diff --git a/.github/workflows/asset-transparency.yaml b/.github/workflows/asset-transparency.yaml deleted file mode 100644 index ff58d1a5f..000000000 --- a/.github/workflows/asset-transparency.yaml +++ /dev/null @@ -1,18 +0,0 @@ -name: Publish Release Assets to Asset Transparency Log - -on: - release: - types: [published, created, edited, released] - -jobs: - github_release_asset_transparency_log_publish_job: - runs-on: ubuntu-latest - name: Publish GitHub release asset digests to https://beta-asset.transparencylog.net - steps: - - name: Gather URLs from GitHub release and publish - id: asset-transparency - uses: transparencylog/github-releases-asset-transparency-verify-action@c77874b4514ae4003994ece9582675195fe012e2 # v11 - - name: List verified and published URLs - run: echo "Verified URLs ${{ steps.asset-transparency.outputs.verified }}" - - name: List failed URLs - run: echo "Failed URLs ${{ steps.asset-transparency.outputs.failed }}" diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 7696b4e21..756efb8ed 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -13,23 +13,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout source code - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # pin@4.1.0 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # pin@5.0.1 with: - go-version: '1.20' - - name: Install golangci-lint - run: | - curl -sSLO https://github.com/golangci/golangci-lint/releases/download/v$GOLANGCI_LINT_VERSION/golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.tar.gz - shasum -a 256 golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.tar.gz | grep "^$GOLANGCI_LINT_SHA256 " > /dev/null - tar -xf golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64.tar.gz - sudo mv golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64/golangci-lint /usr/local/bin/golangci-lint - rm -rf golangci-lint-$GOLANGCI_LINT_VERSION-linux-amd64* - env: - GOLANGCI_LINT_VERSION: '1.51.2' - GOLANGCI_LINT_SHA256: '4de479eb9d9bc29da51aec1834e7c255b333723d38dbd56781c68e5dddc6a90b' - - name: Test style - run: make test-style + go-version: '1.22' + - name: Test source headers are present + run: make test-source-headers - name: Run unit tests run: make test-coverage - name: Test build diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 013af1dd7..8ac6a5e22 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # pinv2.22.5 + uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # pinv3.25.5 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@74483a38d39275f33fcff5f35b679b5ca4a26a99 # pinv2.22.5 + uses: github/codeql-action/autobuild@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # pinv3.25.5 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # pinv2.22.5 + uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # pinv3.25.5 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml new file mode 100644 index 000000000..29116225e --- /dev/null +++ b/.github/workflows/golangci-lint.yml @@ -0,0 +1,22 @@ +name: golangci-lint + +on: + push: + pull_request: + +jobs: + golangci: + name: golangci-lint + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 + + - name: Setup Go + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # pin@5.0.1 + with: + go-version: "1.22" + - name: golangci-lint + uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 #pin@6.0.1 + with: + version: v1.58 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0a32365db..496d30f01 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,27 +18,36 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout source code - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 with: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # pin@4.1.0 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # pin@5.0.1 with: - go-version: '1.20' - + go-version: '1.22' + - name: Run unit tests run: make test-coverage - name: Build Helm Binaries run: | + set -eu -o pipefail + make build-cross make dist checksum VERSION="${{ github.ref_name }}" - + - name: Set latest version run: | + set -eu -o pipefail + + mkdir -p _dist_versions + # Push the latest semver tag, excluding prerelease tags - git tag | sort -r --version-sort | grep '^v[0-9]' | grep -v '-' | head -n1 > _dist/helm-latest-version + LATEST_VERSION="$(git tag | sort -r --version-sort | grep '^v[0-9]' | grep -v '-' | head -n1)" + echo "LATEST_VERSION=${LATEST_VERSION}" + echo "${LATEST_VERSION}" > _dist_versions/helm-latest-version + echo "${LATEST_VERSION}" > _dist_versions/helm3-latest-version - name: Upload Binaries uses: bacongobbler/azure-blob-storage-upload@50f7d898b7697e864130ea04c303ca38b5751c50 # pin@3.0.0 @@ -51,17 +60,28 @@ jobs: connection_string: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }} extra_args: '--pattern helm-*' + - name: Upload Version tag files + uses: bacongobbler/azure-blob-storage-upload@50f7d898b7697e864130ea04c303ca38b5751c50 # pin@3.0.0 + env: + AZURE_STORAGE_CONNECTION_STRING: "${{ secrets.AZURE_STORAGE_CONNECTION_STRING }}" + AZURE_STORAGE_CONTAINER_NAME: "${{ secrets.AZURE_STORAGE_CONTAINER_NAME }}" + with: + overwrite: 'true' + source_dir: _dist_versions + container_name: ${{ secrets.AZURE_STORAGE_CONTAINER_NAME }} + connection_string: ${{ secrets.AZURE_STORAGE_CONNECTION_STRING }} + canary-release: runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' steps: - name: Checkout source code - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin@v4.1.1 - name: Setup Go - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # pin@4.1.0 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # pin@5.0.1 with: - go-version: '1.20' + go-version: '1.22' - name: Run unit tests run: make test-coverage diff --git a/.gitignore b/.gitignore index d1af995a3..cdb68ceb5 100644 --- a/.gitignore +++ b/.gitignore @@ -5,7 +5,9 @@ .idea/ .vimrc .vscode/ +.devcontainer/ _dist/ +_dist_versions/ bin/ vendor/ # Ignores charts pulled for dependency build tests diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5bbe2ec63..7fef37948 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -129,27 +129,6 @@ For a quick summary of our backward compatibility guidelines for releases betwee - Go libraries inside of `pkg/` SHOULD remain backward compatible, though code inside of `cmd/` and `internal/` may be changed from release to release without notice. -## Support Contract for Helm 2 - -With Helm 2's current release schedule, we want to take into account any migration issues for users -due to the upcoming holiday shopping season and tax season. We also want to clarify what actions may -occur after the support contract ends for Helm 2, so that users will not be surprised or caught off -guard. - -After Helm 2.15.0 is released, Helm 2 will go into "maintenance mode". We will continue to accept -bug fixes and fix any security issues that arise, but no new features will be accepted for Helm 2. -All feature development will be moved over to Helm 3. - -6 months after Helm 3.0.0's public release, Helm 2 will stop accepting bug fixes. Only security -issues will be accepted. - -12 months after Helm 3.0.0's public release, support for Helm 2 will formally end. Download links -for the Helm 2 client through Google Cloud Storage, the Docker image for Tiller stored in Google -Container Registry, and the Google Cloud buckets for the stable and incubator chart repositories may -no longer work at any point. Client downloads through `get.helm.sh` will continue to work, and we -will distribute a Tiller image that will be made available at an alternative location which can be -updated with `helm init --tiller-image`. - ## Issues Issues are used as the primary method for tracking anything to do with the Helm project. diff --git a/Makefile b/Makefile index d61ac1507..c8ced67a8 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,8 @@ BINDIR := $(CURDIR)/bin INSTALL_PATH ?= /usr/local/bin DIST_DIRS := find * -type d -exec -TARGETS := darwin/amd64 darwin/arm64 linux/amd64 linux/386 linux/arm linux/arm64 linux/ppc64le linux/s390x windows/amd64 -TARGET_OBJS ?= darwin-amd64.tar.gz darwin-amd64.tar.gz.sha256 darwin-amd64.tar.gz.sha256sum darwin-arm64.tar.gz darwin-arm64.tar.gz.sha256 darwin-arm64.tar.gz.sha256sum linux-amd64.tar.gz linux-amd64.tar.gz.sha256 linux-amd64.tar.gz.sha256sum linux-386.tar.gz linux-386.tar.gz.sha256 linux-386.tar.gz.sha256sum linux-arm.tar.gz linux-arm.tar.gz.sha256 linux-arm.tar.gz.sha256sum linux-arm64.tar.gz linux-arm64.tar.gz.sha256 linux-arm64.tar.gz.sha256sum linux-ppc64le.tar.gz linux-ppc64le.tar.gz.sha256 linux-ppc64le.tar.gz.sha256sum linux-s390x.tar.gz linux-s390x.tar.gz.sha256 linux-s390x.tar.gz.sha256sum windows-amd64.zip windows-amd64.zip.sha256 windows-amd64.zip.sha256sum +TARGETS := darwin/amd64 darwin/arm64 linux/amd64 linux/386 linux/arm linux/arm64 linux/ppc64le linux/s390x linux/riscv64 windows/amd64 +TARGET_OBJS ?= darwin-amd64.tar.gz darwin-amd64.tar.gz.sha256 darwin-amd64.tar.gz.sha256sum darwin-arm64.tar.gz darwin-arm64.tar.gz.sha256 darwin-arm64.tar.gz.sha256sum linux-amd64.tar.gz linux-amd64.tar.gz.sha256 linux-amd64.tar.gz.sha256sum linux-386.tar.gz linux-386.tar.gz.sha256 linux-386.tar.gz.sha256sum linux-arm.tar.gz linux-arm.tar.gz.sha256 linux-arm.tar.gz.sha256sum linux-arm64.tar.gz linux-arm64.tar.gz.sha256 linux-arm64.tar.gz.sha256sum linux-ppc64le.tar.gz linux-ppc64le.tar.gz.sha256 linux-ppc64le.tar.gz.sha256sum linux-s390x.tar.gz linux-s390x.tar.gz.sha256 linux-s390x.tar.gz.sha256sum linux-riscv64.tar.gz linux-riscv64.tar.gz.sha256 linux-riscv64.tar.gz.sha256sum windows-amd64.zip windows-amd64.zip.sha256 windows-amd64.zip.sha256sum BINNAME ?= helm GOBIN = $(shell go env GOBIN) @@ -11,7 +11,7 @@ GOBIN = $(shell go env GOPATH)/bin endif GOX = $(GOBIN)/gox GOIMPORTS = $(GOBIN)/goimports -ARCH = $(shell uname -p) +ARCH = $(shell go env GOARCH) ACCEPTANCE_DIR:=../acceptance-testing # To specify the subset of acceptance tests to run. '.' means all tests @@ -114,7 +114,11 @@ test-coverage: .PHONY: test-style test-style: - GO111MODULE=on golangci-lint run + golangci-lint run ./... + @scripts/validate-license.sh + +.PHONY: test-source-headers +test-source-headers: @scripts/validate-license.sh .PHONY: test-acceptance @@ -155,7 +159,7 @@ gen-test-golden: test-unit # without a go.mod file when downloading the following dependencies $(GOX): - (cd /; GO111MODULE=on go install github.com/mitchellh/gox@latest) + (cd /; GO111MODULE=on go install github.com/mitchellh/gox@v1.0.2-0.20220701044238-9f712387e2d2) $(GOIMPORTS): (cd /; GO111MODULE=on go install golang.org/x/tools/cmd/goimports@latest) diff --git a/cmd/helm/completion.go b/cmd/helm/completion.go index 310c915b8..9f31ea741 100644 --- a/cmd/helm/completion.go +++ b/cmd/helm/completion.go @@ -103,7 +103,7 @@ func newCompletionCmd(out io.Writer) *cobra.Command { Long: bashCompDesc, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { return runCompletionBash(out, cmd) }, } @@ -115,7 +115,7 @@ func newCompletionCmd(out io.Writer) *cobra.Command { Long: zshCompDesc, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { return runCompletionZsh(out, cmd) }, } @@ -127,7 +127,7 @@ func newCompletionCmd(out io.Writer) *cobra.Command { Long: fishCompDesc, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { return runCompletionFish(out, cmd) }, } @@ -139,7 +139,7 @@ func newCompletionCmd(out io.Writer) *cobra.Command { Long: powershellCompDesc, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { return runCompletionPowershell(out, cmd) }, } @@ -210,6 +210,6 @@ func runCompletionPowershell(out io.Writer, cmd *cobra.Command) error { } // Function to disable file completion -func noCompletions(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { +func noCompletions(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { return nil, cobra.ShellCompDirectiveNoFileComp } diff --git a/cmd/helm/create.go b/cmd/helm/create.go index fe5cc540a..b79752efb 100644 --- a/cmd/helm/create.go +++ b/cmd/helm/create.go @@ -64,7 +64,7 @@ func newCreateCmd(out io.Writer) *cobra.Command { Short: "create a new chart with the given name", Long: createDesc, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { // Allow file completion when completing the argument for the name // which could be a path @@ -73,7 +73,7 @@ func newCreateCmd(out io.Writer) *cobra.Command { // No more completions, so disable file completion return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.name = args[0] o.starterDir = helmpath.DataPath("starters") return o.run(out) diff --git a/cmd/helm/dependency.go b/cmd/helm/dependency.go index 03874742c..228c73c80 100644 --- a/cmd/helm/dependency.go +++ b/cmd/helm/dependency.go @@ -106,7 +106,7 @@ func newDependencyListCmd(out io.Writer) *cobra.Command { Short: "list the dependencies for the given chart", Long: dependencyListDesc, Args: require.MaximumNArgs(1), - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { chartpath := "." if len(args) > 0 { chartpath = filepath.Clean(args[0]) diff --git a/cmd/helm/dependency_build.go b/cmd/helm/dependency_build.go index 1ee46d3d2..2cf0c6c81 100644 --- a/cmd/helm/dependency_build.go +++ b/cmd/helm/dependency_build.go @@ -49,7 +49,7 @@ func newDependencyBuildCmd(cfg *action.Configuration, out io.Writer) *cobra.Comm Short: "rebuild the charts/ directory based on the Chart.lock file", Long: dependencyBuildDesc, Args: require.MaximumNArgs(1), - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { chartpath := "." if len(args) > 0 { chartpath = filepath.Clean(args[0]) diff --git a/cmd/helm/dependency_update.go b/cmd/helm/dependency_update.go index ad0188f17..cb6e9c0cc 100644 --- a/cmd/helm/dependency_update.go +++ b/cmd/helm/dependency_update.go @@ -52,7 +52,7 @@ func newDependencyUpdateCmd(cfg *action.Configuration, out io.Writer) *cobra.Com Short: "update charts/ based on the contents of Chart.yaml", Long: dependencyUpDesc, Args: require.MaximumNArgs(1), - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { chartpath := "." if len(args) > 0 { chartpath = filepath.Clean(args[0]) diff --git a/cmd/helm/docs.go b/cmd/helm/docs.go index 523a96022..182aeb9f6 100644 --- a/cmd/helm/docs.go +++ b/cmd/helm/docs.go @@ -59,7 +59,7 @@ func newDocsCmd(out io.Writer) *cobra.Command { Hidden: true, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { o.topCmd = cmd.Root() return o.run(out) }, @@ -70,14 +70,14 @@ func newDocsCmd(out io.Writer) *cobra.Command { f.StringVar(&o.docTypeString, "type", "markdown", "the type of documentation to generate (markdown, man, bash)") f.BoolVar(&o.generateHeaders, "generate-headers", false, "generate standard headers for markdown files") - cmd.RegisterFlagCompletionFunc("type", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + cmd.RegisterFlagCompletionFunc("type", func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { return []string{"bash", "man", "markdown"}, cobra.ShellCompDirectiveNoFileComp }) return cmd } -func (o *docsOptions) run(out io.Writer) error { +func (o *docsOptions) run(_ io.Writer) error { switch o.docTypeString { case "markdown", "mdown", "md": if o.generateHeaders { diff --git a/cmd/helm/env.go b/cmd/helm/env.go index 3754b748d..83ee32895 100644 --- a/cmd/helm/env.go +++ b/cmd/helm/env.go @@ -36,7 +36,7 @@ func newEnvCmd(out io.Writer) *cobra.Command { Short: "helm client environment information", Long: envHelp, Args: require.MaximumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { keys := getSortedEnvVarKeys() return keys, cobra.ShellCompDirectiveNoFileComp @@ -44,7 +44,7 @@ func newEnvCmd(out io.Writer) *cobra.Command { return nil, cobra.ShellCompDirectiveNoFileComp }, - Run: func(cmd *cobra.Command, args []string) { + Run: func(_ *cobra.Command, args []string) { envVars := settings.EnvVars() if len(args) == 0 { diff --git a/cmd/helm/flags.go b/cmd/helm/flags.go index a8f25cb35..62e9f90fa 100644 --- a/cmd/helm/flags.go +++ b/cmd/helm/flags.go @@ -72,7 +72,7 @@ func bindOutputFlag(cmd *cobra.Command, varRef *output.Format) { cmd.Flags().VarP(newOutputValue(output.Table, varRef), outputFlag, "o", fmt.Sprintf("prints the output in the specified format. Allowed values: %s", strings.Join(output.Formats(), ", "))) - err := cmd.RegisterFlagCompletionFunc(outputFlag, func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc(outputFlag, func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { var formatNames []string for format, desc := range output.FormatsWithDesc() { formatNames = append(formatNames, fmt.Sprintf("%s\t%s", format, desc)) @@ -195,7 +195,7 @@ func (p *postRendererArgsSlice) GetSlice() []string { return p.options.args } -func compVersionFlag(chartRef string, toComplete string) ([]string, cobra.ShellCompDirective) { +func compVersionFlag(chartRef string, _ string) ([]string, cobra.ShellCompDirective) { chartInfo := strings.Split(chartRef, "/") if len(chartInfo) != 2 { return nil, cobra.ShellCompDirectiveNoFileComp diff --git a/cmd/helm/get_all.go b/cmd/helm/get_all.go index e51d50536..6def2e0d6 100644 --- a/cmd/helm/get_all.go +++ b/cmd/helm/get_all.go @@ -41,13 +41,13 @@ func newGetAllCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "download all information for a named release", Long: getAllHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { res, err := client.Run(args[0]) if err != nil { return err @@ -65,7 +65,7 @@ func newGetAllCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f := cmd.Flags() f.IntVar(&client.Version, "revision", 0, "get the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/get_hooks.go b/cmd/helm/get_hooks.go index 913e2c58a..6ba5094e4 100644 --- a/cmd/helm/get_hooks.go +++ b/cmd/helm/get_hooks.go @@ -41,13 +41,13 @@ func newGetHooksCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "download all hooks for a named release", Long: getHooksHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { res, err := client.Run(args[0]) if err != nil { return err @@ -60,7 +60,7 @@ func newGetHooksCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { } cmd.Flags().IntVar(&client.Version, "revision", 0, "get the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/get_manifest.go b/cmd/helm/get_manifest.go index baeaf8d72..0df100259 100644 --- a/cmd/helm/get_manifest.go +++ b/cmd/helm/get_manifest.go @@ -43,13 +43,13 @@ func newGetManifestCmd(cfg *action.Configuration, out io.Writer) *cobra.Command Short: "download the manifest for a named release", Long: getManifestHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { res, err := client.Run(args[0]) if err != nil { return err @@ -60,7 +60,7 @@ func newGetManifestCmd(cfg *action.Configuration, out io.Writer) *cobra.Command } cmd.Flags().IntVar(&client.Version, "revision", 0, "get the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/get_metadata.go b/cmd/helm/get_metadata.go index adab891bd..084323275 100644 --- a/cmd/helm/get_metadata.go +++ b/cmd/helm/get_metadata.go @@ -40,13 +40,13 @@ func newGetMetadataCmd(cfg *action.Configuration, out io.Writer) *cobra.Command Use: "metadata RELEASE_NAME", Short: "This command fetches metadata for a given release", Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { releaseMetadata, err := client.Run(args[0]) if err != nil { return err @@ -57,7 +57,7 @@ func newGetMetadataCmd(cfg *action.Configuration, out io.Writer) *cobra.Command f := cmd.Flags() f.IntVar(&client.Version, "revision", 0, "specify release revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/get_notes.go b/cmd/helm/get_notes.go index b71bcbdf6..6ac2a0450 100644 --- a/cmd/helm/get_notes.go +++ b/cmd/helm/get_notes.go @@ -39,13 +39,13 @@ func newGetNotesCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "download the notes for a named release", Long: getNotesHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { res, err := client.Run(args[0]) if err != nil { return err @@ -59,7 +59,7 @@ func newGetNotesCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f := cmd.Flags() f.IntVar(&client.Version, "revision", 0, "get the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/get_values.go b/cmd/helm/get_values.go index 6124e1b33..c3fb8c252 100644 --- a/cmd/helm/get_values.go +++ b/cmd/helm/get_values.go @@ -46,13 +46,13 @@ func newGetValuesCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "download the values file for a named release", Long: getValuesHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { vals, err := client.Run(args[0]) if err != nil { return err @@ -63,7 +63,7 @@ func newGetValuesCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f := cmd.Flags() f.IntVar(&client.Version, "revision", 0, "get the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/helm_test.go b/cmd/helm/helm_test.go index b20b1a24d..7d0bf5751 100644 --- a/cmd/helm/helm_test.go +++ b/cmd/helm/helm_test.go @@ -94,7 +94,7 @@ func executeActionCommandStdinC(store *storage.Storage, in *os.File, cmd string) Releases: store, KubeClient: &kubefake.PrintingKubeClient{Out: io.Discard}, Capabilities: chartutil.DefaultCapabilities, - Log: func(format string, v ...interface{}) {}, + Log: func(_ string, _ ...interface{}) {}, } root, err := newRootCmd(actionConfig, buf, args) diff --git a/cmd/helm/history.go b/cmd/helm/history.go index ee6f391e4..42796fab8 100644 --- a/cmd/helm/history.go +++ b/cmd/helm/history.go @@ -60,13 +60,13 @@ func newHistoryCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "fetch release history", Aliases: []string{"hist"}, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { history, err := getHistory(client, args[0]) if err != nil { return err @@ -184,7 +184,7 @@ func min(x, y int) int { return y } -func compListRevisions(toComplete string, cfg *action.Configuration, releaseName