allow settings TLS flags from environment variables (#4590)

Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
pull/4608/head
Matthew Fisher 6 years ago committed by GitHub
parent 941b1f4d68
commit bef59e40dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -78,6 +78,7 @@ func newDeleteCmd(c helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.BoolVar(&del.dryRun, "dry-run", false, "simulate a delete") f.BoolVar(&del.dryRun, "dry-run", false, "simulate a delete")
f.BoolVar(&del.disableHooks, "no-hooks", false, "prevent hooks from running during deletion") f.BoolVar(&del.disableHooks, "no-hooks", false, "prevent hooks from running during deletion")
f.BoolVar(&del.purge, "purge", false, "remove the release from the store and make its name free for later use") f.BoolVar(&del.purge, "purge", false, "remove the release from the store and make its name free for later use")

@ -70,12 +70,14 @@ func newGetCmd(client helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
cmd.Flags().Int32Var(&get.version, "revision", 0, "get the named release with revision") f := cmd.Flags()
settings.AddFlagsTLS(f)
cmd.AddCommand(addFlagsTLS(newGetValuesCmd(nil, out))) f.Int32Var(&get.version, "revision", 0, "get the named release with revision")
cmd.AddCommand(addFlagsTLS(newGetManifestCmd(nil, out)))
cmd.AddCommand(addFlagsTLS(newGetHooksCmd(nil, out))) cmd.AddCommand(newGetValuesCmd(nil, out))
cmd.AddCommand(addFlagsTLS(newGetNotesCmd(nil, out))) cmd.AddCommand(newGetManifestCmd(nil, out))
cmd.AddCommand(newGetHooksCmd(nil, out))
cmd.AddCommand(newGetNotesCmd(nil, out))
return cmd return cmd
} }

@ -57,7 +57,9 @@ func newGetHooksCmd(client helm.Interface, out io.Writer) *cobra.Command {
return ghc.run() return ghc.run()
}, },
} }
cmd.Flags().Int32Var(&ghc.version, "revision", 0, "get the named release with revision") f := cmd.Flags()
settings.AddFlagsTLS(f)
f.Int32Var(&ghc.version, "revision", 0, "get the named release with revision")
return cmd return cmd
} }

@ -60,7 +60,9 @@ func newGetManifestCmd(client helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
cmd.Flags().Int32Var(&get.version, "revision", 0, "get the named release with revision") f := cmd.Flags()
settings.AddFlagsTLS(f)
f.Int32Var(&get.version, "revision", 0, "get the named release with revision")
return cmd return cmd
} }

@ -59,7 +59,9 @@ func newGetNotesCmd(client helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
cmd.PersistentFlags().Int32Var(&get.version, "revision", 0, "get the notes of the named release with revision") f := cmd.Flags()
settings.AddFlagsTLS(f)
f.Int32Var(&get.version, "revision", 0, "get the notes of the named release with revision")
return cmd return cmd
} }

@ -58,8 +58,10 @@ func newGetValuesCmd(client helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
cmd.Flags().Int32Var(&get.version, "revision", 0, "get the named release with revision") f := cmd.Flags()
cmd.Flags().BoolVarP(&get.allValues, "all", "a", false, "dump all (computed) values") settings.AddFlagsTLS(f)
f.Int32Var(&get.version, "revision", 0, "get the named release with revision")
f.BoolVarP(&get.allValues, "all", "a", false, "dump all (computed) values")
return cmd return cmd
} }

