feat: add skip tls verify to helm build dependency

Signed-off-by: closetool <c299999999@qq.com>
3 years ago · c0b7270a56
parent d79ae9f927
commit c0b7270a56
5 changed files with 21 additions and 12 deletions
--- a/cmd/helm/dependency_build.go
+++ b/cmd/helm/dependency_build.go
@ -68,6 +68,11 @@ func newDependencyBuildCmd(cfg *action.Configuration, out io.Writer) *cobra.Comm
 			if client.Verify {
 				man.Verify = downloader.VerifyIfPossible
 			}
+			if client.InsecureSkipTLSverify || client.PlainHTTP {
+				if err := man.RegistryClient.WithResolver(client.InsecureSkipTLSverify, client.PlainHTTP); err != nil {
+					return err
+				}
+			}
 			err := man.Build()
 			if e, ok := err.(downloader.ErrRepoNotFound); ok {
 				return fmt.Errorf("%s. Please add the missing repos via 'helm repo add'", e.Error())
@ -80,6 +85,8 @@ func newDependencyBuildCmd(cfg *action.Configuration, out io.Writer) *cobra.Comm
 	f.BoolVar(&client.Verify, "verify", false, "verify the packages against signatures")
 	f.StringVar(&client.Keyring, "keyring", defaultKeyring(), "keyring containing public keys")
 	f.BoolVar(&client.SkipRefresh, "skip-refresh", false, "do not refresh the local repository cache")
+	f.BoolVar(&client.InsecureSkipTLSverify, "insecure-skip-tls-verify", false, "skip tls certificate checks for the chart download")
+	f.BoolVar(&client.PlainHTTP, "plain-http", false, "use plain http to connect oci registry")

 	return cmd
 }
--- a/pkg/action/dependency.go
+++ b/pkg/action/dependency.go
@ -34,10 +34,12 @@ import (
 //
 // It provides the implementation of 'helm dependency' and its respective subcommands.
 type Dependency struct {
-	Verify      bool
-	Keyring     string
-	SkipRefresh bool
-	ColumnWidth uint
+	Verify                bool
+	Keyring               string
+	SkipRefresh           bool
+	ColumnWidth           uint
+	InsecureSkipTLSverify bool
+	PlainHTTP             bool
 }

 // NewDependency creates a new Dependency object with the given configuration.
--- a/pkg/downloader/chart_downloader.go
+++ b/pkg/downloader/chart_downloader.go
@ -184,11 +184,11 @@ func (c *ChartDownloader) getOciURI(ref, version string, u *url.URL) (*url.URL,
 //
 // A version is a SemVer string (1.2.3-beta.1+f334a6789).
 //
-//	- For fully qualified URLs, the version will be ignored (since URLs aren't versioned)
-//	- For a chart reference
-//		* If version is non-empty, this will return the URL for that version
-//		* If version is empty, this will return the URL for the latest version
-//		* If no version can be found, an error is returned
+//   - For fully qualified URLs, the version will be ignored (since URLs aren't versioned)
+//   - For a chart reference
+//   - If version is non-empty, this will return the URL for that version
+//   - If version is empty, this will return the URL for the latest version
+//   - If no version can be found, an error is returned
 func (c *ChartDownloader) ResolveChartVersion(ref, version string) (*url.URL, error) {
 	u, err := url.Parse(ref)
 	if err != nil {
--- a/pkg/downloader/manager.go
+++ b/pkg/downloader/manager.go
@ -313,7 +313,7 @@ func (m *Manager) downloadAll(deps []*chart.Dependency) error {

 		// Any failure to resolve/download a chart should fail:
 		// https://github.com/helm/helm/issues/1439
-		churl, username, password, insecureskiptlsverify, passcredentialsall, caFile, certFile, keyFile, err := m.findChartURL(dep.Name, dep.Version, dep.Repository, repos)
+		churl, username, password, _, passcredentialsall, caFile, certFile, keyFile, err := m.findChartURL(dep.Name, dep.Version, dep.Repository, repos)
 		if err != nil {
 			saveError = errors.Wrapf(err, "could not find %s", churl)
 			break
@ -337,8 +337,8 @@ func (m *Manager) downloadAll(deps []*chart.Dependency) error {
 			Options: []getter.Option{
 				getter.WithBasicAuth(username, password),
 				getter.WithPassCredentialsAll(passcredentialsall),
-				getter.WithInsecureSkipVerifyTLS(insecureskiptlsverify),
 				getter.WithTLSClientConfig(certFile, keyFile, caFile),
+				getter.WithRegistryClient(m.RegistryClient),
 			},
 		}

@ -349,7 +349,6 @@ func (m *Manager) downloadAll(deps []*chart.Dependency) error {
 				return errors.Wrapf(err, "could not parse OCI reference")
 			}
 			dl.Options = append(dl.Options,
-				getter.WithRegistryClient(m.RegistryClient),
 				getter.WithTagName(version))
 		}

--- a/pkg/getter/getter.go
+++ b/pkg/getter/getter.go
@ -37,6 +37,7 @@ type options struct {
 	caFile                string
 	unTar                 bool
 	insecureSkipVerifyTLS bool
+	plainHTTP             bool
 	username              string
 	password              string
 	passCredentialsAll    bool