string) ([]string, cobra.ShellCompDirective) { +func compListRevisions(_ string, cfg *action.Configuration, releaseName string) ([]string, cobra.ShellCompDirective) { client := action.NewHistory(cfg) var revisions []string diff --git a/cmd/helm/install.go b/cmd/helm/install.go index d987d300f..f1d152b73 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -94,7 +94,11 @@ And in the following example, 'foo' is set to '{"key1":"value1","key2":"bar"}': $ helm install --set-json='foo={"key1":"value1","key2":"value2"}' --set-json='foo.key2="bar"' myredis ./redis To check the generated manifests of a release without installing the chart, -the '--debug' and '--dry-run' flags can be combined. +the --debug and --dry-run flags can be combined. + +The --dry-run flag will output all generated chart manifests, including Secrets +which can contain sensitive values. To hide Kubernetes Secrets use the +--hide-secret flag. Please carefully consider how and when these flags are used. If --verify is set, the chart MUST have a provenance file, and the provenance file MUST pass all verification steps. @@ -132,7 +136,7 @@ func newInstallCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "install a chart", Long: installDesc, Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compInstall(args, toComplete, client) }, RunE: func(_ *cobra.Command, args []string) error { @@ -159,6 +163,10 @@ func newInstallCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { } addInstallFlags(cmd, cmd.Flags(), client, valueOpts) + // hide-secret is not available in all places the install flags are used so + // it is added separately + f := cmd.Flags() + f.BoolVar(&client.HideSecret, "hide-secret", false, "hide Kubernetes Secrets when also using the --dry-run flag") bindOutputFlag(cmd, &outfmt) bindPostRenderFlag(cmd, &client.PostRenderer) @@ -194,7 +202,7 @@ func addInstallFlags(cmd *cobra.Command, f *pflag.FlagSet, client *action.Instal addValueOptionsFlags(f, valueOpts) addChartPathOptionsFlags(f, &client.ChartPathOptions) - err := cmd.RegisterFlagCompletionFunc("version", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("version", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { requiredArgs := 2 if client.GenerateName { requiredArgs = 1 diff --git a/cmd/helm/install_test.go b/cmd/helm/install_test.go index b34d1455c..a3b527031 100644 --- a/cmd/helm/install_test.go +++ b/cmd/helm/install_test.go @@ -33,7 +33,7 @@ func TestInstall(t *testing.T) { } defer srv.Stop() - srv.WithMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + srv.WithMiddleware(http.HandlerFunc(func(_ http.ResponseWriter, r *http.Request) { username, password, ok := r.BasicAuth() if !ok || username != "username" || password != "password" { t.Errorf("Expected request to use basic auth and for username == 'username' and password == 'password', got '%v', '%s', '%s'", ok, username, password) @@ -252,6 +252,22 @@ func TestInstall(t *testing.T) { cmd: fmt.Sprintf("install aeneas test/reqtest --username username --password password --repository-config %s --repository-cache %s", repoFile, srv.Root()), golden: "output/install.txt", }, + { + name: "dry-run displaying secret", + cmd: "install secrets testdata/testcharts/chart-with-secret --dry-run", + golden: "output/install-dry-run-with-secret.txt", + }, + { + name: "dry-run hiding secret", + cmd: "install secrets testdata/testcharts/chart-with-secret --dry-run --hide-secret", + golden: "output/install-dry-run-with-secret-hidden.txt", + }, + { + name: "hide-secret error without dry-run", + cmd: "install secrets testdata/testcharts/chart-with-secret --hide-secret", + wantError: true, + golden: "output/install-hide-secret.txt", + }, } runTestCmd(t, tests) diff --git a/cmd/helm/lint.go b/cmd/helm/lint.go index 73a37b6fe..6b54bdd3f 100644 --- a/cmd/helm/lint.go +++ b/cmd/helm/lint.go @@ -27,6 +27,7 @@ import ( "github.com/spf13/cobra" "helm.sh/helm/v3/pkg/action" + "helm.sh/helm/v3/pkg/chartutil" "helm.sh/helm/v3/pkg/cli/values" "helm.sh/helm/v3/pkg/getter" "helm.sh/helm/v3/pkg/lint/support" @@ -44,19 +45,29 @@ or recommendation, it will emit [WARNING] messages. func newLintCmd(out io.Writer) *cobra.Command { client := action.NewLint() valueOpts := &values.Options{} + var kubeVersion string cmd := &cobra.Command{ Use: "lint PATH", Short: "examine a chart for possible issues", Long: longLintHelp, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { paths := []string{"."} if len(args) > 0 { paths = args } + + if kubeVersion != "" { + parsedKubeVersion, err := chartutil.ParseKubeVersion(kubeVersion) + if err != nil { + return fmt.Errorf("invalid kube version '%s': %s", kubeVersion, err) + } + client.KubeVersion = parsedKubeVersion + } + if client.WithSubcharts { for _, p := range paths { - filepath.Walk(filepath.Join(p, "charts"), func(path string, info os.FileInfo, err error) error { + filepath.Walk(filepath.Join(p, "charts"), func(path string, info os.FileInfo, _ error) error { if info != nil { if info.Name() == "Chart.yaml" { paths = append(paths, filepath.Dir(path)) @@ -137,6 +148,7 @@ func newLintCmd(out io.Writer) *cobra.Command { f.BoolVar(&client.Strict, "strict", false, "fail on lint warnings") f.BoolVar(&client.WithSubcharts, "with-subcharts", false, "lint dependent charts") f.BoolVar(&client.Quiet, "quiet", false, "print only warnings and errors") + f.StringVar(&kubeVersion, "kube-version", "", "Kubernetes version used for capabilities and deprecation checks") addValueOptionsFlags(f, valueOpts) return cmd diff --git a/cmd/helm/lint_test.go b/cmd/helm/lint_test.go index 314b54c35..166b69ba0 100644 --- a/cmd/helm/lint_test.go +++ b/cmd/helm/lint_test.go @@ -63,6 +63,34 @@ func TestLintCmdWithQuietFlag(t *testing.T) { } +func TestLintCmdWithKubeVersionFlag(t *testing.T) { + testChart := "testdata/testcharts/chart-with-deprecated-api" + tests := []cmdTestCase{{ + name: "lint chart with deprecated api version using kube version flag", + cmd: fmt.Sprintf("lint --kube-version 1.22.0 %s", testChart), + golden: "output/lint-chart-with-deprecated-api.txt", + wantError: false, + }, { + name: "lint chart with deprecated api version using kube version and strict flag", + cmd: fmt.Sprintf("lint --kube-version 1.22.0 --strict %s", testChart), + golden: "output/lint-chart-with-deprecated-api-strict.txt", + wantError: true, + }, { + // the test builds will use the default k8sVersionMinor const in deprecations.go and capabilities.go + // which is "20" + name: "lint chart with deprecated api version without kube version", + cmd: fmt.Sprintf("lint %s", testChart), + golden: "output/lint-chart-with-deprecated-api-old-k8s.txt", + wantError: false, + }, { + name: "lint chart with deprecated api version with older kube version", + cmd: fmt.Sprintf("lint --kube-version 1.21.0 --strict %s", testChart), + golden: "output/lint-chart-with-deprecated-api-old-k8s.txt", + wantError: false, + }} + runTestCmd(t, tests) +} + func TestLintFileCompletion(t *testing.T) { checkFileCompletion(t, "lint", true) checkFileCompletion(t, "lint mypath", true) // Multiple paths can be given diff --git a/cmd/helm/list.go b/cmd/helm/list.go index 5ca3de18e..91922a66d 100644 --- a/cmd/helm/list.go +++ b/cmd/helm/list.go @@ -69,7 +69,7 @@ func newListCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Aliases: []string{"ls"}, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(cmd *cobra.Command, _ []string) error { if client.AllNamespaces { if err := cfg.Init(settings.RESTClientGetter(), "", os.Getenv("HELM_DRIVER"), debug); err != nil { return err diff --git a/cmd/helm/load_plugins.go b/cmd/helm/load_plugins.go index 001a084ed..5d511d6fc 100644 --- a/cmd/helm/load_plugins.go +++ b/cmd/helm/load_plugins.go @@ -301,7 +301,7 @@ func addPluginCommands(plugin *plugin.Plugin, baseCmd *cobra.Command, cmds *plug // to the dynamic completion script of the plugin. DisableFlagParsing: true, // A Run is required for it to be a valid command without subcommands - Run: func(cmd *cobra.Command, args []string) {}, + Run: func(_ *cobra.Command, _ []string) {}, } baseCmd.AddCommand(subCmd) addPluginCommands(plugin, subCmd, &cmd) diff --git a/cmd/helm/package.go b/cmd/helm/package.go index 822d3d56a..b96110ee8 100644 --- a/cmd/helm/package.go +++ b/cmd/helm/package.go @@ -55,7 +55,7 @@ func newPackageCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Use: "package [CHART_PATH] [...]", Short: "package a chart directory into a chart archive", Long: packageDesc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { if len(args) == 0 { return errors.Errorf("need at least one argument, the path to the chart") } diff --git a/cmd/helm/plugin_install.go b/cmd/helm/plugin_install.go index 4e8ee327b..b10a87c94 100644 --- a/cmd/helm/plugin_install.go +++ b/cmd/helm/plugin_install.go @@ -44,7 +44,7 @@ func newPluginInstallCmd(out io.Writer) *cobra.Command { Long: pluginInstallDesc, Aliases: []string{"add"}, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { // We do file completion, in case the plugin is local return nil, cobra.ShellCompDirectiveDefault @@ -52,10 +52,10 @@ func newPluginInstallCmd(out io.Writer) *cobra.Command { // No more completion once the plugin path has been specified return nil, cobra.ShellCompDirectiveNoFileComp }, - PreRunE: func(cmd *cobra.Command, args []string) error { + PreRunE: func(_ *cobra.Command, args []string) error { return o.complete(args) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { return o.run(out) }, } diff --git a/cmd/helm/plugin_list.go b/cmd/helm/plugin_list.go index ddf01f6f2..ed17d9e6b 100644 --- a/cmd/helm/plugin_list.go +++ b/cmd/helm/plugin_list.go @@ -31,7 +31,7 @@ func newPluginListCmd(out io.Writer) *cobra.Command { Aliases: []string{"ls"}, Short: "list installed Helm plugins", ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { debug("pluginDirs: %s", settings.PluginsDirectory) plugins, err := plugin.FindPlugins(settings.PluginsDirectory) if err != nil { @@ -75,7 +75,7 @@ func filterPlugins(plugins []*plugin.Plugin, ignoredPluginNames []string) []*plu } // Provide dynamic auto-completion for plugin names -func compListPlugins(toComplete string, ignoredPluginNames []string) []string { +func compListPlugins(_ string, ignoredPluginNames []string) []string { var pNames []string plugins, err := plugin.FindPlugins(settings.PluginsDirectory) if err == nil && len(plugins) > 0 { diff --git a/cmd/helm/plugin_uninstall.go b/cmd/helm/plugin_uninstall.go index ee4a47beb..607baab2e 100644 --- a/cmd/helm/plugin_uninstall.go +++ b/cmd/helm/plugin_uninstall.go @@ -38,13 +38,13 @@ func newPluginUninstallCmd(out io.Writer) *cobra.Command { Use: "uninstall ...", Aliases: []string{"rm", "remove"}, Short: "uninstall one or more Helm plugins", - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compListPlugins(toComplete, args), cobra.ShellCompDirectiveNoFileComp }, - PreRunE: func(cmd *cobra.Command, args []string) error { + PreRunE: func(_ *cobra.Command, args []string) error { return o.complete(args) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { return o.run(out) }, } diff --git a/cmd/helm/plugin_update.go b/cmd/helm/plugin_update.go index 4515acdbb..3f6d963fb 100644 --- a/cmd/helm/plugin_update.go +++ b/cmd/helm/plugin_update.go @@ -39,13 +39,13 @@ func newPluginUpdateCmd(out io.Writer) *cobra.Command { Use: "update ...", Aliases: []string{"up"}, Short: "update one or more Helm plugins", - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compListPlugins(toComplete, args), cobra.ShellCompDirectiveNoFileComp }, - PreRunE: func(cmd *cobra.Command, args []string) error { + PreRunE: func(_ *cobra.Command, args []string) error { return o.complete(args) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { return o.run(out) }, } diff --git a/cmd/helm/pull.go b/cmd/helm/pull.go index af3092aff..e0dd1effe 100644 --- a/cmd/helm/pull.go +++ b/cmd/helm/pull.go @@ -51,13 +51,13 @@ func newPullCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Aliases: []string{"fetch"}, Long: pullDesc, Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListCharts(toComplete, false) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.Settings = settings if client.Version == "" && client.Devel { debug("setting version to >0.0.0-0") @@ -90,7 +90,7 @@ func newPullCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f.StringVarP(&client.DestDir, "destination", "d", ".", "location to write the chart. If this and untardir are specified, untardir is appended to this") addChartPathOptionsFlags(f, &client.ChartPathOptions) - err := cmd.RegisterFlagCompletionFunc("version", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("version", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 1 { return nil, cobra.ShellCompDirectiveNoFileComp } diff --git a/cmd/helm/pull_test.go b/cmd/helm/pull_test.go index 41ac237f4..ae70595f9 100644 --- a/cmd/helm/pull_test.go +++ b/cmd/helm/pull_test.go @@ -258,7 +258,7 @@ func TestPullWithCredentialsCmd(t *testing.T) { } defer srv.Stop() - srv.WithMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + srv.WithMiddleware(http.HandlerFunc(func(_ http.ResponseWriter, r *http.Request) { username, password, ok := r.BasicAuth() if !ok || username != "username" || password != "password" { t.Errorf("Expected request to use basic auth and for username == 'username' and password == 'password', got '%v', '%s', '%s'", ok, username, password) diff --git a/cmd/helm/push.go b/cmd/helm/push.go index 3375155ed..f865c96bb 100644 --- a/cmd/helm/push.go +++ b/cmd/helm/push.go @@ -50,7 +50,7 @@ func newPushCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "push a chart to remote", Long: pushDesc, Args: require.MinimumNArgs(2), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { // Do file completion for the chart file to push return nil, cobra.ShellCompDirectiveDefault @@ -67,7 +67,7 @@ func newPushCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { } return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { registryClient, err := newRegistryClient(o.certFile, o.keyFile, o.caFile, o.insecureSkipTLSverify, o.plainHTTP) if err != nil { return fmt.Errorf("missing registry client: %w", err) diff --git a/cmd/helm/registry_login.go b/cmd/helm/registry_login.go index 112e06a95..bfb163786 100644 --- a/cmd/helm/registry_login.go +++ b/cmd/helm/registry_login.go @@ -54,7 +54,7 @@ func newRegistryLoginCmd(cfg *action.Configuration, out io.Writer) *cobra.Comman Long: registryLoginDesc, Args: require.MinimumNArgs(1), ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { hostname := args[0] username, password, err := getUsernamePassword(o.username, o.password, o.passwordFromStdinOpt) diff --git a/cmd/helm/registry_logout.go b/cmd/helm/registry_logout.go index 0084f8c09..61dae1da3 100644 --- a/cmd/helm/registry_logout.go +++ b/cmd/helm/registry_logout.go @@ -36,7 +36,7 @@ func newRegistryLogoutCmd(cfg *action.Configuration, out io.Writer) *cobra.Comma Long: registryLogoutDesc, Args: require.MinimumNArgs(1), ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { hostname := args[0] return action.NewRegistryLogout(cfg).Run(out, hostname) }, diff --git a/cmd/helm/release_testing.go b/cmd/helm/release_testing.go index 548ae2b8a..578717378 100644 --- a/cmd/helm/release_testing.go +++ b/cmd/helm/release_testing.go @@ -48,13 +48,13 @@ func newReleaseTestCmd(cfg *action.Configuration, out io.Writer) *cobra.Command Short: "run tests for a release", Long: releaseTestHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.Namespace = settings.Namespace() notName := regexp.MustCompile(`^!\s?name=`) for _, f := range filter { diff --git a/cmd/helm/repo_add.go b/cmd/helm/repo_add.go index 2deda3f4f..83fcdf50c 100644 --- a/cmd/helm/repo_add.go +++ b/cmd/helm/repo_add.go @@ -72,7 +72,7 @@ func newRepoAddCmd(out io.Writer) *cobra.Command { Short: "add a chart repository", Args: require.ExactArgs(2), ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.name = args[0] o.url = args[1] o.repoFile = settings.RepositoryConfig diff --git a/cmd/helm/repo_index.go b/cmd/helm/repo_index.go index 3960380d1..fb7ec811f 100644 --- a/cmd/helm/repo_index.go +++ b/cmd/helm/repo_index.go @@ -54,7 +54,7 @@ func newRepoIndexCmd(out io.Writer) *cobra.Command { Short: "generate an index file given a directory containing packaged charts", Long: repoIndexDesc, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { // Allow file completion when completing the argument for the directory return nil, cobra.ShellCompDirectiveDefault @@ -62,7 +62,7 @@ func newRepoIndexCmd(out io.Writer) *cobra.Command { // No more completions, so disable file completion return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.dir = args[0] return o.run(out) }, @@ -76,7 +76,7 @@ func newRepoIndexCmd(out io.Writer) *cobra.Command { return cmd } -func (i *repoIndexOptions) run(out io.Writer) error { +func (i *repoIndexOptions) run(_ io.Writer) error { path, err := filepath.Abs(i.dir) if err != nil { return err diff --git a/cmd/helm/repo_list.go b/cmd/helm/repo_list.go index c9b952fee..8abd20654 100644 --- a/cmd/helm/repo_list.go +++ b/cmd/helm/repo_list.go @@ -37,7 +37,7 @@ func newRepoListCmd(out io.Writer) *cobra.Command { Short: "list chart repositories", Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { f, _ := repo.LoadFile(settings.RepositoryConfig) if len(f.Repositories) == 0 && !(outfmt == output.JSON || outfmt == output.YAML) { return errors.New("no repositories to show") @@ -123,7 +123,7 @@ func filterRepos(repos []*repo.Entry, ignoredRepoNames []string) []*repo.Entry { } // Provide dynamic auto-completion for repo names -func compListRepos(prefix string, ignoredRepoNames []string) []string { +func compListRepos(_ string, ignoredRepoNames []string) []string { var rNames []string f, err := repo.LoadFile(settings.RepositoryConfig) diff --git a/cmd/helm/repo_remove.go b/cmd/helm/repo_remove.go index 0c1ad2cd5..82a235fec 100644 --- a/cmd/helm/repo_remove.go +++ b/cmd/helm/repo_remove.go @@ -44,10 +44,10 @@ func newRepoRemoveCmd(out io.Writer) *cobra.Command { Aliases: []string{"rm"}, Short: "remove one or more chart repositories", Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compListRepos(toComplete, args), cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.repoFile = settings.RepositoryConfig o.repoCache = settings.RepositoryCache o.names = args diff --git a/cmd/helm/repo_update.go b/cmd/helm/repo_update.go index 27661674c..8d5f532f1 100644 --- a/cmd/helm/repo_update.go +++ b/cmd/helm/repo_update.go @@ -57,10 +57,10 @@ func newRepoUpdateCmd(out io.Writer) *cobra.Command { Short: "update information of available charts locally from chart repositories", Long: updateDesc, Args: require.MinimumNArgs(0), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compListRepos(toComplete, args), cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.repoFile = settings.RepositoryConfig o.repoCache = settings.RepositoryCache o.names = args diff --git a/cmd/helm/repo_update_test.go b/cmd/helm/repo_update_test.go index 645c68cfe..1ddf0f5ed 100644 --- a/cmd/helm/repo_update_test.go +++ b/cmd/helm/repo_update_test.go @@ -34,7 +34,7 @@ func TestUpdateCmd(t *testing.T) { var out bytes.Buffer // Instead of using the HTTP updater, we provide our own for this test. // The TestUpdateCharts test verifies the HTTP behavior independently. - updater := func(repos []*repo.ChartRepository, out io.Writer, failOnRepoUpdateFail bool) error { + updater := func(repos []*repo.ChartRepository, out io.Writer, _ bool) error { for _, re := range repos { fmt.Fprintln(out, re.Config.Name) } @@ -59,7 +59,7 @@ func TestUpdateCmdMultiple(t *testing.T) { var out bytes.Buffer // Instead of using the HTTP updater, we provide our own for this test. // The TestUpdateCharts test verifies the HTTP behavior independently. - updater := func(repos []*repo.ChartRepository, out io.Writer, failOnRepoUpdateFail bool) error { + updater := func(repos []*repo.ChartRepository, out io.Writer, _ bool) error { for _, re := range repos { fmt.Fprintln(out, re.Config.Name) } @@ -85,7 +85,7 @@ func TestUpdateCmdInvalid(t *testing.T) { var out bytes.Buffer // Instead of using the HTTP updater, we provide our own for this test. // The TestUpdateCharts test verifies the HTTP behavior independently. - updater := func(repos []*repo.ChartRepository, out io.Writer, failOnRepoUpdateFail bool) error { + updater := func(repos []*repo.ChartRepository, out io.Writer, _ bool) error { for _, re := range repos { fmt.Fprintln(out, re.Config.Name) } diff --git a/cmd/helm/rollback.go b/cmd/helm/rollback.go index 7de98e404..7e4c721f5 100644 --- a/cmd/helm/rollback.go +++ b/cmd/helm/rollback.go @@ -46,7 +46,7 @@ func newRollbackCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "roll back a release to a previous revision", Long: rollbackDesc, Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { return compListReleases(toComplete, args, cfg) } @@ -57,7 +57,7 @@ func newRollbackCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { if len(args) > 1 { ver, err := strconv.Atoi(args[1]) if err != nil { diff --git a/cmd/helm/root.go b/cmd/helm/root.go index dd95b1df2..c5f8cc708 100644 --- a/cmd/helm/root.go +++ b/cmd/helm/root.go @@ -45,31 +45,32 @@ Common actions for Helm: Environment variables: -| Name | Description | -|------------------------------------|---------------------------------------------------------------------------------------------------| -| $HELM_CACHE_HOME | set an alternative location for storing cached files. | -| $HELM_CONFIG_HOME | set an alternative location for storing Helm configuration. | -| $HELM_DATA_HOME | set an alternative location