@ -47,10 +47,6 @@ var (
tlsVerify bool // enable TLS and verify remote certificates tlsVerify bool // enable TLS and verify remote certificates
tlsEnable bool // enable TLS tlsEnable bool // enable TLS
tlsCaCertDefault = "$HELM_HOME/ca.pem"
tlsCertDefault = "$HELM_HOME/cert.pem"
tlsKeyDefault = "$HELM_HOME/key.pem"
tillerTunnel *kube.Tunnel tillerTunnel *kube.Tunnel
settings helm_env.EnvSettings settings helm_env.EnvSettings
) )
@ -77,6 +73,11 @@ Environment:
$HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. $HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
$TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system") $TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system")
$KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config") $KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config")
$HELM_TLS_CA_CERT path to TLS CA certificate used to verify the Helm client and Tiller server certificates (default "$HELM_HOME/ca.pem")
$HELM_TLS_CERT path to TLS client certificate file for authenticating to Tiller (default "$HELM_HOME/cert.pem")
$HELM_TLS_KEY path to TLS client key file for authenticating to Tiller (default "$HELM_HOME/key.pem")
$HELM_TLS_VERIFY enable TLS connection between Helm and Tiller and verify Tiller server certificate (default "false")
$HELM_TLS_ENABLE enable TLS connection between Helm and Tiller (default "false")
` `
func newRootCmd(args []string) *cobra.Command { func newRootCmd(args []string) *cobra.Command {
@ -114,18 +115,18 @@ func newRootCmd(args []string) *cobra.Command {
newVerifyCmd(out), newVerifyCmd(out),
// release commands // release commands
addFlagsTLS(newDeleteCmd(nil, out)), newDeleteCmd(nil, out),
addFlagsTLS(newGetCmd(nil, out)), newGetCmd(nil, out),
addFlagsTLS(newHistoryCmd(nil, out)), newHistoryCmd(nil, out),
addFlagsTLS(newInstallCmd(nil, out)), newInstallCmd(nil, out),
addFlagsTLS(newListCmd(nil, out)), newListCmd(nil, out),
addFlagsTLS(newRollbackCmd(nil, out)), newRollbackCmd(nil, out),
addFlagsTLS(newStatusCmd(nil, out)), newStatusCmd(nil, out),
addFlagsTLS(newUpgradeCmd(nil, out)), newUpgradeCmd(nil, out),
addFlagsTLS(newReleaseTestCmd(nil, out)), newReleaseTestCmd(nil, out),
addFlagsTLS(newResetCmd(nil, out)), newResetCmd(nil, out),
addFlagsTLS(newVersionCmd(nil, out)), newVersionCmd(nil, out),
newCompletionCmd(out), newCompletionCmd(out),
newHomeCmd(out), newHomeCmd(out),
@ -142,9 +143,6 @@ func newRootCmd(args []string) *cobra.Command {
flags.Parse(args) flags.Parse(args)
// set defaults from environment
settings.Init(flags)
// Find and add plugins // Find and add plugins
loadPlugins(cmd, out) loadPlugins(cmd, out)
@ -276,7 +274,7 @@ func ensureHelmClient(h helm.Interface) helm.Interface {
func newClient() helm.Interface { func newClient() helm.Interface {
options := []helm.Option{helm.Host(settings.TillerHost), helm.ConnectTimeout(settings.TillerConnectionTimeout)} options := []helm.Option{helm.Host(settings.TillerHost), helm.ConnectTimeout(settings.TillerConnectionTimeout)}
if tlsVerify || tlsEnable { if settings.TLSVerify || settings.TLSEnable {
if tlsCaCertFile == "" { if tlsCaCertFile == "" {
tlsCaCertFile = settings.Home.TLSCaCert() tlsCaCertFile = settings.Home.TLSCaCert()
} }
@ -306,17 +304,3 @@ func newClient() helm.Interface {
} }
return helm.NewClient(options...) return helm.NewClient(options...)
} }
// addFlagsTLS adds the flags for supporting client side TLS to the
// helm command (only those that invoke communicate to Tiller.)
func addFlagsTLS(cmd *cobra.Command) *cobra.Command {
// add flags
cmd.Flags().StringVar(&tlsServerName, "tls-hostname", settings.TillerHost, "the server name used to verify the hostname on the returned certificates from the server")
cmd.Flags().StringVar(&tlsCaCertFile, "tls-ca-cert", tlsCaCertDefault, "path to TLS CA certificate file")
cmd.Flags().StringVar(&tlsCertFile, "tls-cert", tlsCertDefault, "path to TLS certificate file")
cmd.Flags().StringVar(&tlsKeyFile, "tls-key", tlsKeyDefault, "path to TLS key file")
cmd.Flags().BoolVar(&tlsVerify, "tls-verify", false, "enable TLS for request and verify remote")
cmd.Flags().BoolVar(&tlsEnable, "tls", false, "enable TLS for request")
return cmd
}

