timestamp indicating when this configmap was last modified. (set in Update)
+//	"createdAt"      - timestamp indicating when this configmap was created. (set in Create)
+//	"version"        - version of the release.
+//	"status"         - status of the release (see pkg/release/status.go for variants)
+//	"owner"          - owner of the configmap, currently "helm".
+//	"name"           - name of the release.
 func newConfigMapsObject(key string, rls *rspb.Release, lbs labels) (*v1.ConfigMap, error) {
 	const owner = "helm"

--- a/pkg/storage/driver/secrets.go
+++ b/pkg/storage/driver/secrets.go
@ -202,13 +202,12 @@ func (secrets *Secrets) Delete(key string) (rls *rspb.Release, err error) {
 //
 // The following labels are used within each secret:
 //
-//    "modifiedAt"    - timestamp indicating when this secret was last modified. (set in Update)
-//    "createdAt"     - timestamp indicating when this secret was created. (set in Create)
-//    "version"        - version of the release.
-//    "status"         - status of the release (see pkg/release/status.go for variants)
-//    "owner"          - owner of the secret, currently "helm".
-//    "name"           - name of the release.
-//
+//	"modifiedAt"    - timestamp indicating when this secret was last modified. (set in Update)
+//	"createdAt"     - timestamp indicating when this secret was created. (set in Create)
+//	"version"        - version of the release.
+//	"status"         - status of the release (see pkg/release/status.go for variants)
+//	"owner"          - owner of the secret, currently "helm".
+//	"name"           - name of the release.
 func newSecretsObject(key string, rls *rspb.Release, lbs labels) (*v1.Secret, error) {
 	const owner = "helm"

--- a/pkg/storage/driver/util.go
+++ b/pkg/storage/driver/util.go
@ -21,7 +21,7 @@ import (
 	"compress/gzip"
 	"encoding/base64"
 	"encoding/json"
-	"io/ioutil"
+	"io"

 	rspb "helm.sh/helm/v3/pkg/release"
 )
@ -69,7 +69,7 @@ func decodeRelease(data string) (*rspb.Release, error) {
 			return nil, err
 		}
 		defer r.Close()
-		b2, err := ioutil.ReadAll(r)
+		b2, err := io.ReadAll(r)
 		if err != nil {
 			return nil, err
 		}
--- a/pkg/strvals/doc.go
+++ b/pkg/strvals/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package strvals provides tools for working with strval lines.
+/*
+Package strvals provides tools for working with strval lines.

 Helm supports a compressed format for YAML settings which we call strvals.
 The format is roughly like this:
--- a/pkg/strvals/parser.go
+++ b/pkg/strvals/parser.go
@ -20,7 +20,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"strconv"
 	"strings"
 	"unicode"
@ -110,7 +109,6 @@ func ParseIntoString(s string, dest map[string]interface{}) error {
 // An empty val is treated as null.
 //
 // If a key exists in dest, the new value overwrites the dest version.
-//
 func ParseJSON(s string, dest map[string]interface{}) error {
 	scanner := bytes.NewBufferString(s)
 	t := newJSONParser(scanner, dest)
@ -232,7 +230,7 @@ func (t *parser) key(data map[string]interface{}, nestedNameLevel int) (reterr e
 					return err
 				}
 				set(data, string(k), jsonval)
-				if _, err = io.CopyN(ioutil.Discard, t.sc, dec.InputOffset()); err != nil {
+				if _, err = io.CopyN(io.Discard, t.sc, dec.InputOffset()); err != nil {
 					return err
 				}
 				// skip possible blanks and comma
@ -366,7 +364,7 @@ func (t *parser) listItem(list []interface{}, i, nestedNameLevel int) ([]interfa
 			if list, err = setIndex(list, i, jsonval); err != nil {
 				return list, err
 			}
-			if _, err = io.CopyN(ioutil.Discard, t.sc, dec.InputOffset()); err != nil {
+			if _, err = io.CopyN(io.Discard, t.sc, dec.InputOffset()); err != nil {
 				return list, err
 			}
 			// skip possible blanks and comma
--- a/pkg/uploader/doc.go
+++ b/pkg/uploader/doc.go
@ -13,7 +13,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-/*Package uploader provides a library for uploading charts.
+/*
+Package uploader provides a library for uploading charts.

 This package contains tools for uploading charts to registries.
 */