for storing Helm data. | -| $HELM_DEBUG | indicate whether or not Helm is running in Debug mode | -| $HELM_DRIVER | set the backend storage driver. Values are: configmap, secret, memory, sql. | -| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use. | -| $HELM_MAX_HISTORY | set the maximum number of helm release history. | -| $HELM_NAMESPACE | set the namespace used for the helm operations. | -| $HELM_NO_PLUGINS | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. | -| $HELM_PLUGINS | set the path to the plugins directory | -| $HELM_REGISTRY_CONFIG | set the path to the registry config file. | -| $HELM_REPOSITORY_CACHE | set the path to the repository cache directory | -| $HELM_REPOSITORY_CONFIG | set the path to the repositories file. | -| $KUBECONFIG | set an alternative Kubernetes configuration file (default "~/.kube/config") | -| $HELM_KUBEAPISERVER | set the Kubernetes API Server Endpoint for authentication | -| $HELM_KUBECAFILE | set the Kubernetes certificate authority file. | -| $HELM_KUBEASGROUPS | set the Groups to use for impersonation using a comma-separated list. | -| $HELM_KUBEASUSER | set the Username to impersonate for the operation. | -| $HELM_KUBECONTEXT | set the name of the kubeconfig context. | -| $HELM_KUBETOKEN | set the Bearer KubeToken used for authentication. | -| $HELM_KUBEINSECURE_SKIP_TLS_VERIFY | indicate if the Kubernetes API server's certificate validation should be skipped (insecure) | -| $HELM_KUBETLS_SERVER_NAME | set the server name used to validate the Kubernetes API server certificate | -| $HELM_BURST_LIMIT | set the default burst limit in the case the server contains many CRDs (default 100, -1 to disable)| +| Name | Description | +|------------------------------------|------------------------------------------------------------------------------------------------------------| +| $HELM_CACHE_HOME | set an alternative location for storing cached files. | +| $HELM_CONFIG_HOME | set an alternative location for storing Helm configuration. | +| $HELM_DATA_HOME | set an alternative location for storing Helm data. | +| $HELM_DEBUG | indicate whether or not Helm is running in Debug mode | +| $HELM_DRIVER | set the backend storage driver. Values are: configmap, secret, memory, sql. | +| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use. | +| $HELM_MAX_HISTORY | set the maximum number of helm release history. | +| $HELM_NAMESPACE | set the namespace used for the helm operations. | +| $HELM_NO_PLUGINS | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. | +| $HELM_PLUGINS | set the path to the plugins directory | +| $HELM_REGISTRY_CONFIG | set the path to the registry config file. | +| $HELM_REPOSITORY_CACHE | set the path to the repository cache directory | +| $HELM_REPOSITORY_CONFIG | set the path to the repositories file. | +| $KUBECONFIG | set an alternative Kubernetes configuration file (default "~/.kube/config") | +| $HELM_KUBEAPISERVER | set the Kubernetes API Server Endpoint for authentication | +| $HELM_KUBECAFILE | set the Kubernetes certificate authority file. | +| $HELM_KUBEASGROUPS | set the Groups to use for impersonation using a comma-separated list. | +| $HELM_KUBEASUSER | set the Username to impersonate for the operation. | +| $HELM_KUBECONTEXT | set the name of the kubeconfig context. | +| $HELM_KUBETOKEN | set the Bearer KubeToken used for authentication. | +| $HELM_KUBEINSECURE_SKIP_TLS_VERIFY | indicate if the Kubernetes API server's certificate validation should be skipped (insecure) | +| $HELM_KUBETLS_SERVER_NAME | set the server name used to validate the Kubernetes API server certificate | +| $HELM_BURST_LIMIT | set the default burst limit in the case the server contains many CRDs (default 100, -1 to disable) | +| $HELM_QPS | set the Queries Per Second in cases where a high number of calls exceed the option for higher burst values | Helm stores cache, configuration, and data based on the following configuration order: @@ -99,7 +100,7 @@ func newRootCmd(actionConfig *action.Configuration, out io.Writer, args []string addKlogFlags(flags) // Setup shell completion for the namespace flag - err := cmd.RegisterFlagCompletionFunc("namespace", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("namespace", func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { if client, err := actionConfig.KubernetesClientSet(); err == nil { // Choose a long enough timeout that the user notices something is not working // but short enough that the user is not made to wait very long @@ -122,7 +123,7 @@ func newRootCmd(actionConfig *action.Configuration, out io.Writer, args []string } // Setup shell completion for the kube-context flag - err = cmd.RegisterFlagCompletionFunc("kube-context", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err = cmd.RegisterFlagCompletionFunc("kube-context", func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { cobra.CompDebugln("About to get the different kube-contexts", settings.Debug) loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() diff --git a/cmd/helm/search/search_test.go b/cmd/helm/search/search_test.go index dc82ca3d9..415c085b4 100644 --- a/cmd/helm/search/search_test.go +++ b/cmd/helm/search/search_test.go @@ -101,7 +101,7 @@ var indexfileEntries = map[string]repo.ChartVersions{ }, } -func loadTestIndex(t *testing.T, all bool) *Index { +func loadTestIndex(_ *testing.T, all bool) *Index { i := NewIndex() i.AddRepo("testing", &repo.IndexFile{Entries: indexfileEntries}, all) i.AddRepo("ztesting", &repo.IndexFile{Entries: map[string]repo.ChartVersions{ diff --git a/cmd/helm/search_hub.go b/cmd/helm/search_hub.go index 1618a4c9f..d9482f67a 100644 --- a/cmd/helm/search_hub.go +++ b/cmd/helm/search_hub.go @@ -64,7 +64,7 @@ func newSearchHubCmd(out io.Writer) *cobra.Command { Use: "hub [KEYWORD]", Short: "search for charts in the Artifact Hub or your own hub instance", Long: searchHubDesc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { return o.run(out, args) }, } diff --git a/cmd/helm/search_hub_test.go b/cmd/helm/search_hub_test.go index 89ce2b3e5..f3730275a 100644 --- a/cmd/helm/search_hub_test.go +++ b/cmd/helm/search_hub_test.go @@ -27,7 +27,7 @@ func TestSearchHubCmd(t *testing.T) { // Setup a mock search service var searchResult = `{"data":[{"id":"stable/phpmyadmin","type":"chart","attributes":{"name":"phpmyadmin","repo":{"name":"stable","url":"https://charts.helm.sh/stable"},"description":"phpMyAdmin is an mysql administration frontend","home":"https://www.phpmyadmin.net/","keywords":["mariadb","mysql","phpmyadmin"],"maintainers":[{"name":"Bitnami","email":"containers@bitnami.com"}],"sources":["https://github.com/bitnami/bitnami-docker-phpmyadmin"],"icon":""},"links":{"self":"/v1/charts/stable/phpmyadmin"},"relationships":{"latestChartVersion":{"data":{"version":"3.0.0","app_version":"4.9.0-1","created":"2019-08-08T17:57:31.38Z","digest":"119c499251bffd4b06ff0cd5ac98c2ce32231f84899fb4825be6c2d90971c742","urls":["https://charts.helm.sh/stable/phpmyadmin-3.0.0.tgz"],"readme":"/v1/assets/stable/phpmyadmin/versions/3.0.0/README.md","values":"/v1/assets/stable/phpmyadmin/versions/3.0.0/values.yaml"},"links":{"self":"/v1/charts/stable/phpmyadmin/versions/3.0.0"}}}},{"id":"bitnami/phpmyadmin","type":"chart","attributes":{"name":"phpmyadmin","repo":{"name":"bitnami","url":"https://charts.bitnami.com"},"description":"phpMyAdmin is an mysql administration frontend","home":"https://www.phpmyadmin.net/","keywords":["mariadb","mysql","phpmyadmin"],"maintainers":[{"name":"Bitnami","email":"containers@bitnami.com"}],"sources":["https://github.com/bitnami/bitnami-docker-phpmyadmin"],"icon":""},"links":{"self":"/v1/charts/bitnami/phpmyadmin"},"relationships":{"latestChartVersion":{"data":{"version":"3.0.0","app_version":"4.9.0-1","created":"2019-08-08T18:34:13.341Z","digest":"66d77cf6d8c2b52c488d0a294cd4996bd5bad8dc41d3829c394498fb401c008a","urls":["https://charts.bitnami.com/bitnami/phpmyadmin-3.0.0.tgz"],"readme":"/v1/assets/bitnami/phpmyadmin/versions/3.0.0/README.md","values":"/v1/assets/bitnami/phpmyadmin/versions/3.0.0/values.yaml"},"links":{"self":"/v1/charts/bitnami/phpmyadmin/versions/3.0.0"}}}}]}` - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { fmt.Fprintln(w, searchResult) })) defer ts.Close() @@ -57,7 +57,7 @@ func TestSearchHubListRepoCmd(t *testing.T) { // Setup a mock search service var searchResult = `{"data":[{"id":"stable/phpmyadmin","type":"chart","attributes":{"name":"phpmyadmin","repo":{"name":"stable","url":"https://charts.helm.sh/stable"},"description":"phpMyAdmin is an mysql administration frontend","home":"https://www.phpmyadmin.net/","keywords":["mariadb","mysql","phpmyadmin"],"maintainers":[{"name":"Bitnami","email":"containers@bitnami.com"}],"sources":["https://github.com/bitnami/bitnami-docker-phpmyadmin"],"icon":""},"links":{"self":"/v1/charts/stable/phpmyadmin"},"relationships":{"latestChartVersion":{"data":{"version":"3.0.0","app_version":"4.9.0-1","created":"2019-08-08T17:57:31.38Z","digest":"119c499251bffd4b06ff0cd5ac98c2ce32231f84899fb4825be6c2d90971c742","urls":["https://charts.helm.sh/stable/phpmyadmin-3.0.0.tgz"],"readme":"/v1/assets/stable/phpmyadmin/versions/3.0.0/README.md","values":"/v1/assets/stable/phpmyadmin/versions/3.0.0/values.yaml"},"links":{"self":"/v1/charts/stable/phpmyadmin/versions/3.0.0"}}}},{"id":"bitnami/phpmyadmin","type":"chart","attributes":{"name":"phpmyadmin","repo":{"name":"bitnami","url":"https://charts.bitnami.com"},"description":"phpMyAdmin is an mysql administration frontend","home":"https://www.phpmyadmin.net/","keywords":["mariadb","mysql","phpmyadmin"],"maintainers":[{"name":"Bitnami","email":"containers@bitnami.com"}],"sources":["https://github.com/bitnami/bitnami-docker-phpmyadmin"],"icon":""},"links":{"self":"/v1/charts/bitnami/phpmyadmin"},"relationships":{"latestChartVersion":{"data":{"version":"3.0.0","app_version":"4.9.0-1","created":"2019-08-08T18:34:13.341Z","digest":"66d77cf6d8c2b52c488d0a294cd4996bd5bad8dc41d3829c394498fb401c008a","urls":["https://charts.bitnami.com/bitnami/phpmyadmin-3.0.0.tgz"],"readme":"/v1/assets/bitnami/phpmyadmin/versions/3.0.0/README.md","values":"/v1/assets/bitnami/phpmyadmin/versions/3.0.0/values.yaml"},"links":{"self":"/v1/charts/bitnami/phpmyadmin/versions/3.0.0"}}}}]}` - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { fmt.Fprintln(w, searchResult) })) defer ts.Close() @@ -155,7 +155,7 @@ func TestSearchHubCmd_FailOnNoResponseTests(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { // Setup a mock search service - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { fmt.Fprintln(w, tt.response) })) defer ts.Close() diff --git a/cmd/helm/search_repo.go b/cmd/helm/search_repo.go index 2c6f17094..f2bbca9e4 100644 --- a/cmd/helm/search_repo.go +++ b/cmd/helm/search_repo.go @@ -81,7 +81,7 @@ func newSearchRepoCmd(out io.Writer) *cobra.Command { Use: "repo [keyword]", Short: "search repositories for a keyword in charts", Long: searchRepoDesc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { o.repoFile = settings.RepositoryConfig o.repoCacheDir = settings.RepositoryCache return o.run(out, args) diff --git a/cmd/helm/show.go b/cmd/helm/show.go index 28eb9756d..6b67dcdf4 100644 --- a/cmd/helm/show.go +++ b/cmd/helm/show.go @@ -69,7 +69,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { } // Function providing dynamic auto-completion - validArgsFunc := func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + validArgsFunc := func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } @@ -82,7 +82,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Long: showAllDesc, Args: require.ExactArgs(1), ValidArgsFunction: validArgsFunc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.OutputFormat = action.ShowAll err := addRegistryClient(client) if err != nil { @@ -103,7 +103,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Long: showValuesDesc, Args: require.ExactArgs(1), ValidArgsFunction: validArgsFunc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.OutputFormat = action.ShowValues err := addRegistryClient(client) if err != nil { @@ -124,7 +124,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Long: showChartDesc, Args: require.ExactArgs(1), ValidArgsFunction: validArgsFunc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.OutputFormat = action.ShowChart err := addRegistryClient(client) if err != nil { @@ -145,7 +145,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Long: readmeChartDesc, Args: require.ExactArgs(1), ValidArgsFunction: validArgsFunc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.OutputFormat = action.ShowReadme err := addRegistryClient(client) if err != nil { @@ -166,7 +166,7 @@ func newShowCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Long: showCRDsDesc, Args: require.ExactArgs(1), ValidArgsFunction: validArgsFunc, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.OutputFormat = action.ShowCRDs err := addRegistryClient(client) if err != nil { @@ -199,7 +199,7 @@ func addShowFlags(subCmd *cobra.Command, client *action.Show) { } addChartPathOptionsFlags(f, &client.ChartPathOptions) - err := subCmd.RegisterFlagCompletionFunc("version", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := subCmd.RegisterFlagCompletionFunc("version", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 1 { return nil, cobra.ShellCompDirectiveNoFileComp } diff --git a/cmd/helm/status.go b/cmd/helm/status.go index 850862cd5..9fa6ec4bc 100644 --- a/cmd/helm/status.go +++ b/cmd/helm/status.go @@ -58,13 +58,13 @@ func newStatusCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "display the status of the named release", Long: statusHelp, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 0 { return nil, cobra.ShellCompDirectiveNoFileComp } return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { // When the output format is a table the resources should be fetched // and displayed as a table. When YAML or JSON the resources will be @@ -88,7 +88,7 @@ func newStatusCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f.IntVar(&client.Version, "revision", 0, "if set, display the status of the named release with revision") - err := cmd.RegisterFlagCompletionFunc("revision", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("revision", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 1 { return compListRevisions(toComplete, cfg, args[0]) } diff --git a/cmd/helm/template.go b/cmd/helm/template.go index a16cbc76e..b53ed6b1c 100644 --- a/cmd/helm/template.go +++ b/cmd/helm/template.go @@ -61,7 +61,7 @@ func newTemplateCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "locally render templates", Long: templateDesc, Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compInstall(args, toComplete, client) }, RunE: func(_ *cobra.Command, args []string) error { diff --git a/cmd/helm/testdata/output/env-comp.txt b/cmd/helm/testdata/output/env-comp.txt index b7d93c12e..8f9c53fc7 100644 --- a/cmd/helm/testdata/output/env-comp.txt +++ b/cmd/helm/testdata/output/env-comp.txt @@ -15,6 +15,7 @@ HELM_KUBETOKEN HELM_MAX_HISTORY HELM_NAMESPACE HELM_PLUGINS +HELM_QPS HELM_REGISTRY_CONFIG HELM_REPOSITORY_CACHE HELM_REPOSITORY_CONFIG diff --git a/cmd/helm/testdata/output/install-dry-run-with-secret-hidden.txt b/cmd/helm/testdata/output/install-dry-run-with-secret-hidden.txt new file mode 100644 index 000000000..2f928c3dc --- /dev/null +++ b/cmd/helm/testdata/output/install-dry-run-with-secret-hidden.txt @@ -0,0 +1,20 @@ +NAME: secrets +LAST DEPLOYED: Fri Sep 2 22:04:05 1977 +NAMESPACE: default +STATUS: pending-install +REVISION: 1 +TEST SUITE: None +HOOKS: +MANIFEST: +--- +# Source: chart-with-secret/templates/secret.yaml +# HIDDEN: The Secret output has been suppressed +--- +# Source: chart-with-secret/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: test-configmap +data: + foo: bar + diff --git a/cmd/helm/testdata/output/install-dry-run-with-secret.txt b/cmd/helm/testdata/output/install-dry-run-with-secret.txt new file mode 100644 index 000000000..6c094ef6a --- /dev/null +++ b/cmd/helm/testdata/output/install-dry-run-with-secret.txt @@ -0,0 +1,25 @@ +NAME: secrets +LAST DEPLOYED: Fri Sep 2 22:04:05 1977 +NAMESPACE: default +STATUS: pending-install +REVISION: 1 +TEST SUITE: None +HOOKS: +MANIFEST: +--- +# Source: chart-with-secret/templates/secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: test-secret +stringData: + foo: bar +--- +# Source: chart-with-secret/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: test-configmap +data: + foo: bar + diff --git a/cmd/helm/testdata/output/install-hide-secret.txt b/cmd/helm/testdata/output/install-hide-secret.txt new file mode 100644 index 000000000..aaf73b478 --- /dev/null +++ b/cmd/helm/testdata/output/install-hide-secret.txt @@ -0,0 +1 @@ +Error: INSTALLATION FAILED: Hiding Kubernetes secrets requires a dry-run mode diff --git a/cmd/helm/testdata/output/lint-chart-with-deprecated-api-old-k8s.txt b/cmd/helm/testdata/output/lint-chart-with-deprecated-api-old-k8s.txt new file mode 100644 index 000000000..bd0d70000 --- /dev/null +++ b/cmd/helm/testdata/output/lint-chart-with-deprecated-api-old-k8s.txt @@ -0,0 +1,4 @@ +==> Linting testdata/testcharts/chart-with-deprecated-api +[INFO] Chart.yaml: icon is recommended + +1 chart(s) linted, 0 chart(s) failed diff --git a/cmd/helm/testdata/output/lint-chart-with-deprecated-api-strict.txt b/cmd/helm/testdata/output/lint-chart-with-deprecated-api-strict.txt new file mode 100644 index 000000000..a1ec4394e --- /dev/null +++ b/cmd/helm/testdata/output/lint-chart-with-deprecated-api-strict.txt @@ -0,0 +1,5 @@ +==> Linting testdata/testcharts/chart-with-deprecated-api +[INFO] Chart.yaml: icon is recommended +[WARNING] templates/horizontalpodautoscaler.yaml: autoscaling/v2beta1 HorizontalPodAutoscaler is deprecated in v1.22+, unavailable in v1.25+; use autoscaling/v2 HorizontalPodAutoscaler + +Error: 1 chart(s) linted, 1 chart(s) failed diff --git a/cmd/helm/testdata/output/lint-chart-with-deprecated-api.txt b/cmd/helm/testdata/output/lint-chart-with-deprecated-api.txt new file mode 100644 index 000000000..dac54620c --- /dev/null +++ b/cmd/helm/testdata/output/lint-chart-with-deprecated-api.txt @@ -0,0 +1,5 @@ +==> Linting testdata/testcharts/chart-with-deprecated-api +[INFO] Chart.yaml: icon is recommended +[WARNING] templates/horizontalpodautoscaler.yaml: autoscaling/v2beta1 HorizontalPodAutoscaler is deprecated in v1.22+, unavailable in v1.25+; use autoscaling/v2 HorizontalPodAutoscaler + +1 chart(s) linted, 0 chart(s) failed diff --git a/cmd/helm/testdata/output/upgrade-uninstalled-with-keep-history.txt b/cmd/helm/testdata/output/upgrade-uninstalled-with-keep-history.txt new file mode 100644 index 000000000..f53b8715a --- /dev/null +++ b/cmd/helm/testdata/output/upgrade-uninstalled-with-keep-history.txt @@ -0,0 +1,7 @@ +Release "funny-bunny" does not exist. Installing it now. +NAME: funny-bunny +LAST DEPLOYED: Fri Sep 2 22:04:05 1977 +NAMESPACE: default +STATUS: deployed +REVISION: 3 +TEST SUITE: None diff --git a/cmd/helm/testdata/output/version-client-shorthand.txt b/cmd/helm/testdata/output/version-client-shorthand.txt index 9a42dcba7..e204f7a48 100644 --- a/cmd/helm/testdata/output/version-client-shorthand.txt +++ b/cmd/helm/testdata/output/version-client-shorthand.txt @@ -1 +1 @@ -version.BuildInfo{Version:"v3.13", GitCommit:"", GitTreeState:"", GoVersion:""} +version.BuildInfo{Version:"v3.14", GitCommit:"", GitTreeState:"", GoVersion:""} diff --git a/cmd/helm/testdata/output/version-client.txt b/cmd/helm/testdata/output/version-client.txt index 9a42dcba7..e204f7a48 100644 --- a/cmd/helm/testdata/output/version-client.txt +++ b/cmd/helm/testdata/output/version-client.txt @@ -1 +1 @@ -version.BuildInfo{Version:"v3.13", GitCommit:"", GitTreeState:"", GoVersion:""} +version.BuildInfo{Version:"v3.14", GitCommit:"", GitTreeState:"", GoVersion:""} diff --git a/cmd/helm/testdata/output/version-short.txt b/cmd/helm/testdata/output/version-short.txt index 588b5b7c5..3ef02b861 100644 --- a/cmd/helm/testdata/output/version-short.txt +++ b/cmd/helm/testdata/output/version-short.txt @@ -1 +1 @@ -v3.13 +v3.14 diff --git a/cmd/helm/testdata/output/version-template.txt b/cmd/helm/testdata/output/version-template.txt index b6f541d94..d33c5a920 100644 --- a/cmd/helm/testdata/output/version-template.txt +++ b/cmd/helm/testdata/output/version-template.txt @@ -1 +1 @@ -Version: v3.13 \ No newline at end of file +Version: v3.14 \ No newline at end of file diff --git a/cmd/helm/testdata/output/version.txt b/cmd/helm/testdata/output/version.txt index 9a42dcba7..e204f7a48 100644 --- a/cmd/helm/testdata/output/version.txt +++ b/cmd/helm/testdata/output/version.txt @@ -1 +1 @@ -version.BuildInfo{Version:"v3.13", GitCommit:"", GitTreeState:"", GoVersion:""} +version.BuildInfo{Version:"v3.14", GitCommit:"", GitTreeState:"", GoVersion:""} diff --git a/cmd/helm/testdata/testcharts/chart-with-deprecated-api/Chart.yaml b/cmd/helm/testdata/testcharts/chart-with-deprecated-api/Chart.yaml new file mode 100644 index 000000000..3a6e99952 --- /dev/null +++ b/cmd/helm/testdata/testcharts/chart-with-deprecated-api/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +appVersion: "1.0.0" +description: A Helm chart for Kubernetes +name: chart-with-deprecated-api +type: application +version: 1.0.0 diff --git a/cmd/helm/testdata/testcharts/chart-with-deprecated-api/templates/horizontalpodautoscaler.yaml b/cmd/helm/testdata/testcharts/chart-with-deprecated-api/templates/horizontalpodautoscaler.yaml new file mode 100644 index 000000000..b77a4beeb --- /dev/null +++ b/cmd/helm/testdata/testcharts/chart-with-deprecated-api/templates/horizontalpodautoscaler.yaml @@ -0,0 +1,9 @@ +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: deprecated +spec: + scaleTargetRef: + kind: Pod + name: pod + maxReplicas: 3 \ No newline at end of file diff --git a/internal/ignore/testdata/.joonix b/cmd/helm/testdata/testcharts/chart-with-deprecated-api/values.yaml similarity index 100% rename from internal/ignore/testdata/.joonix rename to cmd/helm/testdata/testcharts/chart-with-deprecated-api/values.yaml diff --git a/cmd/helm/testdata/testcharts/chart-with-secret/Chart.yaml b/cmd/helm/testdata/testcharts/chart-with-secret/Chart.yaml new file mode 100644 index 000000000..46d069e1c --- /dev/null +++ b/cmd/helm/testdata/testcharts/chart-with-secret/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v2 +description: Chart with Kubernetes Secret +name: chart-with-secret +version: 0.0.1 diff --git a/cmd/helm/testdata/testcharts/chart-with-secret/templates/configmap.yaml b/cmd/helm/testdata/testcharts/chart-with-secret/templates/configmap.yaml new file mode 100644 index 000000000..ce9c27d56 --- /dev/null +++ b/cmd/helm/testdata/testcharts/chart-with-secret/templates/configmap.