@ -88,6 +88,7 @@ func newHistoryCmd(c helm.Interface, w io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.Int32Var(&his.max, "max", 256, "maximum number of revision to include in history") f.Int32Var(&his.max, "max", 256, "maximum number of revision to include in history")
f.UintVar(&his.colWidth, "col-width", 60, "specifies the max column width of output") f.UintVar(&his.colWidth, "col-width", 60, "specifies the max column width of output")
f.StringVarP(&his.outputFormat, "output", "o", "table", "prints the output in the specified format (json|table|yaml)") f.StringVarP(&his.outputFormat, "output", "o", "table", "prints the output in the specified format (json|table|yaml)")

@ -193,6 +193,7 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.VarP(&inst.valueFiles, "values", "f", "specify values in a YAML file or a URL(can specify multiple)") f.VarP(&inst.valueFiles, "values", "f", "specify values in a YAML file or a URL(can specify multiple)")
f.StringVarP(&inst.name, "name", "n", "", "release name. If unspecified, it will autogenerate one for you") f.StringVarP(&inst.name, "name", "n", "", "release name. If unspecified, it will autogenerate one for you")
f.StringVar(&inst.namespace, "namespace", "", "namespace to install the release into. Defaults to the current kube config namespace.") f.StringVar(&inst.namespace, "namespace", "", "namespace to install the release into. Defaults to the current kube config namespace.")

@ -120,6 +120,7 @@ func newListCmd(client helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.BoolVarP(&list.short, "short", "q", false, "output short (quiet) listing format") f.BoolVarP(&list.short, "short", "q", false, "output short (quiet) listing format")
f.BoolVarP(&list.byDate, "date", "d", false, "sort by release date") f.BoolVarP(&list.byDate, "date", "d", false, "sort by release date")
f.BoolVarP(&list.sortDesc, "reverse", "r", false, "reverse the sort order") f.BoolVarP(&list.sortDesc, "reverse", "r", false, "reverse the sort order")

@ -64,6 +64,7 @@ func newReleaseTestCmd(c helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.Int64Var(&rlsTest.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)") f.Int64Var(&rlsTest.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)")
f.BoolVar(&rlsTest.cleanup, "cleanup", false, "delete test pods upon completion") f.BoolVar(&rlsTest.cleanup, "cleanup", false, "delete test pods upon completion")

@ -77,6 +77,7 @@ func newResetCmd(client helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.BoolVarP(&d.force, "force", "f", false, "forces Tiller uninstall even if there are releases installed, or if Tiller is not in ready state. Releases are not deleted.)") f.BoolVarP(&d.force, "force", "f", false, "forces Tiller uninstall even if there are releases installed, or if Tiller is not in ready state. Releases are not deleted.)")
f.BoolVar(&d.removeHelmHome, "remove-helm-home", false, "if set deletes $HELM_HOME") f.BoolVar(&d.removeHelmHome, "remove-helm-home", false, "if set deletes $HELM_HOME")

@ -78,6 +78,7 @@ func newRollbackCmd(c helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.BoolVar(&rollback.dryRun, "dry-run", false, "simulate a rollback") f.BoolVar(&rollback.dryRun, "dry-run", false, "simulate a rollback")
f.BoolVar(&rollback.recreate, "recreate-pods", false, "performs pods restart for the resource if applicable") f.BoolVar(&rollback.recreate, "recreate-pods", false, "performs pods restart for the resource if applicable")
f.BoolVar(&rollback.force, "force", false, "force resource update through delete/recreate if needed") f.BoolVar(&rollback.force, "force", false, "force resource update through delete/recreate if needed")

@ -76,8 +76,10 @@ func newStatusCmd(client helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
cmd.PersistentFlags().Int32Var(&status.version, "revision", 0, "if set, display the status of the named release with revision") f := cmd.Flags()
cmd.PersistentFlags().StringVarP(&status.outfmt, "output", "o", "", "output the status in the specified format (json or yaml)") settings.AddFlagsTLS(f)
f.Int32Var(&status.version, "revision", 0, "if set, display the status of the named release with revision")
f.StringVarP(&status.outfmt, "output", "o", "", "output the status in the specified format (json or yaml)")
return cmd return cmd
} }

