Merge pull request #8933 from wawa0210/fix-helm-package-escape-invalid-version

Fix invalid semver version number of the helm package command will escape
4 years ago · 9c97dc8fa2
parent 9aa0fbee6c 2c19838295
commit 9c97dc8fa2
2 changed files with 52 additions and 31 deletions
--- a/pkg/action/package.go
+++ b/pkg/action/package.go
@ -27,7 +27,6 @@ import (
 	"github.com/pkg/errors"
 	"golang.org/x/crypto/ssh/terminal"

-	"helm.sh/helm/v3/pkg/chart"
 	"helm.sh/helm/v3/pkg/chart/loader"
 	"helm.sh/helm/v3/pkg/chartutil"
 	"helm.sh/helm/v3/pkg/provenance"
@ -64,9 +63,11 @@ func (p *Package) Run(path string, vals map[string]interface{}) (string, error)

 	// If version is set, modify the version.
 	if p.Version != "" {
-		if err := setVersion(ch, p.Version); err != nil {
-			return "", err
-		}
+		ch.Metadata.Version = p.Version
+	}
+
+	if err := validateVersion(ch.Metadata.Version); err != nil {
+		return "", err
 	}

 	if p.AppVersion != "" {
@ -103,14 +104,11 @@ func (p *Package) Run(path string, vals map[string]interface{}) (string, error)
 	return name, err
 }

-func setVersion(ch *chart.Chart, ver string) error {
-	// Verify that version is a Version, and error out if it is not.
+// validateVersion Verify that version is a Version, and error out if it is not.
+func validateVersion(ver string) error {
 	if _, err := semver.NewVersion(ver); err != nil {
 		return err
 	}
-
-	// Set the version field on the chart.
-	ch.Metadata.Version = ver
 	return nil
 }

--- a/pkg/action/package_test.go
+++ b/pkg/action/package_test.go
@ -22,31 +22,11 @@ import (
 	"path"
 	"testing"

+	"github.com/Masterminds/semver/v3"
+
 	"helm.sh/helm/v3/internal/test/ensure"
-	"helm.sh/helm/v3/pkg/chart"
 )

-func TestSetVersion(t *testing.T) {
-	c := &chart.Chart{
-		Metadata: &chart.Metadata{
-			Name:    "prow",
-			Version: "0.0.1",
-		},
-	}
-	expect := "1.2.3-beta.5"
-	if err := setVersion(c, expect); err != nil {
-		t.Fatal(err)
-	}
-
-	if c.Metadata.Version != expect {
-		t.Errorf("Expected %q, got %q", expect, c.Metadata.Version)
-	}
-
-	if err := setVersion(c, "monkeyface"); err == nil {
-		t.Error("Expected bogus version to return an error.")
-	}
-}
-
 func TestPassphraseFileFetcher(t *testing.T) {
 	secret := "secret"
 	directory := ensure.TempFile(t, "passphrase-file", []byte(secret))
@ -100,3 +80,46 @@ func TestPassphraseFileFetcher_WithInvalidStdin(t *testing.T) {
 		t.Error("Expected passphraseFileFetcher returning an error")
 	}
 }
+
+func TestValidateVersion(t *testing.T) {
+	type args struct {
+		ver string
+	}
+	tests := []struct {
+		name    string
+		args    args
+		wantErr error
+	}{
+		{
+			"normal semver version",
+			args{
+				ver: "1.1.3-23658",
+			},
+			nil,
+		},
+		{
+			"Pre version number starting with 0",
+			args{
+				ver: "1.1.3-023658",
+			},
+			semver.ErrSegmentStartsZero,
+		},
+		{
+			"Invalid version number",
+			args{
+				ver: "1.1.3.sd.023658",
+			},
+			semver.ErrInvalidSemVer,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if err := validateVersion(tt.args.ver); err != nil {
+				if err != tt.wantErr {
+					t.Errorf("Expected {%v}, got {%v}", tt.wantErr, err)
+				}
+
+			}
+		})
+	}
+}