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: test-configmap +data: + foo: bar diff --git a/cmd/helm/testdata/testcharts/chart-with-secret/templates/secret.yaml b/cmd/helm/testdata/testcharts/chart-with-secret/templates/secret.yaml new file mode 100644 index 000000000..b1e1cff56 --- /dev/null +++ b/cmd/helm/testdata/testcharts/chart-with-secret/templates/secret.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Secret +metadata: + name: test-secret +stringData: + foo: bar diff --git a/cmd/helm/uninstall.go b/cmd/helm/uninstall.go index 9ced8fef0..3c4517b50 100644 --- a/cmd/helm/uninstall.go +++ b/cmd/helm/uninstall.go @@ -47,10 +47,10 @@ func newUninstallCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "uninstall a release", Long: uninstallDesc, Args: require.MinimumNArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return compListReleases(toComplete, args, cfg) }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { validationErr := validateCascadeFlag(client) if validationErr != nil { return validationErr diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index e7c6dd166..829da146c 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -36,6 +36,7 @@ import ( "helm.sh/helm/v3/pkg/cli/values" "helm.sh/helm/v3/pkg/downloader" "helm.sh/helm/v3/pkg/getter" + "helm.sh/helm/v3/pkg/release" "helm.sh/helm/v3/pkg/storage/driver" ) @@ -72,6 +73,10 @@ parameters, and existing values will be merged with any values set via '--values or '--set' flags. Priority is given to new values. $ helm upgrade --reuse-values --set foo=bar --set foo=newbar redis ./redis + +The --dry-run flag will output all generated chart manifests, including Secrets +which can contain sensitive values. To hide Kubernetes Secrets use the +--hide-secret flag. Please carefully consider how and when these flags are used. ` func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { @@ -85,7 +90,7 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { Short: "upgrade a release", Long: upgradeDesc, Args: require.ExactArgs(2), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { return compListReleases(toComplete, args, cfg) } @@ -94,7 +99,7 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { } return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { client.Namespace = settings.Namespace() registryClient, err := newRegistryClient(client.CertFile, client.KeyFile, client.CaFile, @@ -111,12 +116,13 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { client.DryRunOption = "none" } // Fixes #7002 - Support reading values from STDIN for `upgrade` command - // Must load values AFTER determining if we have to call install so that values loaded from stdin are are not read twice + // Must load values AFTER determining if we have to call install so that values loaded from stdin are not read twice if client.Install { // If a release does not exist, install it. histClient := action.NewHistory(cfg) histClient.Max = 1 - if _, err := histClient.Run(args[0]); err == driver.ErrReleaseNotFound { + versions, err := histClient.Run(args[0]) + if err == driver.ErrReleaseNotFound || isReleaseUninstalled(versions) { // Only print this to stdout for table output if outfmt == output.Table { fmt.Fprintf(out, "Release %q does not exist. Installing it now.\n", args[0]) @@ -142,6 +148,11 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { instClient.DependencyUpdate = client.DependencyUpdate instClient.Labels = client.Labels instClient.EnableDNS = client.EnableDNS + instClient.HideSecret = client.HideSecret + + if isReleaseUninstalled(versions) { + instClient.Replace = true + } rel, err := runInstall(args, instClient, valueOpts, out) if err != nil { @@ -242,6 +253,7 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { f.BoolVarP(&client.Install, "install", "i", false, "if a release by this name doesn't already exist, run an install") f.BoolVar(&client.Devel, "devel", false, "use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored") f.StringVar(&client.DryRunOption, "dry-run", "", "simulate an install. If --dry-run is set with no option being specified or as '--dry-run=client', it will not attempt cluster connections. Setting '--dry-run=server' allows attempting cluster connections.") + f.BoolVar(&client.HideSecret, "hide-secret", false, "hide Kubernetes Secrets when also using the --dry-run flag") f.Lookup("dry-run").NoOptDefVal = "client" f.BoolVar(&client.Recreate, "recreate-pods", false, "performs pods restart for the resource if applicable") f.MarkDeprecated("recreate-pods", "functionality will no longer be updated. Consult the documentation for other methods to recreate pods") @@ -268,7 +280,7 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { bindOutputFlag(cmd, &outfmt) bindPostRenderFlag(cmd, &client.PostRenderer) - err := cmd.RegisterFlagCompletionFunc("version", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + err := cmd.RegisterFlagCompletionFunc("version", func(_ *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { if len(args) != 2 { return nil, cobra.ShellCompDirectiveNoFileComp } @@ -281,3 +293,7 @@ func newUpgradeCmd(cfg *action.Configuration, out io.Writer) *cobra.Command { return cmd } + +func isReleaseUninstalled(versions []*release.Release) bool { + return len(versions) > 0 && versions[len(versions)-1].Info.Status == release.StatusUninstalled +} diff --git a/cmd/helm/upgrade_test.go b/cmd/helm/upgrade_test.go index 485267d1d..497c78d71 100644 --- a/cmd/helm/upgrade_test.go +++ b/cmd/helm/upgrade_test.go @@ -175,6 +175,12 @@ func TestUpgradeCmd(t *testing.T) { wantError: true, rels: []*release.Release{relWithStatusMock("funny-bunny", 2, ch, release.StatusPendingInstall)}, }, + { + name: "install a previously uninstalled release with '--keep-history' using 'upgrade --install'", + cmd: fmt.Sprintf("upgrade funny-bunny -i '%s'", chartPath), + golden: "output/upgrade-uninstalled-with-keep-history.txt", + rels: []*release.Release{relWithStatusMock("funny-bunny", 2, ch, release.StatusUninstalled)}, + }, } runTestCmd(t, tests) } @@ -458,3 +464,104 @@ func TestUpgradeInstallWithLabels(t *testing.T) { t.Errorf("Expected {%v}, got {%v}", expectedLabels, updatedRel.Labels) } } + +func prepareMockReleaseWithSecret(releaseName string, t *testing.T) (func(n string, v int, ch *chart.Chart) *release.Release, *chart.Chart, string) { + tmpChart := t.TempDir() + configmapData, err := os.ReadFile("testdata/testcharts/chart-with-secret/templates/configmap.yaml") + if err != nil { + t.Fatalf("Error loading template yaml %v", err) + } + secretData, err := os.ReadFile("testdata/testcharts/chart-with-secret/templates/secret.yaml") + if err != nil { + t.Fatalf("Error loading template yaml %v", err) + } + cfile := &chart.Chart{ + Metadata: &chart.Metadata{ + APIVersion: chart.APIVersionV1, + Name: "testUpgradeChart", + Description: "A Helm chart for Kubernetes", + Version: "0.1.0", + }, + Templates: []*chart.File{{Name: "templates/configmap.yaml", Data: configmapData}, {Name: "templates/secret.yaml", Data: secretData}}, + } + chartPath := filepath.Join(tmpChart, cfile.Metadata.Name) + if err := chartutil.SaveDir(cfile, tmpChart); err != nil { + t.Fatalf("Error creating chart for upgrade: %v", err) + } + ch, err := loader.Load(chartPath) + if err != nil { + t.Fatalf("Error loading chart: %v", err) + } + _ = release.Mock(&release.MockReleaseOptions{ + Name: releaseName, + Chart: ch, + }) + + relMock := func(n string, v int, ch *chart.Chart) *release.Release { + return release.Mock(&release.MockReleaseOptions{Name: n, Version: v, Chart: ch}) + } + + return relMock, ch, chartPath +} + +func TestUpgradeWithDryRun(t *testing.T) { + releaseName := "funny-bunny-labels" + _, _, chartPath := prepareMockReleaseWithSecret(releaseName, t) + + defer resetEnv()() + + store := storageFixture() + + // First install a release into the store so that future --dry-run attempts + // have it available. + cmd := fmt.Sprintf("upgrade %s --install '%s'", releaseName, chartPath) + _, _, err := executeActionCommandC(store, cmd) + if err != nil { + t.Errorf("unexpected error, got '%v'", err) + } + + _, err = store.Get(releaseName, 1) + if err != nil { + t.Errorf("unexpected error, got '%v'", err) + } + + cmd = fmt.Sprintf("upgrade %s --dry-run '%s'", releaseName, chartPath) + _, out, err := executeActionCommandC(store, cmd) + if err != nil { + t.Errorf("unexpected error, got '%v'", err) + } + + // No second release should be stored because this is a dry run. + _, err = store.Get(releaseName, 2) + if err == nil { + t.Error("expected error as there should be no new release but got none") + } + + if !strings.Contains(out, "kind: Secret") { + t.Error("expected secret in output from --dry-run but found none") + } + + // Ensure the secret is not in the output + cmd = fmt.Sprintf("upgrade %s --dry-run --hide-secret '%s'", releaseName, chartPath) + _, out, err = executeActionCommandC(store, cmd) + if err != nil { + t.Errorf("unexpected error, got '%v'", err) + } + + // No second release should be stored because this is a dry run. + _, err = store.Get(releaseName, 2) + if err == nil { + t.Error("expected error as there should be no new release but got none") + } + + if strings.Contains(out, "kind: Secret") { + t.Error("expected no secret in output from --dry-run --hide-secret but found one") + } + + // Ensure there is an error when --hide-secret used without dry-run + cmd = fmt.Sprintf("upgrade %s --hide-secret '%s'", releaseName, chartPath) + _, _, err = executeActionCommandC(store, cmd) + if err == nil { + t.Error("expected error when --hide-secret used without --dry-run") + } +} diff --git a/cmd/helm/verify.go b/cmd/helm/verify.go index d126c9ef3..f667a31e9 100644 --- a/cmd/helm/verify.go +++ b/cmd/helm/verify.go @@ -44,7 +44,7 @@ func newVerifyCmd(out io.Writer) *cobra.Command { Short: "verify that a chart at the given path has been signed and is valid", Long: verifyDesc, Args: require.ExactArgs(1), - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { + ValidArgsFunction: func(_ *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) { if len(args) == 0 { // Allow file completion when completing the argument for the path return nil, cobra.ShellCompDirectiveDefault @@ -52,7 +52,7 @@ func newVerifyCmd(out io.Writer) *cobra.Command { // No more completions, so disable file completion return nil, cobra.ShellCompDirectiveNoFileComp }, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, args []string) error { err := client.Run(args[0]) if err != nil { return err diff --git a/cmd/helm/version.go b/cmd/helm/version.go index d62778f7b..409fc6fd9 100644 --- a/cmd/helm/version.go +++ b/cmd/helm/version.go @@ -66,7 +66,7 @@ func newVersionCmd(out io.Writer) *cobra.Command { Long: versionDesc, Args: require.NoArgs, ValidArgsFunction: noCompletions, - RunE: func(cmd *cobra.Command, args []string) error { + RunE: func(_ *cobra.Command, _ []string) error { return o.run(out) }, } diff --git a/go.mod b/go.mod index dca6d3b08..f35d16cbb 100644 --- a/go.mod +++ b/go.mod @@ -1,16 +1,16 @@ module helm.sh/helm/v3 -go 1.19 +go 1.22.0 require ( github.com/BurntSushi/toml v1.3.2 - github.com/DATA-DOG/go-sqlmock v1.5.0 + github.com/DATA-DOG/go-sqlmock v1.5.2 github.com/Masterminds/semver/v3 v3.2.1 github.com/Masterminds/sprig/v3 v3.2.3 github.com/Masterminds/squirrel v1.5.4 github.com/Masterminds/vcs v1.13.3 - github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 - github.com/containerd/containerd v1.7.6 + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 + github.com/containerd/containerd v1.7.12 github.com/cyphar/filepath-securejoin v0.2.4 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 github.com/evanphx/json-patch v5.7.0+incompatible @@ -29,21 +29,21 @@ require ( github.com/pkg/errors v0.9.1 github.com/rubenv/sql-migrate v1.5.2 github.com/sirupsen/logrus v1.9.3 - github.com/spf13/cobra v1.7.0 + github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.8.4 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/crypto v0.14.0 - golang.org/x/term v0.13.0 - golang.org/x/text v0.13.0 - k8s.io/api v0.28.2 - k8s.io/apiextensions-apiserver v0.28.2 - k8s.io/apimachinery v0.28.2 - k8s.io/apiserver v0.28.2 - k8s.io/cli-runtime v0.28.2 - k8s.io/client-go v0.28.2 - k8s.io/klog/v2 v2.100.1 - k8s.io/kubectl v0.28.2 + golang.org/x/crypto v0.21.0 + golang.org/x/term v0.18.0 + golang.org/x/text v0.14.0 + k8s.io/api v0.30.0 + k8s.io/apiextensions-apiserver v0.30.0 + k8s.io/apimachinery v0.30.0 + k8s.io/apiserver v0.30.0 + k8s.io/cli-runtime v0.30.0 + k8s.io/client-go v0.30.0 + k8s.io/klog/v2 v2.120.1 + k8s.io/kubectl v0.30.0 oras.land/oras-go v1.2.4 sigs.k8s.io/yaml v1.4.0 ) @@ -53,7 +53,7 @@ require ( github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Microsoft/hcsshim v0.11.0 // indirect + github.com/Microsoft/hcsshim v0.11.4 // indirect github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bshuster-repo/logrus-logstash-hook v1.0.0 // indirect @@ -62,40 +62,42 @@ require ( github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/containerd/log v0.1.0 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/docker/cli v24.0.6+incompatible // indirect github.com/docker/distribution v2.8.2+incompatible // indirect - github.com/docker/docker v24.0.7+incompatible // indirect + github.com/docker/docker v24.0.9+incompatible // indirect github.com/docker/docker-credential-helpers v0.7.0 // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 // indirect - github.com/emicklei/go-restful/v3 v3.10.1 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/color v1.13.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fvbommel/sortorder v1.1.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/swag v0.22.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/gomodule/redigo v1.8.2 // indirect github.com/google/btree v1.0.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.3.0 // indirect github.com/gorilla/handlers v1.5.1 // indirect github.com/gorilla/mux v1.8.0 // indirect + github.com/gorilla/websocket v1.5.0 // indirect github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect @@ -123,6 +125,7 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/morikuni/aec v1.0.0 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pmezard/go-difflib v1.0.0 // indirect @@ -139,26 +142,28 @@ require ( github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 // indirect github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 // indirect github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f // indirect - go.opentelemetry.io/otel v1.14.0 // indirect - go.opentelemetry.io/otel/trace v1.14.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect + go.opentelemetry.io/otel v1.19.0 // indirect + go.opentelemetry.io/otel/metric v1.19.0 // indirect + go.opentelemetry.io/otel/trace v1.19.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect - golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect - golang.org/x/sync v0.3.0 // indirect - golang.org/x/sys v0.13.0 // indirect + golang.org/x/net v0.23.0 // indirect + golang.org/x/oauth2 v0.10.0 // indirect + golang.org/x/sync v0.6.0 // indirect + golang.org/x/sys v0.18.0 // indirect golang.org/x/time v0.3.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect - google.golang.org/grpc v1.56.3 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/grpc v1.58.3 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.28.2 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect + k8s.io/component-base v0.30.0 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index a6d1e1b1b..fee2e9ee3 100644 --- a/go.sum +++ b/go.sum @@ -6,8 +6,8 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg6 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= -github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= +github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= +github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= @@ -22,20 +22,23 @@ github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA4 github.com/Masterminds/vcs v1.13.3 h1:IIA2aBdXvfbIM+yl/eTnL4hb1XwdpvuQLglAix1gweE= github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= -github.com/Microsoft/hcsshim v0.11.0 h1:7EFNIY4igHEXUdj1zXgAyU3fLc7QfOKHbkldRVTBdiM= -github.com/Microsoft/hcsshim v0.11.0/go.mod h1:OEthFdQv/AD2RAdzR6Mm1N1KPCztGKDurW1Z8b8VGMM= +github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= +github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= +github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 h1:4daAzAu0S6Vi7/lbWECcX0j45yZReDZ56BQsrVBOEEY= -github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bitly/go-simplejson v0.5.0 h1:6IH+V8/tVMab511d5bn4M7EwGXZf9Hj6i2xSwkNEM+Y= +github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng= @@ -54,13 +57,18 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM= -github.com/containerd/containerd v1.7.6 h1:oNAVsnhPoy4BTPQivLgTzI9Oleml9l/+eYIDYXRCYo8= -github.com/containerd/containerd v1.7.6/go.mod h1:SY6lrkkuJT40BVNO37tlYTSnKJnP5AXBc0fhx0q+TJ4= +github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw= +github.com/containerd/containerd v1.7.12 h1:+KQsnv4VnzyxWcfO9mlxxELaoztsDEjOuCMPAuPqgU0= +github.com/containerd/containerd v1.7.12/go.mod h1:/5OMpE1p0ylxtEUGY8kuCYkDRzJm9NO1TFMWjUpdevk= github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= -github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= +github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -72,8 +80,8 @@ github.com/docker/cli v24.0.6+incompatible h1:fF+XCQCgJjjQNIMjzaSmiKJSCcfcXb3TWT github.com/docker/cli v24.0.6+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v24.0.7+incompatible h1:Wo6l37AuwP3JaMnZa226lzVXGA3F9Ig1seQen0cKYlM= -github.com/docker/docker v24.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0= +github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= @@ -86,8 +94,8 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4= github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= -github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= @@ -102,6 +110,7 @@ github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSw github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= +github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= github.com/fvbommel/sortorder v1.1.0 h1:fUmoe+HLsBTctBDoaBwpQo5N+nrCp8g/BjKb/6ZQmYw= github.com/fvbommel/sortorder v1.1.0/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= @@ -111,10 +120,9 @@ github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpj github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= @@ -127,9 +135,13 @@ github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfC github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU= +github.com/gobuffalo/logger v1.0.6/go.mod h1:J31TBEHR1QLV2683OXTAItYIg8pv2JMHnF/quuAbMjs= github.com/gobuffalo/packd v1.0.1 h1:U2wXfRr4E9DH8IdsDLlRFwTZTK7hLfq9qT/QHXGVe/0= +github.com/gobuffalo/packd v1.0.1/go.mod h1:PP2POP3p3RXGz7Jh6eYEf93S7vA2za6xM7QT85L4+VY= github.com/gobuffalo/packr/v2 v2.8.3 h1:xE1yzvnO56cUC0sTpKR3DIbxZgB54AftTFMhB2XEWlY= +github.com/gobuffalo/packr/v2 v2.8.3/go.mod h1:0SahksCVcx4IMnigTjiFuyldmTrdTctXsOdiU5KwbKc= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= @@ -139,6 +151,7 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -149,9 +162,8 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= @@ -164,13 +176,14 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -181,6 +194,8 @@ github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= @@ -210,14 +225,17 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= +github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE= github.com/klauspost/compress v1.16.0 h1:iULayQNOReoYUe+1qtKOqw9CwJv3aNQu8ivo7lw1HU4= github.com/klauspost/compress v1.16.