@ -147,6 +147,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command {
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.VarP(&upgrade.valueFiles, "values", "f", "specify values in a YAML file or a URL(can specify multiple)") f.VarP(&upgrade.valueFiles, "values", "f", "specify values in a YAML file or a URL(can specify multiple)")
f.BoolVar(&upgrade.dryRun, "dry-run", false, "simulate an upgrade") f.BoolVar(&upgrade.dryRun, "dry-run", false, "simulate an upgrade")
f.BoolVar(&upgrade.recreate, "recreate-pods", false, "performs pods restart for the resource if applicable") f.BoolVar(&upgrade.recreate, "recreate-pods", false, "performs pods restart for the resource if applicable")

@ -77,6 +77,7 @@ func newVersionCmd(c helm.Interface, out io.Writer) *cobra.Command {
}, },
} }
f := cmd.Flags() f := cmd.Flags()
settings.AddFlagsTLS(f)
f.BoolVarP(&version.showClient, "client", "c", false, "client version only") f.BoolVarP(&version.showClient, "client", "c", false, "client version only")
f.BoolVarP(&version.showServer, "server", "s", false, "server version only") f.BoolVarP(&version.showServer, "server", "s", false, "server version only")
f.BoolVar(&version.short, "short", false, "print the version number") f.BoolVar(&version.short, "short", false, "print the version number")

@ -26,6 +26,11 @@ Environment:
$HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. $HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
$TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system") $TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system")
$KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config") $KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config")
$HELM_TLS_CA_CERT path to TLS CA certificate used to verify the Helm client and Tiller server certificates (default "$HELM_HOME/ca.pem")
$HELM_TLS_CERT path to TLS client certificate file for authenticating to Tiller (default "$HELM_HOME/cert.pem")
$HELM_TLS_KEY path to TLS client key file for authenticating to Tiller (default "$HELM_HOME/key.pem")
$HELM_TLS_VERIFY enable TLS connection between Helm and Tiller and verify Tiller server certificate (default "false")
$HELM_TLS_ENABLE enable TLS connection between Helm and Tiller (default "false")
### Options ### Options
@ -70,4 +75,4 @@ Environment:
* [helm verify](helm_verify.md) - verify that a chart at the given path has been signed and is valid * [helm verify](helm_verify.md) - verify that a chart at the given path has been signed and is valid
* [helm version](helm_version.md) - print the client/server version information * [helm version](helm_version.md) - print the client/server version information
###### Auto generated by spf13/cobra on 1-Sep-2018 ###### Auto generated by spf13/cobra on 4-Sep-2018