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -234,8 +252,11 @@ github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI= +github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc= github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY= +github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2aSZ0mcI= github.com/markbates/safe v1.0.1 h1:yjZkbvRM6IzKj9tlu/zMJLS0n/V351OZWRnF3QfaUxI= +github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= @@ -250,6 +271,7 @@ github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebG github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI= +github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= @@ -261,6 +283,7 @@ github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HK github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f h1:2+myh5ml7lgEU/51gbeLHfKGNfgEQQIWrlbdaOsidbQ= +github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= @@ -269,6 +292,7 @@ github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQ github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= +github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -285,8 +309,12 @@ github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7P github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= +github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= +github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE= +github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= @@ -301,6 +329,7 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY= +github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjzg= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= @@ -321,11 +350,13 @@ github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDa github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/rubenv/sql-migrate v1.5.2 h1:bMDqOnrJVV/6JQgQ/MxOpU+AdO8uzYYA/TxFUBzFtS0= github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWxs+kmzlg0Is= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= +github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= @@ -335,8 +366,8 @@ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVs github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -372,10 +403,15 @@ github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPS github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= -go.opentelemetry.io/otel v1.14.0 h1:/79Huy8wbf5DnIPhemGB+zEPVwnN6fuQybr/SRXa6hM= -go.opentelemetry.io/otel v1.14.0/go.mod h1:o4buv+dJzx8rohcUeRmWUZhqupFvzWis188WlggnNeU= -go.opentelemetry.io/otel/trace v1.14.0 h1:wp2Mmvj41tDsyAJXiWDWpfNsOiIyd38fy85pyKcFq/M= -go.opentelemetry.io/otel/trace v1.14.0/go.mod h1:8avnQLK+CG77yNLUae4ea2JDQ6iT+gozhnZjy/rw9G8= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 h1:x8Z78aZx8cOF0+Kkazoc7lwUNMGy0LrzEMxTm4BbTxg= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0/go.mod h1:62CPTSry9QZtOaSsE3tOzhx6LzDhHnXJ6xHeMNNiM6Q= +go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= +go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= +go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= +go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -385,8 +421,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= @@ -394,7 +430,8 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= +golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -410,11 +447,11 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= +golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -422,8 +459,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -444,21 +481,21 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -471,7 +508,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y= +golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -483,13 +521,13 @@ google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 h1:0nDDozoAU19Qb2HwhXadU8OcsiO/09cnTqhUtq2MEOM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc= -google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= +google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -498,10 +536,8 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -519,30 +555,31 @@ gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= +gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.28.2 h1:9mpl5mOb6vXZvqbQmankOfPIGiudghwCoLl1EYfUZbw= -k8s.io/api v0.28.2/go.mod h1:RVnJBsjU8tcMq7C3iaRSGMeaKt2TWEUXcpIt/90fjEg= -k8s.io/apiextensions-apiserver v0.28.2 h1:J6/QRWIKV2/HwBhHRVITMLYoypCoPY1ftigDM0Kn+QU= -k8s.io/apiextensions-apiserver v0.28.2/go.mod h1:5tnkxLGa9nefefYzWuAlWZ7RZYuN/765Au8cWLA6SRg= -k8s.io/apimachinery v0.28.2 h1:KCOJLrc6gu+wV1BYgwik4AF4vXOlVJPdiqn0yAWWwXQ= -k8s.io/apimachinery v0.28.2/go.mod h1:RdzF87y/ngqk9H4z3EL2Rppv5jj95vGS/HaFXrLDApU= -k8s.io/apiserver v0.28.2 h1:rBeYkLvF94Nku9XfXyUIirsVzCzJBs6jMn3NWeHieyI= -k8s.io/apiserver v0.28.2/go.mod h1:f7D5e8wH8MWcKD7azq6Csw9UN+CjdtXIVQUyUhrtb+E= -k8s.io/cli-runtime v0.28.2 h1:64meB2fDj10/ThIMEJLO29a1oujSm0GQmKzh1RtA/uk= -k8s.io/cli-runtime v0.28.2/go.mod h1:bTpGOvpdsPtDKoyfG4EG041WIyFZLV9qq4rPlkyYfDA= -k8s.io/client-go v0.28.2 h1:DNoYI1vGq0slMBN/SWKMZMw0Rq+0EQW6/AK4v9+3VeY= -k8s.io/client-go v0.28.2/go.mod h1:sMkApowspLuc7omj1FOSUxSoqjr+d5Q0Yc0LOFnYFJY= -k8s.io/component-base v0.28.2 h1:Yc1yU+6AQSlpJZyvehm/NkJBII72rzlEsd6MkBQ+G0E= -k8s.io/component-base v0.28.2/go.mod h1:4IuQPQviQCg3du4si8GpMrhAIegxpsgPngPRR/zWpzc= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/kubectl v0.28.2 h1:fOWOtU6S0smdNjG1PB9WFbqEIMlkzU5ahyHkc7ESHgM= -k8s.io/kubectl v0.28.2/go.mod h1:6EQWTPySF1fn7yKoQZHYf9TPwIl2AygHEcJoxFekr64= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= +k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= +k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= +k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= +k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= +k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.0 h1:QCec+U72tMQ+9tR6A0sMBB5Vh6ImCEkoKkTDRABWq6M= +k8s.io/apiserver v0.30.0/go.mod h1:smOIBq8t0MbKZi7O7SyIpjPsiKJ8qa+llcFCluKyqiY= +k8s.io/cli-runtime v0.30.0 h1:0vn6/XhOvn1RJ2KJOC6IRR2CGqrpT6QQF4+8pYpWQ48= +k8s.io/cli-runtime v0.30.0/go.mod h1:vATpDMATVTMA79sZ0YUCzlMelf6rUjoBzlp+RnoM+cg= +k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= +k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= +k8s.io/component-base v0.30.0 h1:cj6bp38g0ainlfYtaOQuRELh5KSYjhKxM+io7AUIk4o= +k8s.io/component-base v0.30.0/go.mod h1:V9x/0ePFNaKeKYA3bOvIbrNoluTSG+fSJKjLdjOoeXQ= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/kubectl v0.30.0 h1:xbPvzagbJ6RNYVMVuiHArC1grrV5vSmmIcSZuCdzRyk= +k8s.io/kubectl v0.30.0/go.mod h1:zgolRw2MQXLPwmic2l/+iHs239L49fhSeICuMhQQXTI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY= oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= @@ -551,9 +588,9 @@ sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKU sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/internal/monocular/search_test.go b/internal/monocular/search_test.go index 9f6954af7..fc82ef4b4 100644 --- a/internal/monocular/search_test.go +++ b/internal/monocular/search_test.go @@ -28,7 +28,7 @@ var searchResult = `{"data":[{"id":"stable/phpmyadmin","type":"chart","attribute func TestSearch(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { fmt.Fprintln(w, searchResult) })) defer ts.Close() diff --git a/internal/sympath/walk_test.go b/internal/sympath/walk_test.go index 25f737134..04e0738b9 100644 --- a/internal/sympath/walk_test.go +++ b/internal/sympath/walk_test.go @@ -119,7 +119,7 @@ func mark(info os.FileInfo, err error, errors *[]error, clear bool) error { return err } name := info.Name() - walkTree(tree, tree.name, func(path string, n *Node) { + walkTree(tree, tree.name, func(_ string, n *Node) { if n.name == name { n.marks++ } @@ -131,7 +131,7 @@ func TestWalk(t *testing.T) { makeTree(t) errors := make([]error, 0, 10) clear := true - markFn := func(path string, info os.FileInfo, err error) error { + markFn := func(_ string, info os.FileInfo, err error) error { return mark(info, err, &errors, clear) } // Expect no errors. diff --git a/internal/version/version.go b/internal/version/version.go index b29891ec6..414957bc9 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -29,7 +29,7 @@ var ( // // Increment major number for new feature additions and behavioral changes. // Increment minor number for bug fixes and performance enhancements. - version = "v3.13" + version = "v3.14" // metadata is extra build time data metadata = "" diff --git a/pkg/action/action.go b/pkg/action/action.go index 5693f4838..863c48f07 100644 --- a/pkg/action/action.go +++ b/pkg/action/action.go @@ -103,7 +103,7 @@ type Configuration struct { // TODO: As part of the refactor the duplicate code in cmd/helm/template.go should be removed // // This code has to do with writing files to disk. -func (cfg *Configuration) renderResources(ch *chart.Chart, values chartutil.Values, releaseName, outputDir string, subNotes, useReleaseName, includeCrds bool, pr postrender.PostRenderer, interactWithRemote, enableDNS bool) ([]*release.Hook, *bytes.Buffer, string, error) { +func (cfg *Configuration) renderResources(ch *chart.Chart, values chartutil.Values, releaseName, outputDir string, subNotes, useReleaseName, includeCrds bool, pr postrender.PostRenderer, interactWithRemote, enableDNS, hideSecret bool) ([]*release.Hook, *bytes.Buffer, string, error) { hs := []*release.Hook{} b := bytes.NewBuffer(nil) @@ -200,7 +200,11 @@ func (cfg *Configuration) renderResources(ch *chart.Chart, values chartutil.Valu for _, m := range manifests { if outputDir == "" { - fmt.Fprintf(b, "---\n# Source: %s\n%s\n", m.Name, m.Content) + if hideSecret && m.Head.Kind == "Secret" && m.Head.Version == "v1" { + fmt.Fprintf(b, "---\n# Source: %s\n# HIDDEN: The Secret output has been suppressed\n", m.Name) + } else { + fmt.Fprintf(b, "---\n# Source: %s\n%s\n", m.Name, m.Content) + } } else { newDir := outputDir if useReleaseName { diff --git a/pkg/action/action_test.go b/pkg/action/action_test.go index c4ef6c056..fdcfa7558 100644 --- a/pkg/action/action_test.go +++ b/pkg/action/action_test.go @@ -195,6 +195,13 @@ func withSampleTemplates() chartOption { } } +func withSampleSecret() chartOption { + return func(opts *chartOptions) { + sampleSecret := &chart.File{Name: "templates/secret.yaml", Data: []byte("apiVersion: v1\nkind: Secret\n")} + opts.Templates = append(opts.Templates, sampleSecret) + } +} + func withSampleIncludingIncorrectTemplates() chartOption { return func(opts *chartOptions) { sampleTemplates := []*chart.File{ diff --git a/pkg/action/hooks.go b/pkg/action/hooks.go index 40c1ffdb6..0af625dff 100644 --- a/pkg/action/hooks.go +++ b/pkg/action/hooks.go @@ -22,6 +22,7 @@ import ( "github.com/pkg/errors" + "helm.sh/helm/v3/pkg/kube" "helm.sh/helm/v3/pkg/release" helmtime "helm.sh/helm/v3/pkg/time" ) @@ -51,7 +52,7 @@ func (cfg *Configuration) execHook(rl *release.Release, hook release.HookEvent, h.DeletePolicies = []release.HookDeletePolicy{release.HookBeforeHookCreation} } - if err := cfg.deleteHookByPolicy(h, release.HookBeforeHookCreation); err != nil { + if err := cfg.deleteHookByPolicy(h, release.HookBeforeHookCreation, timeout); err != nil { return err } @@ -88,7 +89,7 @@ func (cfg *Configuration) execHook(rl *release.Release, hook release.HookEvent, h.LastRun.Phase = release.HookPhaseFailed // If a hook is failed, check the annotation of the hook to determine whether the hook should be deleted // under failed condition. If so, then clear the corresponding resource object in the hook - if err := cfg.deleteHookByPolicy(h, release.HookFailed); err != nil { + if err := cfg.deleteHookByPolicy(h, release.HookFailed, timeout); err != nil { return err } return err @@ -99,7 +100,7 @@ func (cfg *Configuration) execHook(rl *release.Release, hook release.HookEvent, // If all hooks are successful, check the annotation of each hook to determine whether the hook should be deleted // under succeeded condition. If so, then clear the corresponding resource object in each hook for _, h := range executingHooks { - if err := cfg.deleteHookByPolicy(h, release.HookSucceeded); err != nil { + if err := cfg.deleteHookByPolicy(h, release.HookSucceeded, timeout); err != nil { return err } } @@ -120,7 +121,7 @@ func (x hookByWeight) Less(i, j int) bool { } // deleteHookByPolicy deletes a hook if the hook policy instructs it to -func (cfg *Configuration) deleteHookByPolicy(h *release.Hook, policy release.HookDeletePolicy) error { +func (cfg *Configuration) deleteHookByPolicy(h *release.Hook, policy release.HookDeletePolicy, timeout time.Duration) error { // Never delete CustomResourceDefinitions; this could cause lots of // cascading garbage collection. if h.Kind == "CustomResourceDefinition" { @@ -135,6 +136,13 @@ func (cfg *Configuration) deleteHookByPolicy(h *release.Hook, policy release.Hoo if len(errs) > 0 { return errors.New(joinErrors(errs)) } + + //wait for resources until they are deleted to avoid conflicts + if kubeClient, ok := cfg.KubeClient.(kube.InterfaceExt); ok { + if err := kubeClient.WaitForDelete(resources, timeout); err != nil { + return err + } + } } return nil } diff --git a/pkg/action/install.go b/pkg/action/install.go index e3538a4f5..de612e3b7 100644 --- a/pkg/action/install.go +++ b/pkg/action/install.go @@ -69,11 +69,14 @@ type Install struct { ChartPathOptions - ClientOnly bool - Force bool - CreateNamespace bool - DryRun bool - DryRunOption string + ClientOnly bool + Force bool + CreateNamespace bool + DryRun bool + DryRunOption string + // HideSecret can be set to true when DryRun is enabled in order to hide + // Kubernetes Secrets in the output. It cannot be used outside of DryRun. + HideSecret bool DisableHooks bool Replace bool Wait bool @@ -230,6 +233,11 @@ func (i *Install) RunWithContext(ctx context.Context, chrt *chart.Chart, vals ma } } + // HideSecret must be used with dry run. Otherwise, return an error. + if !i.isDryRun() && i.HideSecret { + return nil, errors.New("Hiding Kubernetes secrets requires a dry-run mode") + } + if err := i.availableName(); err != nil { return nil, err } @@ -301,7 +309,7 @@ func (i *Install) RunWithContext(ctx context.Context, chrt *chart.Chart, vals ma rel := i.createRelease(chrt, vals, i.Labels) var manifestDoc *bytes.Buffer - rel.Hooks, manifestDoc, rel.Info.Notes, err = i.cfg.renderResources(chrt, valuesToRender, i.ReleaseName, i.OutputDir, i.SubNotes, i.UseReleaseName, i.IncludeCRDs, i.PostRenderer, interactWithRemote, i.EnableDNS) + rel.Hooks, manifestDoc, rel.Info.Notes, err = i.cfg.renderResources(chrt, valuesToRender, i.ReleaseName, i.OutputDir, i.SubNotes, i.UseReleaseName, i.IncludeCRDs, i.PostRenderer, interactWithRemote, i.EnableDNS, i.HideSecret) // Even for errors, attach this if available if manifestDoc != nil { rel.Manifest = manifestDoc.String() diff --git a/pkg/action/install_test.go b/pkg/action/install_test.go index bc0890115..69b9cbc48 100644 --- a/pkg/action/install_test.go +++ b/pkg/action/install_test.go @@ -255,6 +255,46 @@ func TestInstallRelease_DryRun(t *testing.T) { is.Equal(res.Info.Description, "Dry run complete") } +func TestInstallRelease_DryRunHiddenSecret(t *testing.T) { + is := assert.New(t) + instAction := installAction(t) + + // First perform a normal dry-run with the secret and confirm its presence. + instAction.DryRun = true + vals := map[string]interface{}{} + res, err := instAction.Run(buildChart(withSampleSecret(), withSampleTemplates()), vals) + if err != nil { + t.Fatalf("Failed install: %s", err) + } + is.Contains(res.Manifest, "---\n# Source: hello/templates/secret.yaml\napiVersion: v1\nkind: Secret") + + _, err = instAction.cfg.Releases.Get(res.Name, res.Version) + is.Error(err) + is.Equal(res.Info.Description, "Dry run complete") + + // Perform a dry-run where the secret should not be present + instAction.HideSecret = true + vals = map[string]interface{}{} + res2, err := instAction.Run(buildChart(withSampleSecret(), withSampleTemplates()), vals) + if err != nil { + t.Fatalf("Failed install: %s", err) + } + + is.NotContains(res2.Manifest, "---\n# Source: hello/templates/secret.yaml\napiVersion: v1\nkind: Secret") + + _, err = instAction.cfg.Releases.Get(res2.Name, res2.Version) + is.Error(err) + is.Equal(res2.Info.Description, "Dry run complete") + + // Ensure there is an error when HideSecret True but not in a dry-run mode + instAction.DryRun = false + vals = map[string]interface{}{} + _, err = instAction.Run(buildChart(withSampleSecret(), withSampleTemplates()), vals) + if err == nil { + t.Fatalf("Did not get expected an error when dry-run false and hide secret is true") + } +} + // Regression test for #7955 func TestInstallRelease_DryRun_Lookup(t *testing.T) { is := assert.New(t) @@ -431,6 +471,9 @@ func TestInstallRelease_Atomic(t *testing.T) { failer.WaitError = fmt.Errorf("I timed out") instAction.cfg.KubeClient = failer instAction.Atomic = true + // disabling hooks to avoid an early fail when the + // the WaitForDelete is called on the pre-delete hook execution + instAction.DisableHooks = true vals := map[string]interface{}{} res, err := instAction.Run(buildChart(), vals) diff --git a/pkg/action/lint.go b/pkg/action/lint.go index e71cfe733..ca497f2b8 100644 --- a/pkg/action/lint.go +++ b/pkg/action/lint.go @@ -36,6 +36,7 @@ type Lint struct { Namespace string WithSubcharts bool Quiet bool + KubeVersion *chartutil.KubeVersion } // LintResult is the result of Lint @@ -58,7 +59,7 @@ func (l *Lint) Run(paths []string, vals map[string]interface{}) *LintResult { } result := &LintResult{} for _, path := range paths { - linter, err := lintChart(path, vals, l.Namespace, l.Strict) + linter, err := lintChart(path, vals, l.Namespace, l.KubeVersion) if err != nil { result.Errors = append(result.Errors, err) continue @@ -85,7 +86,7 @@ func HasWarningsOrErrors(result *LintResult) bool { return len(result.Errors) > 0 } -func lintChart(path string, vals map[string]interface{}, namespace string, strict bool) (support.Linter, error) { +func lintChart(path string, vals map[string]interface{}, namespace string, kubeVersion *chartutil.KubeVersion) (support.Linter, error) { var chartPath string linter := support.Linter{} @@ -124,5 +125,5 @@ func lintChart(path string, vals map[string]interface{}, namespace string, stric return linter, errors.Wrap(err, "unable to check Chart.yaml file in chart") } - return lint.All(chartPath, vals, namespace, strict), nil + return lint.AllWithKubeVersion(chartPath, vals, namespace, kubeVersion), nil } diff --git a/pkg/action/lint_test.go b/pkg/action/lint_test.go index ff69407ca..80bf4ce7e 100644 --- a/pkg/action/lint_test.go +++ b/pkg/action/lint_test.go @@ -23,7 +23,6 @@ import ( var ( values = make(map[string]interface{}) namespace = "testNamespace" - strict = false chart1MultipleChartLint = "testdata/charts/multiplecharts-lint-chart-1" chart2MultipleChartLint = "testdata/charts/multiplecharts-lint-chart-2" corruptedTgzChart = "testdata/charts/corrupted-compressed-chart.tgz" @@ -78,7 +77,7 @@ func TestLintChart(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - _, err := lintChart(tt.chartPath, map[string]interface{}{}, namespace, strict) + _, err := lintChart(tt.chartPath, map[string]interface{}{}, namespace, nil) switch { case err != nil && !tt.err: t.Errorf("%s", err) diff --git a/pkg/action/package.go b/pkg/action/package.go index 698169032..013b32f55 100644 --- a/pkg/action/package.go +++ b/pkg/action/package.go @@ -54,7 +54,7 @@ func NewPackage() *Package { } // Run executes 'helm package' against the given chart and returns the path to the packaged chart. -func (p *Package) Run(path string, vals map[string]interface{}) (string, error) { +func (p *Package) Run(path string, _ map[string]interface{}) (string, error) { ch, err := loader.LoadDir(path) if err != nil { return "", err @@ -161,7 +161,7 @@ func passphraseFileFetcher(passphraseFile string, stdin *os.File) (provenance.Pa if err != nil { return nil, err } - return func(name string) ([]byte, error) { + return func(_ string) ([]byte, error) { return passphrase, nil }, nil } diff --git a/pkg/action/registry_login.go b/pkg/action/registry_login.go index a55f2de58..cd144e1e7 100644 --- a/pkg/action/registry_login.go +++ b/pkg/action/registry_login.go @@ -73,7 +73,7 @@ func NewRegistryLogin(cfg *Configuration) *RegistryLogin { } // Run executes the registry login operation -func (a *RegistryLogin) Run(out io.Writer, hostname string, username string, password string, opts ...RegistryLoginOpt) error { +func (a *RegistryLogin) Run(_ io.Writer, hostname string, username string, password string, opts ...RegistryLoginOpt) error { for _, opt := range opts { if err := opt(a); err != nil { return err diff --git a/pkg/action/registry_logout.go b/pkg/action/registry_logout.go index 69add4163..7ce92defc 100644 --- a/pkg/action/registry_logout.go +++ b/pkg/action/registry_logout.go @@ -33,6 +33,6 @@ func NewRegistryLogout(cfg *Configuration) *RegistryLogout { } // Run executes the registry logout operation -func (a *RegistryLogout) Run(out io.Writer, hostname string) error { +func (a *RegistryLogout) Run(_ io.Writer, hostname string) error { return a.cfg.RegistryClient.Logout(hostname) } diff --git a/pkg/action/upgrade.go b/pkg/action/upgrade.go index ffb7538a6..2bd40a850 100644 --- a/pkg/action/upgrade.go +++ b/pkg/action/upgrade.go @@ -74,6 +74,9 @@ type Upgrade struct { DryRun bool // DryRunOption controls whether the operation is prepared, but not executed with options on whether or not to interact with the remote cluster. DryRunOption string + // HideSecret can be set to true when DryRun is enabled in order to hide + // Kubernetes Secrets in the output. It cannot be used outside of DryRun. + HideSecret bool // Force will, if set to `true`, ignore certain warnings and perform the upgrade anyway. // // This should be used with caution. @@ -191,6 +194,11 @@ func (u *Upgrade) prepareUpgrade(name string, chart *chart.Chart, vals map[strin return nil, nil, errMissingChart } + // HideSecret must be used with dry run. Otherwise, return an error. + if !u.isDryRun() && u.HideSecret { + return nil, nil, errors.New("Hiding Kubernetes secrets requires a dry-run mode") + } + // finds the last non-deleted release with the given name lastRelease, err := u.cfg.Releases.Last(name) if err != nil { @@ -259,7 +267,7 @@ func (u *Upgrade) prepareUpgrade(name string, chart *chart.Chart, vals map[strin interactWithRemote = true } - hooks, manifestDoc, notesTxt, err := u.cfg.renderResources(chart, valuesToRender, "", "", u.SubNotes, false, false, u.PostRenderer, interactWithRemote, u.EnableDNS) + hooks, manifestDoc, notesTxt, err := u.cfg.renderResources(chart, valuesToRender, "", "", u.SubNotes, false, false, u.PostRenderer, interactWithRemote, u.EnableDNS, u.HideSecret) if err != nil { return nil, nil, err } diff --git a/pkg/action/upgrade_test.go b/pkg/action/upgrade_test.go index e259605ce..78b4347e3 100644 --- a/pkg/action/upgrade_test.go +++ b/pkg/action/upgrade_test.go @@ -535,3 +535,54 @@ func TestUpgradeRelease_SystemLabels(t *testing.T) { is.Equal(fmt.Errorf("user suplied labels contains system reserved label name. System labels: %+v", driver.GetSystemLabels()), err) } + +func TestUpgradeRelease_DryRun(t *testing.T) { + is := assert.New(t) + req := require.New(t) + + upAction := upgradeAction(t) + rel := releaseStub() + rel.Name = "previous-release" + rel.Info.Status = release.StatusDeployed + req.NoError(upAction.cfg.Releases.Create(rel)) + + upAction.DryRun = true + vals := map[string]interface{}{} + + ctx, done := context.WithCancel(context.Background()) + res, err := upAction.RunWithContext(ctx, rel.Name, buildChart(withSampleSecret()), vals) + done() + req.NoError(err) + is.Equal(release.StatusPendingUpgrade, res.Info.Status) + is.Contains(res.Manifest, "kind: Secret") + + lastRelease, err := upAction.cfg.Releases.Last(rel.Name) + req.NoError(err) + is.Equal(lastRelease.Info.Status, release.StatusDeployed) + is.Equal(1, lastRelease.Version) + + // Test the case for hiding the secret to ensure it is not displayed + upAction.HideSecret = true + vals = map[string]interface{}{} + + ctx, done = context.WithCancel(context.Background()) + res, err = upAction.RunWithContext(ctx, rel.Name, buildChart(withSampleSecret()), vals) + done() + req.NoError(err) + is.Equal(release.StatusPendingUpgrade, res.Info.Status) + is.NotContains(res.Manifest, "kind: Secret") + + lastRelease, err = upAction.cfg.Releases.Last(rel.Name) + req.NoError(err) + is.Equal(lastRelease.Info.Status, release.StatusDeployed) + is.Equal(1, lastRelease.Version) + + // Ensure in a dry run mode when using HideSecret + upAction.DryRun = false + vals = map[string]interface{}{} + + ctx, done = context.WithCancel(context.Background()) + _, err = upAction.RunWithContext(ctx, rel.Name, buildChart(withSampleSecret()), vals) + done() + req.Error(err) +} diff --git a/pkg/chart/loader/archive_test.go b/pkg/chart/loader/archive_test.go index 41b0af1aa..4d6db9ed4 100644 --- a/pkg/chart/loader/archive_test.go +++ b/pkg/chart/loader/archive_test.go @@ -31,8 +31,8 @@ func TestLoadArchiveFiles(t *testing.T) { }{ { name: "empty input should return no files", - generate: func(w *tar.Writer) {}, - check: func(t *testing.T, files []*BufferedFile, err error) { + generate: func(_ *tar.Writer) {}, + check: func(t *testing.T, _ []*BufferedFile, err error) { if err.Error() != "no files in chart archive" { t.Fatalf(`expected "no files in chart archive", got [%#v]`, err) } diff --git a/pkg/chart/loader/directory.go b/pkg/chart/loader/directory.go index 489eea93c..9bcbee60c 100644 --- a/pkg/chart/loader/directory.go +++ b/pkg/chart/loader/directory.go @@ -25,9 +25,9 @@ import ( "github.com/pkg/errors" - "helm.sh/helm/v3/internal/ignore" "helm.sh/helm/v3/internal/sympath" "helm.sh/helm/v3/pkg/chart" + "helm.sh/helm/v3/pkg/ignore" ) var utf8bom = []byte{0xEF, 0xBB, 0xBF} diff --git a/pkg/chart/loader/load.go b/pkg/chart/loader/load.go index 7cc8878a8..f59c35a5e 100644 --- a/pkg/chart/loader/load.go +++ b/pkg/chart/loader/load.go @@ -134,6 +134,9 @@ func LoadFiles(files []*BufferedFile) (*chart.Chart, error) { if c.Metadata == nil { c.Metadata = new(chart.Metadata) } + if c.Metadata.APIVersion != chart.APIVersionV1 { + log.Printf("Warning: Dependency locking is handled in Chart.lock since apiVersion \"v2\". We recommend migrating to Chart.lock.") + } if c.Metadata.APIVersion == chart.APIVersionV1 { c.Files = append(c.Files, &chart.File{Name: f.Name, Data: f.Data}) } diff --git a/pkg/chart/metadata.go b/pkg/chart/metadata.go index ae572abb7..a08a97cd1 100644 --- a/pkg/chart/metadata.go +++ b/pkg/chart/metadata.go @@ -16,6 +16,7 @@ limitations under the License. package chart import ( + "path/filepath" "strings" "unicode" @@ -110,6 +111,11 @@ func (md *Metadata) Validate() error { if md.Name == "" { return ValidationError("chart.metadata.name is required") } + + if md.Name != filepath.Base(md.Name) { + return ValidationErrorf("chart.metadata.name %q is invalid", md.Name) + } + if md.Version == "" { return ValidationError("chart.metadata.version is required") } @@ -128,10 +134,19 @@ func (md *Metadata) Validate() error { // Aliases need to be validated here to make sure that the alias name does // not contain any illegal characters. + dependencies := map[string]*Dependency{} for _, dependency := range md.Dependencies { if err := dependency.Validate(); err != nil { return err } + key := dependency.Name + if dependency.Alias != "" { + key = dependency.Alias + } + if dependencies[key] != nil { + return ValidationErrorf("more than one dependency with name or alias %q", key) + } + dependencies[key] = dependency } return nil } diff --git a/pkg/chart/metadata_test.go b/pkg/chart/metadata_test.go index cc04f095b..62aea7261 100644 --- a/pkg/chart/metadata_test.go +++ b/pkg/chart/metadata_test.go @@ -21,34 +21,47 @@ import ( func TestValidate(t *testing.T) { tests := []struct { - md *Metadata - err error + name string + md *Metadata + err error }{ { + "chart without metadata", nil, ValidationError("chart.metadata is required"), }, { + "chart without apiVersion", &Metadata{Name: "test", Version: "1.0"}, ValidationError("chart.metadata.apiVersion is required"), }, { + "chart without name", &Metadata{APIVersion: "v2", Version: "1.0"}, ValidationError("chart.metadata.name is required"), }, { + "chart without name", + &Metadata{Name: "../../test", APIVersion: "v2", Version: "1.0"}, + ValidationError("chart.metadata.name \"../../test\" is invalid"), + }, + { + "chart without version", &Metadata{Name: "test", APIVersion: "v2"}, ValidationError("chart.metadata.version is required"), }, { + "chart with bad type", &Metadata{Name: "test", APIVersion: "v2", Version: "1.0", Type: "test"}, ValidationError("chart.metadata.type must be application or library"), }, { + "chart without dependency", &Metadata{Name: "test", APIVersion: "v2", Version: "1.0", Type: "application"}, nil, }, { + "dependency with valid alias", &Metadata{ Name: "test", APIVersion: "v2", @@ -61,6 +74,7 @@ func TestValidate(t *testing.T) { nil, }, { + "dependency with bad characters in alias", &Metadata{ Name: "test", APIVersion: "v2", @@ -73,6 +87,67 @@ func TestValidate(t *testing.T) { ValidationError("dependency \"bad\" has disallowed characters in the alias"), }, { + "same dependency twice", + &Metadata{ + Name: "test", + APIVersion: "v2", + Version: "1.0", + Type: "application", + Dependencies: []*Dependency{ + {Name: "foo", Alias: ""}, + {Name: "foo", Alias: ""}, + }, + }, + ValidationError("more than one dependency with name or alias \"foo\""), + }, + { + "two dependencies with alias from second dependency shadowing first one", + &Metadata{ + Name: "test", + APIVersion: "v2", + Version: "1.0", + Type: "application", + Dependencies: []*Dependency{ + {Name: "foo", Alias: ""}, + {Name: "bar", Alias: "foo"}, + }, + }, + ValidationError("more than one dependency with name or alias \"foo\""), + }, + { + // this case would make sense and could work in future versions of Helm, currently template rendering would + // result in undefined behaviour + "same dependency twice with different version", + &Metadata{ + Name: "test", + APIVersion: "v2", + Version: "1.0", + Type: "application", + Dependencies: []*Dependency{ + {Name: "foo", Alias: "", Version: "1.2.3"}, + {Name: "foo", Alias: "", Version: "1.0.0"}, + }, + }, + ValidationError("more than one dependency with name or alias \"foo\""), + }, + { + // this case would make sense and could work in future versions of Helm, currently template rendering would + // result in undefined behaviour + "two dependencies with same name but different repos", + &Metadata{ + Name: "test", + APIVersion: "v2", + Version: "1.0", + Type: "application", + Dependencies: []*Dependency{ + {Name: "foo", Repository: "repo-0"}, + {Name: "foo", Repository: "repo-1"}, + }, + }, + ValidationError("more than one dependency with name or alias \"foo\""), + }, + { + "dependencies has nil", &Metadata{ Name: "test", APIVersion: "v2", @@ -85,6 +160,7 @@ func TestValidate(t *testing.T) { ValidationError("dependencies must not contain empty or null nodes"), }, { + "maintainer not empty", &Metadata{ Name: "test", APIVersion: "v2", @@ -97,6 +173,7 @@ func TestValidate(t *testing.T) { ValidationError("maintainers must not contain empty or null nodes"), }, { + "version invalid", &Metadata{APIVersion: "v2", Name: "test", Version: "1.2.3.4"}, ValidationError("chart.metadata.version \"1.2.3.4\" is invalid"), }, @@ -105,7 +182,7 @@ func TestValidate(t *testing.T) { for _, tt := range tests { result := tt.md.Validate() if result != tt.err { - t.Errorf("expected '%s', got '%s'", tt.err, result) + t.Errorf("expected %q, got %q in test %q", tt.err, result, tt.name) } } } diff --git a/pkg/chartutil/capabilities_test.go b/pkg/chartutil/capabilities_test.go index af56907eb..b58d7e0fa 100644 --- a/pkg/chartutil/capabilities_test.go +++ b/pkg/chartutil/capabilities_test.go @@ -62,8 +62,8 @@ func TestDefaultCapabilities(t *testing.T) { func TestDefaultCapabilitiesHelmVersion(t *testing.T) { hv := DefaultCapabilities.HelmVersion - if hv.Version != "v3.13" { - t.Errorf("Expected default HelmVersion to be v3.13, got %q", hv.Version) + if hv.Version != "v3.14" { + t.Errorf("Expected default HelmVersion to be v3.14, got %q", hv.Version) } } diff --git a/pkg/chartutil/coalesce.go b/pkg/chartutil/coalesce.go index 6cf23a122..f0272fd6a 100644 --- a/pkg/chartutil/coalesce.go +++ b/pkg/chartutil/coalesce.go @@ -129,7 +129,7 @@ func coalesceDeps(printf printFn, chrt *chart.Chart, dest map[string]interface{} // coalesceGlobals copies the globals out of src and merges them into dest. // // For convenience, returns dest. -func coalesceGlobals(printf printFn, dest, src map[string]interface{}, prefix string, merge bool) { +func coalesceGlobals(printf printFn, dest, src map[string]interface{}, prefix string, _ bool) { var dg, sg map[string]interface{} if destglob, ok := dest[GlobalKey]; !ok { diff --git a/pkg/chartutil/create.go b/pkg/chartutil/create.go index 30d0556e5..50212f9d5 100644 --- a/pkg/chartutil/create.go +++ b/pkg/chartutil/create.go @@ -175,6 +175,15 @@ resources: {} # cpu: 100m # memory: 128Mi +livenessProbe: + httpGet: + path: / + port: http +readinessProbe: + httpGet: + path: / + port: http + autoscaling: enabled: false minReplicas: 1 @@ -333,13 +342,9 @@ spec: containerPort: {{ .Values.service.port }} protocol: TCP livenessProbe: - httpGet: - path: / - port: http + {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: - httpGet: - path: / - port: http + {{- toYaml .Values.readinessProbe | nindent 12 }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.volumeMounts }} @@ -443,7 +448,7 @@ const defaultNotes = `1. Get the application URL by running these commands: echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include ".fullname" . }}' + You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include ".fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include ".fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} diff --git a/pkg/chartutil/dependencies.go b/pkg/chartutil/dependencies.go index a87f0fbe8..205d99e09 100644 --- a/pkg/chartutil/dependencies.go +++ b/pkg/chartutil/dependencies.go @@ -59,9 +59,8 @@ func processDependencyConditions(reqs []*chart.Dependency, cvals Values, cpath s if bv, ok := vv.(bool); ok { r.Enabled = bv break - } else { - log.Printf("Warning: Condition path '%s' for chart %s returned non-bool value", c, r.Name) } + log.Printf("Warning: Condition path '%s' for chart %s returned non-bool value", c, r.Name) } else if _, ok := err.(ErrNoValue); !ok { // this is a real error log.Printf("Warning: PathValue returned error %v", err) @@ -334,11 +333,9 @@ func trimNilValues(vals map[string]interface{}) map[string]interface{} { valsCopyMap := valsCopy.(map[string]interface{}) for key, val := range valsCopyMap { if val == nil { - log.Printf("trim deleting %q", key) // Iterate over the values and remove nil keys delete(valsCopyMap, key) } else if istable(val) { - log.Printf("trim copying %q", key) // Recursively call into ourselves to remove keys from inner tables valsCopyMap[key] = trimNilValues(val.(map[string]interface{})) } diff --git a/pkg/chartutil/errors.go b/pkg/chartutil/errors.go index fcdcc27ea..0a4046d2e 100644 --- a/pkg/chartutil/errors.go +++ b/pkg/chartutil/errors.go @@ -33,3 +33,11 @@ type ErrNoValue struct { } func (e ErrNoValue) Error() string { return fmt.Sprintf("%q is not a value", e.Key) } + +type ErrInvalidChartName struct { + Name string +} + +func (e ErrInvalidChartName) Error() string { + return fmt.Sprintf("%q is not a valid chart name", e.Name) +} diff --git a/pkg/chartutil/save.go b/pkg/chartutil/save.go index 2ce4eddaf..4ee90709c 100644 --- a/pkg/chartutil/save.go +++ b/pkg/chartutil/save.go @@ -39,6 +39,10 @@ var headerBytes = []byte("+aHR0cHM6Ly95b3V0dS5iZS96OVV6MWljandyTQo=") // directory, writing the chart's contents to that subdirectory. func SaveDir(c *chart.Chart, dest string) error { // Create the chart directory + err := validateName(c.Name()) + if err != nil { + return err + } outdir := filepath.Join(dest, c.Name()) if fi, err := os.Stat(outdir); err == nil && !fi.IsDir() { return errors.Errorf("file %s already exists and is not a directory", outdir) @@ -149,6 +153,10 @@ func Save(c *chart.Chart, outDir string) (string, error) { } func writeTarContents(out *tar.Writer, c *chart.Chart, prefix string) error { + err := validateName(c.Name()) + if err != nil { + return err + } base := filepath.Join(prefix, c.Name()) // Pull out the dependencies of a v1 Chart, since there's no way @@ -242,3 +250,15 @@ func writeToTar(out *tar.Writer, name string, body []byte) error { _, err := out.Write(body) return err } + +// If the name has directory name has characters which would change the location +// they need to be removed. +func validateName(name string) error { + nname := filepath.Base(name) + + if nname != name { + return ErrInvalidChartName{name} + } + + return nil +} diff --git a/pkg/chartutil/save_test.go b/pkg/chartutil/save_test.go index db485c7cb..98b4e641b 100644 --- a/pkg/chartutil/save_test.go +++ b/pkg/chartutil/save_test.go @@ -106,6 +106,24 @@ func TestSave(t *testing.T) { } }) } + + c := &chart.Chart{ + Metadata: &chart.Metadata{ + APIVersion: chart.APIVersionV1, + Name: "../ahab", + Version: "1.2.3", + }, + Lock: &chart.Lock{ + Digest: "testdigest", + }, + Files: []*chart.File{ + {Name: "scheherazade/shahryar.txt", Data: []byte("1,001 Nights")}, + }, + } + _, err := Save(c, tmp) + if err == nil { + t.Fatal("Expected error saving chart with invalid name") + } } // Creates a copy with a different schema; does not modify anything. @@ -232,4 +250,15 @@ func TestSaveDir(t *testing.T) { if len(c2.Files) != 1 || c2.Files[0].Name != c.Files[0].Name { t.Fatal("Files data did not match") } + + tmp2 := t.TempDir() + c.Metadata.Name = "../ahab" + pth := filepath.Join(tmp2, "tmpcharts") + if err := os.MkdirAll(filepath.Join(pth), 0755); err != nil { + t.Fatal(err) + } + + if err := SaveDir(c, pth); err.Error() != "\"../ahab\" is not a valid chart name" { + t.Fatalf("Did not get expected error for chart named %q", c.Name()) + } } diff --git a/pkg/cli/environment.go b/pkg/cli/environment.go index dac2a4bc1..ba103252d 100644 --- a/pkg/cli/environment.go +++ b/pkg/cli/environment.go @@ -44,6 +44,9 @@ const defaultMaxHistory = 10 // defaultBurstLimit sets the default client-side throttling limit const defaultBurstLimit = 100 +// defaultQPS sets the default QPS value to 0 to use library defaults unless specified +const defaultQPS = float32(0) + // EnvSettings describes all of the environment settings. type EnvSettings struct { namespace string @@ -83,6 +86,8 @@ type EnvSettings struct { MaxHistory int // BurstLimit is the default client-side throttling limit. BurstLimit int + // QPS is queries per second which may be used to avoid throttling. + QPS float32 } func New() *EnvSettings { @@ -102,6 +107,7 @@ func New() *EnvSettings { RepositoryConfig: envOr("HELM_REPOSITORY_CONFIG", helmpath.ConfigPath("repositories.yaml")), RepositoryCache: envOr("HELM_REPOSITORY_CACHE", helmpath.CachePath("repository")), BurstLimit: envIntOr("HELM_BURST_LIMIT", defaultBurstLimit), + QPS: envFloat32Or("HELM_QPS", defaultQPS), } env.Debug, _ = strconv.ParseBool(os.Getenv("HELM_DEBUG")) @@ -119,6 +125,7 @@ func New() *EnvSettings { ImpersonateGroup: &env.KubeAsGroups, WrapConfigFn: func(config *rest.Config) *rest.Config { config.Burst = env.BurstLimit + config.QPS = env.QPS config.Wrap(func(rt http.RoundTripper) http.RoundTripper { return &retryingRoundTripper{wrapped: rt} }) @@ -146,6 +153,7 @@ func (s *EnvSettings) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&s.RepositoryConfig, "repository-config", s.RepositoryConfig, "path to the file containing repository names and URLs") fs.StringVar(&s.RepositoryCache, "repository-cache", s.RepositoryCache, "path to the file containing cached repository indexes") fs.IntVar(&s.BurstLimit, "burst-limit", s.BurstLimit, "client-side default throttling limit") + fs.Float32Var(&s.QPS, "qps", s.QPS, "queries per second used when communicating with the Kubernetes API, not including bursting") } func envOr(name, def string) string { @@ -179,6 +187,18 @@ func envIntOr(name string, def int) int { return ret } +func envFloat32Or(name string, def float32) float32 { + if name == "" { + return def + } + envVal := envOr(name, strconv.FormatFloat(float64(def), 'f', 2, 32)) + ret, err := strconv.ParseFloat(envVal, 32) + if err != nil { + return def + } + return float32(ret) +} + func envCSV(name string) (ls []string) { trimmed := strings.Trim(os.Getenv(name), ", ") if trimmed != "" { @@ -201,6 +221,7 @@ func (s *EnvSettings) EnvVars() map[string]string { "HELM_NAMESPACE": s.Namespace(), "HELM_MAX_HISTORY": strconv.Itoa(s.MaxHistory), "HELM_BURST_LIMIT": strconv.Itoa(s.BurstLimit), + "HELM_QPS": strconv.FormatFloat(float64(s.QPS), 'f', 2, 32), // broken, these are populated from helm flags and not kubeconfig. "HELM_KUBECONTEXT": s.KubeContext, @@ -223,6 +244,9 @@ func (s *EnvSettings) Namespace() string { if ns, _, err := s.config.ToRawKubeConfigLoader().Namespace(); err == nil { return ns } + if s.namespace != "" { + return s.namespace + } return "default" } diff --git a/pkg/cli/environment_test.go b/pkg/cli/environment_test.go index 3de6fab4c..f7709045c 100644 --- a/pkg/cli/environment_test.go +++ b/pkg/cli/environment_test.go @@ -59,20 +59,23 @@ func TestEnvSettings(t *testing.T) { kubeInsecure bool kubeTLSServer string burstLimit int + qps float32 }{ { name: "defaults", ns: "default", maxhistory: defaultMaxHistory, burstLimit: defaultBurstLimit, + qps: defaultQPS, }, { name: "with flags set", - args: "--debug --namespace=myns --kube-as-user=poro --kube-as-group=admins --kube-as-group=teatime --kube-as-group=snackeaters --kube-ca-file=/tmp/ca.crt --burst-limit 100 --kube-insecure-skip-tls-verify=true --kube-tls-server-name=example.org", + args: "--debug --namespace=myns --kube-as-user=poro --kube-as-group=admins --kube-as-group=teatime --kube-as-group=snackeaters --kube-ca-file=/tmp/ca.crt --burst-limit 100 --qps 50.12 --kube-insecure-skip-tls-verify=true --kube-tls-server-name=example.org", ns: "myns", debug: true, maxhistory: defaultMaxHistory, burstLimit: 100, + qps: 50.12, kubeAsUser: "poro", kubeAsGroups: []string{"admins", "teatime", "snackeaters"}, kubeCaFile: "/tmp/ca.crt", @@ -81,10 +84,11 @@ func TestEnvSettings(t *testing.T) { }, { name: "with envvars set", - envvars: map[string]string{"HELM_DEBUG": "1", "HELM_NAMESPACE": "yourns", "HELM_KUBEASUSER": "pikachu", "HELM_KUBEASGROUPS": ",,,operators,snackeaters,partyanimals", "HELM_MAX_HISTORY": "5", "HELM_KUBECAFILE": "/tmp/ca.crt", "HELM_BURST_LIMIT": "150", "HELM_KUBEINSECURE_SKIP_TLS_VERIFY": "true", "HELM_KUBETLS_SERVER_NAME": "example.org"}, + envvars: map[string]string{"HELM_DEBUG": "1", "HELM_NAMESPACE": "yourns", "HELM_KUBEASUSER": "pikachu", "HELM_KUBEASGROUPS": ",,,operators,snackeaters,partyanimals", "HELM_MAX_HISTORY": "5", "HELM_KUBECAFILE": "/tmp/ca.crt", "HELM_BURST_LIMIT": "150", "HELM_KUBEINSECURE_SKIP_TLS_VERIFY": "true", "HELM_KUBETLS_SERVER_NAME": "example.org", "HELM_QPS": "60.34"}, ns: "yourns", maxhistory: 5, burstLimit: 150, + qps: 60.34, debug: true, kubeAsUser: "pikachu", kubeAsGroups: []string{"operators", "snackeaters", "partyanimals"}, @@ -94,18 +98,27 @@ func TestEnvSettings(t *testing.T) { }, { name: "with flags and envvars set", - args: "--debug --namespace=myns --kube-as-user=poro --kube-as-group=admins --kube-as-group=teatime --kube-as-group=snackeaters --kube-ca-file=/my/ca.crt --burst-limit 175 --kube-insecure-skip-tls-verify=true --kube-tls-server-name=example.org", - envvars: map[string]string{"HELM_DEBUG": "1", "HELM_NAMESPACE": "yourns", "HELM_KUBEASUSER": "pikachu", "HELM_KUBEASGROUPS": ",,,operators,snackeaters,partyanimals", "HELM_MAX_HISTORY": "5", "HELM_KUBECAFILE": "/tmp/ca.crt", "HELM_BURST_LIMIT": "200", "HELM_KUBEINSECURE_SKIP_TLS_VERIFY": "true", "HELM_KUBETLS_SERVER_NAME": "example.org"}, + args: "--debug --namespace=myns --kube-as-user=poro --kube-as-group=admins --kube-as-group=teatime --kube-as-group=snackeaters --kube-ca-file=/my/ca.crt --burst-limit 175 --qps 70 --kube-insecure-skip-tls-verify=true --kube-tls-server-name=example.org", + envvars: map[string]string{"HELM_DEBUG": "1", "HELM_NAMESPACE": "yourns", "HELM_KUBEASUSER": "pikachu", "HELM_KUBEASGROUPS": ",,,operators,snackeaters,partyanimals", "HELM_MAX_HISTORY": "5", "HELM_KUBECAFILE": "/tmp/ca.crt", "HELM_BURST_LIMIT": "200", "HELM_KUBEINSECURE_SKIP_TLS_VERIFY": "true", "HELM_KUBETLS_SERVER_NAME": "example.org", "HELM_QPS": "40"}, ns: "myns", debug: true, maxhistory: 5, burstLimit: 175, + qps: 70, kubeAsUser: "poro", kubeAsGroups: []string{"admins", "teatime", "snackeaters"}, kubeCaFile: "/my/ca.crt", kubeTLSServer: "example.org", kubeInsecure: true, }, + { + name: "invalid kubeconfig", + ns: "testns", + args: "--namespace=testns --kubeconfig=/path/to/fake/file", + maxhistory: defaultMaxHistory, + burstLimit: defaultBurstLimit, + qps: defaultQPS, + }, } for _, tt := range tests { diff --git a/pkg/downloader/manager.go b/pkg/downloader/manager.go index a5b0af080..68c9c6e00 100644 --- a/pkg/downloader/manager.go +++ b/pkg/downloader/manager.go @@ -714,15 +714,21 @@ func (m *Manager) findChartURL(name, version, repoURL string, repos map[string]* var entry repo.ChartVersions entry, err = findEntryByName(name, cr) if err != nil { + // TODO: Where linting is skipped in this function we should + // refactor to remove naked returns while ensuring the same + // behavior + //nolint:nakedret return } var ve *repo.ChartVersion ve, err = findVersionedEntry(version, entry) if err != nil { + //nolint:nakedret return } url, err = normalizeURL(repoURL, ve.URLs[0]) if err != nil { + //nolint:nakedret return } username = cr.Config.Username @@ -732,6 +738,7 @@ func (m *Manager) findChartURL(name, version, repoURL string, repos map[string]* caFile = cr.Config.CAFile certFile = cr.Config.CertFile keyFile = cr.Config.KeyFile + //nolint:nakedret return } } diff --git a/pkg/downloader/manager_test.go b/pkg/downloader/manager_test.go index f7ab1a568..db2487d16 100644 --- a/pkg/downloader/manager_test.go +++ b/pkg/downloader/manager_test.go @@ -262,6 +262,32 @@ func TestDownloadAll(t *testing.T) { if _, err := os.Stat(filepath.Join(chartPath, "charts", "signtest-0.1.0.tgz")); os.IsNotExist(err) { t.Error(err) } + + // A chart with a bad name like this cannot be loaded and saved. Handling in + // the loading and saving will return an error about the invalid name. In + // this case, the chart needs to be created directly. + badchartyaml := `apiVersion: v2 +description: A Helm chart for Kubernetes +name: ../bad-local-subchart +version: 0.1.0` + if err := os.MkdirAll(filepath.Join(chartPath, "testdata", "bad-local-subchart"), 0755); err != nil { + t.Fatal(err) + } + err = os.WriteFile(filepath.Join(chartPath, "testdata", "bad-local-subchart", "Chart.yaml"), []byte(badchartyaml), 0644) + if err != nil { + t.Fatal(err) + } + + badLocalDep := &chart.Dependency{ + Name: "../bad-local-subchart", + Repository: "file://./testdata/bad-local-subchart", + Version: "0.1.0", + } + + err = m.downloadAll([]*chart.Dependency{badLocalDep}) + if err == nil { + t.Fatal("Expected error for bad dependency name") + } } func TestUpdateBeforeBuild(t *testing.T) { diff --git a/pkg/engine/engine.go b/pkg/engine/engine.go index 150be16b7..058cfa749 100644 --- a/pkg/engine/engine.go +++ b/pkg/engine/engine.go @@ -40,16 +40,17 @@ type Engine struct { Strict bool // In LintMode, some 'required' template values may be missing, so don't fail LintMode bool - // the rest config to connect to the kubernetes api - config *rest.Config + // optional provider of clients to talk to the Kubernetes API + clientProvider *ClientProvider // EnableDNS tells the engine to allow DNS lookups when rendering templates EnableDNS bool } // New creates a new instance of Engine using the passed in rest config. func New(config *rest.Config) Engine { + var clientProvider ClientProvider = clientProviderFromConfig{config} return Engine{ - config: config, + clientProvider: &clientProvider, } } @@ -85,10 +86,21 @@ func Render(chrt *chart.Chart, values chartutil.Values) (map[string]string, erro // RenderWithClient takes a chart, optional values, and value overrides, and attempts to // render the Go templates using the default options. This engine is client aware and so can have template -// functions that interact with the client +// functions that interact with the client. func RenderWithClient(chrt *chart.Chart, values chartutil.Values, config *rest.Config) (map[string]string, error) { + var clientProvider ClientProvider = clientProviderFromConfig{config} return Engine{ - config: config, + clientProvider: &clientProvider, + }.Render(chrt, values) +} + +// RenderWithClientProvider takes a chart, optional values, and value overrides, and attempts to +// render the Go templates using the default options. This engine is client aware and so can have template +// functions that interact with the client. +// This function differs from RenderWithClient in that it lets you customize the way a dynamic client is constructed. +func RenderWithClientProvider(chrt *chart.Chart, values chartutil.Values, clientProvider ClientProvider) (map[string]string, error) { + return Engine{ + clientProvider: &clientProvider, }.Render(chrt, values) } @@ -112,13 +124,10 @@ func warnWrap(warn string) string { return warnStartDelim + warn + warnEndDelim } -// initFunMap creates the Engine's FuncMap and adds context-specific functions. -func (e Engine) initFunMap(t *template.Template, referenceTpls map[string]renderable) { - funcMap := funcMap() - includedNames := make(map[string]int) - - // Add the 'include' function here so we can close over t. - funcMap["include"] = func(name string, data interface{}) (string, error) { +// 'include' needs to be defined in the scope of a 'tpl' template as +// well as regular file-loaded templates. +func includeFun(t *template.Template, includedNames map[string]int) func(string, interface{}) (string, error) { + return func(name string, data interface{}) (string, error) { var buf strings.Builder if v, ok := includedNames[name]; ok { if v > recursionMaxNums { @@ -132,33 +141,62 @@ func (e Engine) initFunMap(t *template.Template, referenceTpls map[string]render includedNames[name]-- return buf.String(), err } +} - // Add the 'tpl' function here - funcMap["tpl"] = func(tpl string, vals chartutil.Values) (string, error) { - basePath, err := vals.PathValue("Template.BasePath") +// As does 'tpl', so that nested calls to 'tpl' see the templates +// defined by their enclosing contexts. +func tplFun(parent *template.Template, includedNames map[string]int, strict bool) func(string, interface{}) (string, error) { + return func(tpl string, vals interface{}) (string, error) { + t, err := parent.Clone() if err != nil { - return "", errors.Wrapf(err, "cannot retrieve Template.Basepath from values inside tpl function: %s", tpl) + return "", errors.Wrapf(err, "cannot clone template") } - templateName, err := vals.PathValue("Template.Name") - if err != nil { - return "", errors.Wrapf(err, "cannot retrieve Template.Name from values inside tpl function: %s", tpl) + // Re-inject the missingkey option, see text/template issue https://github.com/golang/go/issues/43022 + // We have to go by strict from our engine configuration, as the option fields are private in Template. + // TODO: Remove workaround (and the strict parameter) once we build only with golang versions with a fix. + if strict { + t.Option("missingkey=error") + } else { + t.Option("missingkey=zero") } - templates := map[string]renderable{ - templateName.(string): { - tpl: tpl, - vals: vals, - basePath: basePath.(string), - }, + // Re-inject 'include' so that it can close over our clone of t; + // this lets any 'define's inside tpl be 'include'd. + t.Funcs(template.FuncMap{ + "include": includeFun(t, includedNames), + "tpl": tplFun(t, includedNames, strict), + }) + + // We need a .New template, as template text which is just blanks + // or comments after parsing out defines just addes new named + // template definitions without changing the main template. + // https://pkg.go.dev/text/template#Template.Parse + // Use the parent's name for lack of a better way to identify the tpl + // text string. (Maybe we could use a hash appended to the name?) + t, err = t.New(parent.Name()).Parse(tpl) + if err != nil { + return "", errors.Wrapf(err, "cannot parse template %q", tpl) } - result, err := e.renderWithReferences(templates, referenceTpls) - if err != nil { + var buf strings.Builder + if err := t.Execute(&buf, vals); err != nil { return "", errors.Wrapf(err, "error during tpl function execution for %q", tpl) } - return result[templateName.(string)], nil + + // See comment in renderWithReferences explaining the hack. + return strings.ReplaceAll(buf.String(), "", ""), nil } +} + +// initFunMap creates the Engine's FuncMap and adds context-specific functions. +func (e Engine) initFunMap(t *template.Template) { + funcMap := funcMap() + includedNames := make(map[string]int) + + // Add the template-rendering functions here so we can close over t. + funcMap["include"] = includeFun(t, includedNames) + funcMap["tpl"] = tplFun(t, includedNames, e.Strict) // Add the `required` function here so we can use lintMode funcMap["required"] = func(warn string, val interface{}) (interface{}, error) { @@ -194,14 +232,14 @@ func (e Engine) initFunMap(t *template.Template, referenceTpls map[string]render // If we are not linting and have a cluster connection, provide a Kubernetes-backed // implementation. - if !e.LintMode && e.config != nil { - funcMap["lookup"] = NewLookupFunction(e.config) + if !e.LintMode && e.clientProvider != nil { + funcMap["lookup"] = newLookupFunction(*e.clientProvider) } // When DNS lookups are not enabled override the sprig function and return // an empty string. if !e.EnableDNS { - funcMap["getHostByName"] = func(name string) string { + funcMap["getHostByName"] = func(_ string) string { return "" } } @@ -210,13 +248,7 @@ func (e Engine) initFunMap(t *template.Template, referenceTpls map[string]render } // render takes a map of templates/values and renders them. -func (e Engine) render(tpls map[string]renderable) (map[string]string, error) { - return e.renderWithReferences(tpls, tpls) -} - -// renderWithReferences takes a map of templates/values to render, and a map of -// templates which can be referenced within them. -func (e Engine) renderWithReferences(tpls, referenceTpls map[string]renderable) (rendered map[string]string, err error) { +func (e Engine) render(tpls map[string]renderable) (rendered map[string]string, err error) { // Basically, what we do here is start with an empty parent template and then // build up a list of templates -- one for each file. Once all of the templates // have been parsed, we loop through again and execute every template. @@ -238,12 +270,11 @@ func (e Engine) renderWithReferences(tpls, referenceTpls map[string]renderable) t.Option("missingkey=zero") } - e.initFunMap(t, referenceTpls) + e.initFunMap(t) // We want to parse the templates in a predictable order. The order favors // higher-level (in file system) templates over deeply nested templates. keys := sortTemplates(tpls) - referenceKeys := sortTemplates(referenceTpls) for _, filename := range keys { r := tpls[filename] @@ -252,17 +283,6 @@ func (e Engine) renderWithReferences(tpls, referenceTpls map[string]renderable) } } - // Adding the reference templates to the template context - // so they can be referenced in the tpl function - for _, filename := range referenceKeys { - if t.Lookup(filename) == nil { - r := referenceTpls[filename] - if _, err := t.New(filename).Parse(r.tpl); err != nil { - return map[string]string{}, cleanupParseError(filename, err) - } - } - } - rendered = make(map[string]string, len(keys)) for _, filename := range keys { // Don't render partials. We don't care out the direct output of partials. diff --git a/pkg/engine/engine_test.go b/pkg/engine/engine_test.go index 27bb9e78e..f8be52bf6 100644 --- a/pkg/engine/engine_test.go +++ b/pkg/engine/engine_test.go @@ -24,6 +24,12 @@ import ( "testing" "text/template" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/client-go/dynamic" + "k8s.io/client-go/dynamic/fake" + "helm.sh/helm/v3/pkg/chart" "helm.sh/helm/v3/pkg/chartutil" ) @@ -204,7 +210,7 @@ func TestRenderInternals(t *testing.T) { } } -func TestRenderWIthDNS(t *testing.T) { +func TestRenderWithDNS(t *testing.T) { c := &chart.Chart{ Metadata: &chart.Metadata{ Name: "moby", @@ -240,6 +246,178 @@ func TestRenderWIthDNS(t *testing.T) { } } +type kindProps struct { + shouldErr error + gvr schema.GroupVersionResource + namespaced bool +} + +type testClientProvider struct { + t *testing.T + scheme map[string]kindProps + objects []runtime.Object +} + +func (p *testClientProvider) GetClientFor(apiVersion, kind string) (dynamic.NamespaceableResourceInterface, bool, error) { + props := p.scheme[path.Join(apiVersion, kind)] + if props.shouldErr != nil { + return nil, false, props.shouldErr + } + return fake.NewSimpleDynamicClient(runtime.NewScheme(), p.objects...).Resource(props.gvr), props.namespaced, nil +} + +var _ ClientProvider = &testClientProvider{} + +// makeUnstructured is a convenience function for single-line creation of Unstructured objects. +func makeUnstructured(apiVersion, kind, name, namespace string) *unstructured.Unstructured { + ret := &unstructured.Unstructured{Object: map[string]interface{}{ + "apiVersion": apiVersion, + "kind": kind, + "metadata": map[string]interface{}{ + "name": name, + }, + }} + if namespace != "" { + ret.Object["metadata"].(map[string]interface{})["namespace"] = namespace + } + return ret +} + +func TestRenderWithClientProvider(t *testing.T) { + provider := &testClientProvider{ + t: t, + scheme: map[string]kindProps{ + "v1/Namespace": { + gvr: schema.GroupVersionResource{ + Version: "v1", + Resource: "namespaces", + }, + }, + "v1/Pod": { + gvr: schema.GroupVersionResource{ + Version: "v1", + Resource: "pods", + }, + namespaced: true, + }, + }, + objects: []runtime.Object{ + makeUnstructured("v1", "Namespace", "default", ""), + makeUnstructured("v1", "Pod", "pod1", "default"), + makeUnstructured("v1", "Pod", "pod2", "ns1"), + makeUnstructured("v1", "Pod", "pod3", "ns1"), + }, + } + + type testCase struct { + template string + output string + } + cases := map[string]testCase{ + "ns-single": { + template: `{{ (lookup "v1" "Namespace" "" "default").metadata.name }}`, + output: "default", + }, + "ns-list": { + template: `{{ (lookup "v1" "Namespace" "" "").items | len }}`, + output: "1", + }, + "ns-missing": { + template: `{{ (lookup "v1" "Namespace" "" "absent") }}`, + output: "map[]", + }, + "pod-single": { + template: `{{ (lookup "v1" "Pod" "default" "pod1").metadata.name }}`, + output: "pod1", + }, + "pod-list": { + template: `{{ (lookup "v1" "Pod" "ns1" "").items | len }}`, + output: "2", + }, + "pod-all": { + template: `{{ (lookup "v1" "Pod" "" "").items | len }}`, + output: "3", + }, + "pod-missing": { + template: `{{ (lookup "v1" "Pod" "" "ns2") }}`, + output: "map[]", + }, + } + + c := &chart.Chart{ + Metadata: &chart.Metadata{ + Name: "moby", + Version: "1.2.3", + }, + Values: map[string]interface{}{}, + } + + for name, exp := range cases { + c.Templates = append(c.Templates, &chart.File{ + Name: path.Join("templates", name), + Data: []byte(exp.template), + }) + } + + vals := map[string]interface{}{ + "Values": map[string]interface{}{}, + } + + v, err := chartutil.CoalesceValues(c, vals) + if err != nil { + t.Fatalf("Failed to coalesce values: %s", err) + } + + out, err := RenderWithClientProvider(c, v, provider) + if err != nil { + t.Errorf("Failed to render templates: %s", err) + } + + for name, want := range cases { + t.Run(name, func(t *testing.T) { + key := path.Join("moby/templates", name) + if out[key] != want.output { + t.Errorf("Expected %q, got %q", want, out[key]) + } + }) + } +} + +func TestRenderWithClientProvider_error(t *testing.T) { + c := &chart.Chart{ + Metadata: &chart.Metadata{ + Name: "moby", + Version: "1.2.3", + }, + Templates: []*chart.File{ + {Name: "templates/error", Data: []byte(`{{ lookup "v1" "Error" "" "" }}`)}, + }, + Values: map[string]interface{}{}, + } + + vals := map[string]interface{}{ + "Values": map[string]interface{}{}, + } + + v, err := chartutil.CoalesceValues(c, vals) + if err != nil { + t.Fatalf("Failed to coalesce values: %s", err) + } + + provider := &testClientProvider{ + t: t, + scheme: map[string]kindProps{ + "v1/Error": { + shouldErr: fmt.Errorf("kaboom"), + }, + }, + } + _, err = RenderWithClientProvider(c, v, provider) + if err == nil || !strings.Contains(err.Error(), "kaboom") { + t.Errorf("Expected error from client provider when rendering, got %q", err) + } +} + func TestParallelRenderInternals(t *testing.T) { // Make sure that we can use one Engine to run parallel template renders. e := new(Engine) @@ -948,8 +1126,6 @@ func TestRenderTplTemplateNames(t *testing.T) { {Name: "templates/default-name", Data: []byte(`{{tpl "{{ .Template.Name }}" .}}`)}, {Name: "templates/modified-basepath", Data: []byte(`{{tpl "{{ .Template.BasePath }}" .Values.dot}}`)}, {Name: "templates/modified-name", Data: []byte(`{{tpl "{{ .Template.Name }}" .Values.dot}}`)}, - // Current implementation injects the 'tpl' template as if it were a template file, and - // so only BasePath and Name make it through. {Name: "templates/modified-field", Data: []byte(`{{tpl "{{ .Template.Field }}" .Values.dot}}`)}, }, } @@ -979,7 +1155,7 @@ func TestRenderTplTemplateNames(t *testing.T) { "TplTemplateNames/templates/default-name": "TplTemplateNames/templates/default-name", "TplTemplateNames/templates/modified-basepath": "path/to/template", "TplTemplateNames/templates/modified-name": "name-of-template", - "TplTemplateNames/templates/modified-field": "", + "TplTemplateNames/templates/modified-field": "extra-field", } for file, expect := range expects { if out[file] != expect { @@ -1001,13 +1177,17 @@ func TestRenderTplRedefines(t *testing.T) { `{{define "manifest"}}original-in-manifest{{end}}` + `before: {{include "manifest" .}}\n{{tpl .Values.manifestText .}}\nafter: {{include "manifest" .}}`, )}, - // The current implementation replaces the manifest text and re-parses, so a - // partial template defined only in the manifest invoking tpl cannot be accessed - // by that tpl call. - //{Name: "templates/manifest-only", Data: []byte( - // `{{define "manifest-only"}}only-in-manifest{{end}}` + - // `before: {{include "manifest-only" .}}\n{{tpl .Values.manifestOnlyText .}}\nafter: {{include "manifest-only" .}}`, - //)}, + {Name: "templates/manifest-only", Data: []byte( + `{{define "manifest-only"}}only-in-manifest{{end}}` + + `before: {{include "manifest-only" .}}\n{{tpl .Values.manifestOnlyText .}}\nafter: {{include "manifest-only" .}}`, + )}, + {Name: "templates/nested", Data: []byte( + `{{define "nested"}}original-in-manifest{{end}}` + + `{{define "nested-outer"}}original-outer-in-manifest{{end}}` + + `before: {{include "nested" .}} {{include "nested-outer" .}}\n` + + `{{tpl .Values.nestedText .}}\n` + + `after: {{include "nested" .}} {{include "nested-outer" .}}`, + )}, }, } v := chartutil.Values{ @@ -1015,6 +1195,12 @@ func TestRenderTplRedefines(t *testing.T) { "partialText": `{{define "partial"}}redefined-in-tpl{{end}}tpl: {{include "partial" .}}`, "manifestText": `{{define "manifest"}}redefined-in-tpl{{end}}tpl: {{include "manifest" .}}`, "manifestOnlyText": `tpl: {{include "manifest-only" .}}`, + "nestedText": `{{define "nested"}}redefined-in-tpl{{end}}` + + `{{define "nested-outer"}}redefined-outer-in-tpl{{end}}` + + `before-inner-tpl: {{include "nested" .}} {{include "nested-outer" . }}\n` + + `{{tpl .Values.innerText .}}\n` + + `after-inner-tpl: {{include "nested" .}} {{include "nested-outer" . }}`, + "innerText": `{{define "nested"}}redefined-in-inner-tpl{{end}}inner-tpl: {{include "nested" .