@ -32,6 +32,19 @@ import (
"k8s.io/helm/pkg/helm/helmpath" "k8s.io/helm/pkg/helm/helmpath"
) )
const (
// DefaultTLSCaCert is the default value for HELM_TLS_CA_CERT
DefaultTLSCaCert = "$HELM_HOME/ca.pem"
// DefaultTLSCert is the default value for HELM_TLS_CERT
DefaultTLSCert = "$HELM_HOME/cert.pem"
// DefaultTLSKeyFile is the default value for HELM_TLS_KEY_FILE
DefaultTLSKeyFile = "$HELM_HOME/key.pem"
// DefaultTLSEnable is the default value for HELM_TLS_ENABLE
DefaultTLSEnable = false
// DefaultTLSVerify is the default value for HELM_TLS_VERIFY
DefaultTLSVerify = false
)
// DefaultHelmHome is the default HELM_HOME. // DefaultHelmHome is the default HELM_HOME.
var DefaultHelmHome = filepath.Join(homedir.HomeDir(), ".helm") var DefaultHelmHome = filepath.Join(homedir.HomeDir(), ".helm")
@ -39,7 +52,7 @@ var DefaultHelmHome = filepath.Join(homedir.HomeDir(), ".helm")
type EnvSettings struct { type EnvSettings struct {
// TillerHost is the host and port of Tiller. // TillerHost is the host and port of Tiller.
TillerHost string TillerHost string
// TillerConnectionTimeout is the duration (in seconds) helm will wait to establish a connection to tiller. // TillerConnectionTimeout is the duration (in seconds) helm will wait to establish a connection to Tiller.
TillerConnectionTimeout int64 TillerConnectionTimeout int64
// TillerNamespace is the namespace in which Tiller runs. // TillerNamespace is the namespace in which Tiller runs.
TillerNamespace string TillerNamespace string
@ -51,6 +64,18 @@ type EnvSettings struct {
KubeContext string KubeContext string
// KubeConfig is the path to an explicit kubeconfig file. This overwrites the value in $KUBECONFIG // KubeConfig is the path to an explicit kubeconfig file. This overwrites the value in $KUBECONFIG
KubeConfig string KubeConfig string
// TLSEnable tells helm to communicate with Tiller via TLS
TLSEnable bool
// TLSVerify tells helm to communicate with Tiller via TLS and to verify remote certificates served by Tiller
TLSVerify bool
// TLSServerName tells helm to verify the hostname on the returned certificates from Tiller
TLSServerName string
// TLSCaCertFile is the path to a TLS CA certificate file
TLSCaCertFile string
// TLSCertFile is the path to a TLS certificate file
TLSCertFile string
// TLSKeyFile is the path to a TLS key file
TLSKeyFile string
} }
// AddFlags binds flags to the given flagset. // AddFlags binds flags to the given flagset.
@ -62,15 +87,45 @@ func (s *EnvSettings) AddFlags(fs *pflag.FlagSet) {
fs.BoolVar(&s.Debug, "debug", false, "enable verbose output") fs.BoolVar(&s.Debug, "debug", false, "enable verbose output")
fs.StringVar(&s.TillerNamespace, "tiller-namespace", "kube-system", "namespace of Tiller") fs.StringVar(&s.TillerNamespace, "tiller-namespace", "kube-system", "namespace of Tiller")
fs.Int64Var(&s.TillerConnectionTimeout, "tiller-connection-timeout", int64(300), "the duration (in seconds) Helm will wait to establish a connection to tiller") fs.Int64Var(&s.TillerConnectionTimeout, "tiller-connection-timeout", int64(300), "the duration (in seconds) Helm will wait to establish a connection to tiller")
envMap := map[string]string{
"debug": "HELM_DEBUG",
"home": "HELM_HOME",
"host": "HELM_HOST",
"tiller-namespace": "TILLER_NAMESPACE",
}
for name, envar := range envMap {
setFlagFromEnv(name, envar, fs)
}
}
// AddFlagsTLS adds the flags for supporting client side TLS to the given flagset.
func (s *EnvSettings) AddFlagsTLS(fs *pflag.FlagSet) {
fs.StringVar(&s.TLSServerName, "tls-hostname", s.TillerHost, "the server name used to verify the hostname on the returned certificates from the server")
fs.StringVar(&s.TLSCaCertFile, "tls-ca-cert", DefaultTLSCaCert, "path to TLS CA certificate file")
fs.StringVar(&s.TLSCertFile, "tls-cert", DefaultTLSCert, "path to TLS certificate file")
fs.StringVar(&s.TLSKeyFile, "tls-key", DefaultTLSKeyFile, "path to TLS key file")
fs.BoolVar(&s.TLSVerify, "tls-verify", DefaultTLSVerify, "enable TLS for request and verify remote")
fs.BoolVar(&s.TLSEnable, "tls", DefaultTLSEnable, "enable TLS for request")
envMap := map[string]string{
"tls-hostname": "HELM_TLS_HOSTNAME",
"tls-ca-cert": "HELM_TLS_CA_CERT",
"tls-cert": "HELM_TLS_CERT",
"tls-key": "HELM_TLS_KEY",
"tls-verify": "HELM_TLS_VERIFY",
"tls": "HELM_TLS_ENABLE",
} }
// Init sets values from the environment.
func (s *EnvSettings) Init(fs *pflag.FlagSet) {
for name, envar := range envMap { for name, envar := range envMap {
setFlagFromEnv(name, envar, fs) setFlagFromEnv(name, envar, fs)
} }
} }
// Init is deprecated; calling `.AddFlags` or `.AddFlagsTLS` directly will set the flags to their default values from the environment, so this is a no-op.
func (s *EnvSettings) Init(fs *pflag.FlagSet) {}
// PluginDirs is the path to the plugin directories. // PluginDirs is the path to the plugin directories.
func (s EnvSettings) PluginDirs() string { func (s EnvSettings) PluginDirs() string {
if d, ok := os.LookupEnv("HELM_PLUGIN"); ok { if d, ok := os.LookupEnv("HELM_PLUGIN"); ok {
@ -79,14 +134,6 @@ func (s EnvSettings) PluginDirs() string {
return s.Home.Plugins() return s.Home.Plugins()
} }
// envMap maps flag names to envvars
var envMap = map[string]string{
"debug": "HELM_DEBUG",
"home": "HELM_HOME",
"host": "HELM_HOST",
"tiller-namespace": "TILLER_NAMESPACE",
}
func setFlagFromEnv(name, envar string, fs *pflag.FlagSet) { func setFlagFromEnv(name, envar string, fs *pflag.FlagSet) {
if fs.Changed(name) { if fs.Changed(name) {
return return

@ -36,7 +36,7 @@ func TestEnvSettings(t *testing.T) {
// expected values // expected values
home, host, ns, kcontext, kconfig, plugins string home, host, ns, kcontext, kconfig, plugins string
debug bool debug, tlsverify bool
}{ }{
{ {
name: "defaults", name: "defaults",
@ -44,6 +44,7 @@ func TestEnvSettings(t *testing.T) {
home: DefaultHelmHome, home: DefaultHelmHome,
plugins: helmpath.Home(DefaultHelmHome).Plugins(), plugins: helmpath.Home(DefaultHelmHome).Plugins(),
ns: "kube-system", ns: "kube-system",
tlsverify: false,
}, },
{ {
name: "with flags set", name: "with flags set",
@ -54,6 +55,7 @@ func TestEnvSettings(t *testing.T) {
ns: "myns", ns: "myns",
kconfig: "/bar", kconfig: "/bar",
debug: true, debug: true,
tlsverify: false,
}, },
{ {
name: "with envvars set", name: "with envvars set",
@ -64,6 +66,18 @@ func TestEnvSettings(t *testing.T) {
host: "there", host: "there",
ns: "yourns", ns: "yourns",
debug: true, debug: true,
tlsverify: false,
},
{
name: "with TLS envvars set",
args: []string{},
envars: map[string]string{"HELM_HOME": "/bar", "HELM_HOST": "there", "HELM_DEBUG": "1", "TILLER_NAMESPACE": "yourns", "HELM_TLS_VERIFY": "1"},
home: "/bar",
plugins: helmpath.Home("/bar").Plugins(),
host: "there",
ns: "yourns",
debug: true,
tlsverify: true,
}, },
{ {
name: "with flags and envvars set", name: "with flags and envvars set",
@ -74,11 +88,26 @@ func TestEnvSettings(t *testing.T) {
host: "here", host: "here",
ns: "myns", ns: "myns",
debug: true, debug: true,
tlsverify: false,
}, },
} }
cleanup := resetEnv() allEnvvars := map[string]string{
defer cleanup() "HELM_DEBUG": "",
"HELM_HOME": "",
"HELM_HOST": "",
"TILLER_NAMESPACE": "",
"HELM_PLUGIN": "",
"HELM_TLS_HOSTNAME": "",
"HELM_TLS_CA_CERT": "",
"HELM_TLS_CERT": "",
"HELM_TLS_KEY": "",
"HELM_TLS_VERIFY": "",
"HELM_TLS_ENABLE": "",
}
resetEnv(allEnvvars)
defer resetEnv(allEnvvars)
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
@ -90,6 +119,7 @@ func TestEnvSettings(t *testing.T) {
settings := &EnvSettings{} settings := &EnvSettings{}
settings.AddFlags(flags) settings.AddFlags(flags)
settings.AddFlagsTLS(flags)
flags.Parse(tt.args) flags.Parse(tt.args)
settings.Init(flags) settings.Init(flags)
@ -115,17 +145,20 @@ func TestEnvSettings(t *testing.T) {
if settings.KubeConfig != tt.kconfig { if settings.KubeConfig != tt.kconfig {
t.Errorf("expected kubeconfig %q, got %q", tt.kconfig, settings.KubeConfig) t.Errorf("expected kubeconfig %q, got %q", tt.kconfig, settings.KubeConfig)
} }
if settings.TLSVerify != tt.tlsverify {
t.Errorf("expected tls-verify %t, got %t", tt.tlsverify, settings.TLSVerify)
}
cleanup() resetEnv(tt.envars)
}) })
} }
} }
func resetEnv() func() { func resetEnv(envars map[string]string) func() {
origEnv := os.Environ() origEnv := os.Environ()
// ensure any local envvars do not hose us // ensure any local envvars do not hose us
for _, e := range envMap { for e := range envars {
os.Unsetenv(e) os.Unsetenv(e)
} }

Loading…
Cancel
Save