}} {{include "nested-outer" . }}`, }, "Chart": c.Metadata, "Release": chartutil.Values{ @@ -1028,9 +1214,14 @@ func TestRenderTplRedefines(t *testing.T) { } expects := map[string]string{ - "TplRedefines/templates/partial": `before: original-in-partial\ntpl: original-in-partial\nafter: original-in-partial`, - "TplRedefines/templates/manifest": `before: original-in-manifest\ntpl: redefined-in-tpl\nafter: original-in-manifest`, - //"TplRedefines/templates/manifest-only": `before: only-in-manifest\ntpl: only-in-manifest\nafter: only-in-manifest`, + "TplRedefines/templates/partial": `before: original-in-partial\ntpl: redefined-in-tpl\nafter: original-in-partial`, + "TplRedefines/templates/manifest": `before: original-in-manifest\ntpl: redefined-in-tpl\nafter: original-in-manifest`, + "TplRedefines/templates/manifest-only": `before: only-in-manifest\ntpl: only-in-manifest\nafter: only-in-manifest`, + "TplRedefines/templates/nested": `before: original-in-manifest original-outer-in-manifest\n` + + `before-inner-tpl: redefined-in-tpl redefined-outer-in-tpl\n` + + `inner-tpl: redefined-in-inner-tpl redefined-outer-in-tpl\n` + + `after-inner-tpl: redefined-in-tpl redefined-outer-in-tpl\n` + + `after: original-in-manifest original-outer-in-manifest`, } for file, expect := range expects { if out[file] != expect { diff --git a/pkg/engine/lookup_func.go b/pkg/engine/lookup_func.go index b378ca9d6..86a7d698c 100644 --- a/pkg/engine/lookup_func.go +++ b/pkg/engine/lookup_func.go @@ -39,9 +39,28 @@ type lookupFunc = func(apiversion string, resource string, namespace string, nam // This function is considered deprecated, and will be renamed in Helm 4. It will no // longer be a public function. func NewLookupFunction(config *rest.Config) lookupFunc { - return func(apiversion string, resource string, namespace string, name string) (map[string]interface{}, error) { + return newLookupFunction(clientProviderFromConfig{config: config}) +} + +type ClientProvider interface { + // GetClientFor returns a dynamic.NamespaceableResourceInterface suitable for interacting with resources + // corresponding to the provided apiVersion and kind, as well as a boolean indicating whether the resources + // are namespaced. + GetClientFor(apiVersion, kind string) (dynamic.NamespaceableResourceInterface, bool, error) +} + +type clientProviderFromConfig struct { + config *rest.Config +} + +func (c clientProviderFromConfig) GetClientFor(apiVersion, kind string) (dynamic.NamespaceableResourceInterface, bool, error) { + return getDynamicClientOnKind(apiVersion, kind, c.config) +} + +func newLookupFunction(clientProvider ClientProvider) lookupFunc { + return func(apiversion string, kind string, namespace string, name string) (map[string]interface{}, error) { var client dynamic.ResourceInterface - c, namespaced, err := getDynamicClientOnKind(apiversion, resource, config) + c, namespaced, err := clientProvider.GetClientFor(apiversion, kind) if err != nil { return map[string]interface{}{}, err } diff --git a/pkg/getter/httpgetter_test.go b/pkg/getter/httpgetter_test.go index c727d0d7c..0ba7e03e8 100644 --- a/pkg/getter/httpgetter_test.go +++ b/pkg/getter/httpgetter_test.go @@ -287,7 +287,7 @@ func TestDownloadTLS(t *testing.T) { ca, pub, priv := filepath.Join(cd, "rootca.crt"), filepath.Join(cd, "crt.pem"), filepath.Join(cd, "key.pem") insecureSkipTLSverify := false - tlsSrv := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) + tlsSrv := httptest.NewUnstartedServer(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {})) tlsConf, err := tlsutil.NewClientTLS(pub, priv, ca, insecureSkipTLSverify) if err != nil { t.Fatal(errors.Wrap(err, "can't create TLS config for client")) @@ -332,7 +332,7 @@ func TestDownloadTLS(t *testing.T) { } func TestDownloadInsecureSkipTLSVerify(t *testing.T) { - ts := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) + ts := httptest.NewTLSServer(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {})) defer ts.Close() u, _ := url.ParseRequestURI(ts.URL) @@ -364,7 +364,7 @@ func TestDownloadInsecureSkipTLSVerify(t *testing.T) { } func TestHTTPGetterTarDownload(t *testing.T) { - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { f, _ := os.Open("testdata/empty-0.0.1.tgz") defer f.Close() diff --git a/pkg/getter/ocigetter.go b/pkg/getter/ocigetter.go index 209786bd7..0547cdcbb 100644 --- a/pkg/getter/ocigetter.go +++ b/pkg/getter/ocigetter.go @@ -119,6 +119,7 @@ func (g *OCIGetter) newRegistryClient() (*registry.Client, error) { IdleConnTimeout: 90 * time.Second, TLSHandshakeTimeout: 10 * time.Second, ExpectContinueTimeout: 1 * time.Second, + Proxy: http.ProxyFromEnvironment, } }) diff --git a/pkg/getter/plugingetter.go b/pkg/getter/plugingetter.go index 0d13ade57..a371b52eb 100644 --- a/pkg/getter/plugingetter.go +++ b/pkg/getter/plugingetter.go @@ -17,6 +17,7 @@ package getter import ( "bytes" + "fmt" "os" "os/exec" "path/filepath" @@ -62,6 +63,13 @@ type pluginGetter struct { opts options } +func (p *pluginGetter) setupOptionsEnv(env []string) []string { + env = append(env, fmt.Sprintf("HELM_PLUGIN_USERNAME=%s", p.opts.username)) + env = append(env, fmt.Sprintf("HELM_PLUGIN_PASSWORD=%s", p.opts.password)) + env = append(env, fmt.Sprintf("HELM_PLUGIN_PASS_CREDENTIALS_ALL=%t", p.opts.passCredentialsAll)) + return env +} + // Get runs downloader plugin command func (p *pluginGetter) Get(href string, options ...Option) (*bytes.Buffer, error) { for _, opt := range options { @@ -71,7 +79,7 @@ func (p *pluginGetter) Get(href string, options ...Option) (*bytes.Buffer, error argv := append(commands[1:], p.opts.certFile, p.opts.keyFile, p.opts.caFile, href) prog := exec.Command(filepath.Join(p.base, commands[0]), argv...) plugin.SetupPluginEnv(p.settings, p.name, p.base) - prog.Env = os.Environ() + prog.Env = p.setupOptionsEnv(os.Environ()) buf := bytes.NewBuffer(nil) prog.Stdout = buf prog.Stderr = os.Stderr diff --git a/internal/ignore/doc.go b/pkg/ignore/doc.go similarity index 97% rename from internal/ignore/doc.go rename to pkg/ignore/doc.go index a1f0fcfc8..5245d410e 100644 --- a/internal/ignore/doc.go +++ b/pkg/ignore/doc.go @@ -65,4 +65,4 @@ Notable differences from .gitignore: - The evaluation of escape sequences has not been tested for compatibility - There is no support for '\!' as a special leading sequence. */ -package ignore // import "helm.sh/helm/v3/internal/ignore" +package ignore // import "helm.sh/helm/v3/pkg/ignore" diff --git a/internal/ignore/rules.go b/pkg/ignore/rules.go similarity index 97% rename from internal/ignore/rules.go rename to pkg/ignore/rules.go index a80923baf..88de407ad 100644 --- a/internal/ignore/rules.go +++ b/pkg/ignore/rules.go @@ -173,7 +173,7 @@ func (r *Rules) parseRule(rule string) error { if strings.HasPrefix(rule, "/") { // Require path matches the root path. - p.match = func(n string, fi os.FileInfo) bool { + p.match = func(n string, _ os.FileInfo) bool { rule = strings.TrimPrefix(rule, "/") ok, err := filepath.Match(rule, n) if err != nil { @@ -184,7 +184,7 @@ func (r *Rules) parseRule(rule string) error { } } else if strings.Contains(rule, "/") { // require structural match. - p.match = func(n string, fi os.FileInfo) bool { + p.match = func(n string, _ os.FileInfo) bool { ok, err := filepath.Match(rule, n) if err != nil { log.Printf("Failed to compile %q: %s", rule, err) @@ -193,7 +193,7 @@ func (r *Rules) parseRule(rule string) error { return ok } } else { - p.match = func(n string, fi os.FileInfo) bool { + p.match = func(n string, _ os.FileInfo) bool { // When there is no slash in the pattern, we evaluate ONLY the // filename. n = filepath.Base(n) diff --git a/internal/ignore/rules_test.go b/pkg/ignore/rules_test.go similarity index 100% rename from internal/ignore/rules_test.go rename to pkg/ignore/rules_test.go diff --git a/internal/ignore/testdata/.helmignore b/pkg/ignore/testdata/.helmignore similarity index 100% rename from internal/ignore/testdata/.helmignore rename to pkg/ignore/testdata/.helmignore diff --git a/internal/ignore/testdata/a.txt b/pkg/ignore/testdata/.joonix similarity index 100% rename from internal/ignore/testdata/a.txt rename to pkg/ignore/testdata/.joonix diff --git a/internal/ignore/testdata/cargo/a.txt b/pkg/ignore/testdata/a.txt similarity index 100% rename from internal/ignore/testdata/cargo/a.txt rename to pkg/ignore/testdata/a.txt diff --git a/internal/ignore/testdata/mast/a.txt b/pkg/ignore/testdata/cargo/a.txt similarity index 100% rename from internal/ignore/testdata/mast/a.txt rename to pkg/ignore/testdata/cargo/a.txt diff --git a/internal/ignore/testdata/cargo/b.txt b/pkg/ignore/testdata/cargo/b.txt similarity index 100% rename from internal/ignore/testdata/cargo/b.txt rename to pkg/ignore/testdata/cargo/b.txt diff --git a/internal/ignore/testdata/cargo/c.txt b/pkg/ignore/testdata/cargo/c.txt similarity index 100% rename from internal/ignore/testdata/cargo/c.txt rename to pkg/ignore/testdata/cargo/c.txt diff --git a/internal/ignore/testdata/helm.txt b/pkg/ignore/testdata/helm.txt similarity index 100% rename from internal/ignore/testdata/helm.txt rename to pkg/ignore/testdata/helm.txt diff --git a/internal/ignore/testdata/mast/b.txt b/pkg/ignore/testdata/mast/a.txt similarity index 100% rename from internal/ignore/testdata/mast/b.txt rename to pkg/ignore/testdata/mast/a.txt diff --git a/internal/ignore/testdata/mast/c.txt b/pkg/ignore/testdata/mast/b.txt similarity index 100% rename from internal/ignore/testdata/mast/c.txt rename to pkg/ignore/testdata/mast/b.txt diff --git a/internal/ignore/testdata/rudder.txt b/pkg/ignore/testdata/mast/c.txt similarity index 100% rename from internal/ignore/testdata/rudder.txt rename to pkg/ignore/testdata/mast/c.txt diff --git a/internal/ignore/testdata/templates/.dotfile b/pkg/ignore/testdata/rudder.txt similarity index 100% rename from internal/ignore/testdata/templates/.dotfile rename to pkg/ignore/testdata/rudder.txt diff --git a/internal/ignore/testdata/tiller.txt b/pkg/ignore/testdata/templates/.dotfile similarity index 100% rename from internal/ignore/testdata/tiller.txt rename to pkg/ignore/testdata/templates/.dotfile diff --git a/pkg/ignore/testdata/tiller.txt b/pkg/ignore/testdata/tiller.txt new file mode 100644 index 000000000..e69de29bb diff --git a/pkg/kube/client.go b/pkg/kube/client.go index 0772678d1..9df833a43 100644 --- a/pkg/kube/client.go +++ b/pkg/kube/client.go @@ -467,7 +467,7 @@ func (c *Client) Update(original, target ResourceList, force bool) (*Result, err // if one or more fail and collect any errors. All successfully deleted items // will be returned in the `Deleted` ResourceList that is part of the result. func (c *Client) Delete(resources ResourceList) (*Result, []error) { - return delete(c, resources, metav1.DeletePropagationBackground) + return rdelete(c, resources, metav1.DeletePropagationBackground) } // Delete deletes Kubernetes resources specified in the resources list with @@ -475,10 +475,10 @@ func (c *Client) Delete(resources ResourceList) (*Result, []error) { // if one or more fail and collect any errors. All successfully deleted items // will be returned in the `Deleted` ResourceList that is part of the result. func (c *Client) DeleteWithPropagationPolicy(resources ResourceList, policy metav1.DeletionPropagation) (*Result, []error) { - return delete(c, resources, policy) + return rdelete(c, resources, policy) } -func delete(c *Client, resources ResourceList, propagation metav1.DeletionPropagation) (*Result, []error) { +func rdelete(c *Client, resources ResourceList, propagation metav1.DeletionPropagation) (*Result, []error) { var errs []error res := &Result{} mtx := sync.Mutex{} @@ -772,7 +772,7 @@ func (c *Client) waitForJob(obj runtime.Object, name string) (bool, error) { if c.Type == batch.JobComplete && c.Status == "True" { return true, nil } else if c.Type == batch.JobFailed && c.Status == "True" { - return true, errors.Errorf("job failed: %s", c.Reason) + return true, errors.Errorf("job %s failed: %s", name, c.Reason) } } diff --git a/pkg/kube/fake/printer.go b/pkg/kube/fake/printer.go index e6c4b6207..cc2c84b40 100644 --- a/pkg/kube/fake/printer.go +++ b/pkg/kube/fake/printer.go @@ -49,7 +49,7 @@ func (p *PrintingKubeClient) Create(resources kube.ResourceList) (*kube.Result, return &kube.Result{Created: resources}, nil } -func (p *PrintingKubeClient) Get(resources kube.ResourceList, related bool) (map[string][]runtime.Object, error) { +func (p *PrintingKubeClient) Get(resources kube.ResourceList, _ bool) (map[string][]runtime.Object, error) { _, err := io.Copy(p.Out, bufferize(resources)) if err != nil { return nil, err @@ -119,7 +119,7 @@ func (p *PrintingKubeClient) WaitAndGetCompletedPodPhase(_ string, _ time.Durati // DeleteWithPropagationPolicy implements KubeClient delete. // // It only prints out the content to be deleted. -func (p *PrintingKubeClient) DeleteWithPropagationPolicy(resources kube.ResourceList, policy metav1.DeletionPropagation) (*kube.Result, []error) { +func (p *PrintingKubeClient) DeleteWithPropagationPolicy(resources kube.ResourceList, _ metav1.DeletionPropagation) (*kube.Result, []error) { _, err := io.Copy(p.Out, bufferize(resources)) if err != nil { return nil, []error{err} diff --git a/pkg/kube/ready.go b/pkg/kube/ready.go index 7172a42bc..b2d26ba76 100644 --- a/pkg/kube/ready.go +++ b/pkg/kube/ready.go @@ -90,13 +90,6 @@ type ReadyChecker struct { // IsReady will fetch the latest state of the object from the server prior to // performing readiness checks, and it will return any error encountered. func (c *ReadyChecker) IsReady(ctx context.Context, v *resource.Info) (bool, error) { - var ( - // This defaults to true, otherwise we get to a point where - // things will always return false unless one of the objects - // that manages pods has been hit - ok = true - err error - ) switch value := AsVersioned(v).(type) { case *corev1.Pod: pod, err := c.client.CoreV1().Pods(v.Namespace).Get(ctx, v.Name, metav1.GetOptions{}) @@ -183,11 +176,30 @@ func (c *ReadyChecker) IsReady(ctx context.Context, v *resource.Info) (bool, err if !c.statefulSetReady(sts) { return false, nil } - case *corev1.ReplicationController, *extensionsv1beta1.ReplicaSet, *appsv1beta2.ReplicaSet, *appsv1.ReplicaSet: - ok, err = c.podsReadyForObject(ctx, v.Namespace, value) - } - if !ok || err != nil { - return false, err + case *corev1.ReplicationController: + rc, err := c.client.CoreV1().ReplicationControllers(v.Namespace).Get(ctx, v.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + if !c.replicationControllerReady(rc) { + return false, nil + } + ready, err := c.podsReadyForObject(ctx, v.Namespace, value) + if !ready || err != nil { + return false, err + } + case *extensionsv1beta1.ReplicaSet, *appsv1beta2.ReplicaSet, *appsv1.ReplicaSet: + rs, err := c.client.AppsV1().ReplicaSets(v.Namespace).Get(ctx, v.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + if !c.replicaSetReady(rs) { + return false, nil + } + ready, err := c.podsReadyForObject(ctx, v.Namespace, value) + if !ready || err != nil { + return false, err + } } return true, nil } @@ -276,6 +288,16 @@ func (c *ReadyChecker) volumeReady(v *corev1.PersistentVolumeClaim) bool { } func (c *ReadyChecker) deploymentReady(rs *appsv1.ReplicaSet, dep *appsv1.Deployment) bool { + // Verify the replicaset readiness + if !c.replicaSetReady(rs) { + return false + } + // Verify the generation observed by the deployment controller matches the spec generation + if dep.Status.ObservedGeneration != dep.ObjectMeta.Generation { + c.log("Deployment is not ready: %s/%s. observedGeneration (%d) does not match spec generation (%d).", dep.Namespace, dep.Name, dep.Status.ObservedGeneration, dep.ObjectMeta.Generation) + return false + } + expectedReady := *dep.Spec.Replicas - deploymentutil.MaxUnavailable(*dep) if !(rs.Status.ReadyReplicas >= expectedReady) { c.log("Deployment is not ready: %s/%s. %d out of %d expected pods are ready", dep.Namespace, dep.Name, rs.Status.ReadyReplicas, expectedReady) @@ -285,6 +307,12 @@ func (c *ReadyChecker) deploymentReady(rs *appsv1.ReplicaSet, dep *appsv1.Deploy } func (c *ReadyChecker) daemonSetReady(ds *appsv1.DaemonSet) bool { + // Verify the generation observed by the daemonSet controller matches the spec generation + if ds.Status.ObservedGeneration != ds.ObjectMeta.Generation { + c.log("DaemonSet is not ready: %s/%s. observedGeneration (%d) does not match spec generation (%d).", ds.Namespace, ds.Name, ds.Status.ObservedGeneration, ds.ObjectMeta.Generation) + return false + } + // If the update strategy is not a rolling update, there will be nothing to wait for if ds.Spec.UpdateStrategy.Type != appsv1.RollingUpdateDaemonSetStrategyType { return true @@ -355,22 +383,22 @@ func (c *ReadyChecker) crdReady(crd apiextv1.CustomResourceDefinition) bool { } func (c *ReadyChecker) statefulSetReady(sts *appsv1.StatefulSet) bool { + // Verify the generation observed by the statefulSet controller matches the spec generation + if sts.Status.ObservedGeneration != sts.ObjectMeta.Generation { + c.log("StatefulSet is not ready: %s/%s. observedGeneration (%d) does not match spec generation (%d).", sts.Namespace, sts.Name, sts.Status.ObservedGeneration, sts.ObjectMeta.Generation) + return false + } + // If the update strategy is not a rolling update, there will be nothing to wait for if sts.Spec.UpdateStrategy.Type != appsv1.RollingUpdateStatefulSetStrategyType { c.log("StatefulSet skipped ready check: %s/%s. updateStrategy is %v", sts.Namespace, sts.Name, sts.Spec.UpdateStrategy.Type) return true } - // Make sure the status is up-to-date with the StatefulSet changes - if sts.Status.ObservedGeneration < sts.Generation { - c.log("StatefulSet is not ready: %s/%s. update has not yet been observed", sts.Namespace, sts.Name) - return false - } - // Dereference all the pointers because StatefulSets like them var partition int // 1 is the default for replicas if not set - var replicas = 1 + replicas := 1 // For some reason, even if the update strategy is a rolling update, the // actual rollingUpdate field can be nil. If it is, we can safely assume // there is no partition value @@ -409,6 +437,24 @@ func (c *ReadyChecker) statefulSetReady(sts *appsv1.StatefulSet) bool { return true } +func (c *ReadyChecker) replicationControllerReady(rc *corev1.ReplicationController) bool { + // Verify the generation observed by the replicationController controller matches the spec generation + if rc.Status.ObservedGeneration != rc.ObjectMeta.Generation { + c.log("ReplicationController is not ready: %s/%s. observedGeneration (%d) does not match spec generation (%d).", rc.Namespace, rc.Name, rc.Status.ObservedGeneration, rc.ObjectMeta.Generation) + return false + } + return true +} + +func (c *ReadyChecker) replicaSetReady(rs *appsv1.ReplicaSet) bool { + // Verify the generation observed by the replicaSet controller matches the spec generation + if rs.Status.ObservedGeneration != rs.ObjectMeta.Generation { + c.log("ReplicaSet is not ready: %s/%s. observedGeneration (%d) does not match spec generation (%d).", rs.Namespace, rs.Name, rs.Status.ObservedGeneration, rs.ObjectMeta.Generation) + return false + } + return true +} + func getPods(ctx context.Context, client kubernetes.Interface, namespace, selector string) ([]corev1.Pod, error) { list, err := client.CoreV1().Pods(namespace).List(ctx, metav1.ListOptions{ LabelSelector: selector, diff --git a/pkg/kube/ready_test.go b/pkg/kube/ready_test.go index e8e71d8aa..3b8c4b80a 100644 --- a/pkg/kube/ready_test.go +++ b/pkg/kube/ready_test.go @@ -43,27 +43,51 @@ func Test_ReadyChecker_deploymentReady(t *testing.T) { { name: "deployment is ready", args: args{ - rs: newReplicaSet("foo", 1, 1), - dep: newDeployment("foo", 1, 1, 0), + rs: newReplicaSet("foo", 1, 1, true), + dep: newDeployment("foo", 1, 1, 0, true), }, want: true, }, { name: "deployment is not ready", args: args{ - rs: newReplicaSet("foo", 0, 0), - dep: newDeployment("foo", 1, 1, 0), + rs: newReplicaSet("foo", 0, 0, true), + dep: newDeployment("foo", 1, 1, 0, true), }, want: false, }, { name: "deployment is ready when maxUnavailable is set", args: args{ - rs: newReplicaSet("foo", 2, 1), - dep: newDeployment("foo", 2, 1, 1), + rs: newReplicaSet("foo", 2, 1, true), + dep: newDeployment("foo", 2, 1, 1, true), }, want: true, }, + { + name: "deployment is not ready when replicaset generations are out of sync", + args: args{ + rs: newReplicaSet("foo", 1, 1, false), + dep: newDeployment("foo", 1, 1, 0, true), + }, + want: false, + }, + { + name: "deployment is not ready when deployment generations are out of sync", + args: args{ + rs: newReplicaSet("foo", 1, 1, true), + dep: newDeployment("foo", 1, 1, 0, false), + }, + want: false, + }, + { + name: "deployment is not ready when generations are out of sync", + args: args{ + rs: newReplicaSet("foo", 1, 1, false), + dep: newDeployment("foo", 1, 1, 0, false), + }, + want: false, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -75,6 +99,74 @@ func Test_ReadyChecker_deploymentReady(t *testing.T) { } } +func Test_ReadyChecker_replicaSetReady(t *testing.T) { + type args struct { + rs *appsv1.ReplicaSet + } + tests := []struct { + name string + args args + want bool + }{ + { + name: "replicaSet is ready", + args: args{ + rs: newReplicaSet("foo", 1, 1, true), + }, + want: true, + }, + { + name: "replicaSet is not ready when generations are out of sync", + args: args{ + rs: newReplicaSet("foo", 1, 1, false), + }, + want: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := NewReadyChecker(fake.NewSimpleClientset(), nil) + if got := c.replicaSetReady(tt.args.rs); got != tt.want { + t.Errorf("replicaSetReady() = %v, want %v", got, tt.want) + } + }) + } +} + +func Test_ReadyChecker_replicationControllerReady(t *testing.T) { + type args struct { + rc *corev1.ReplicationController + } + tests := []struct { + name string + args args + want bool + }{ + { + name: "replicationController is ready", + args: args{ + rc: newReplicationController("foo", true), + }, + want: true, + }, + { + name: "replicationController is not ready when generations are out of sync", + args: args{ + rc: newReplicationController("foo", false), + }, + want: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := NewReadyChecker(fake.NewSimpleClientset(), nil) + if got := c.replicationControllerReady(tt.args.rc); got != tt.want { + t.Errorf("replicationControllerReady() = %v, want %v", got, tt.want) + } + }) + } +} + func Test_ReadyChecker_daemonSetReady(t *testing.T) { type args struct { ds *appsv1.DaemonSet @@ -87,31 +179,38 @@ func Test_ReadyChecker_daemonSetReady(t *testing.T) { { name: "daemonset is ready", args: args{ - ds: newDaemonSet("foo", 0, 1, 1, 1), + ds: newDaemonSet("foo", 0, 1, 1, 1, true), }, want: true, }, { name: "daemonset is not ready", args: args{ - ds: newDaemonSet("foo", 0, 0, 1, 1), + ds: newDaemonSet("foo", 0, 0, 1, 1, true), }, want: false, }, { name: "daemonset pods have not been scheduled successfully", args: args{ - ds: newDaemonSet("foo", 0, 0, 1, 0), + ds: newDaemonSet("foo", 0, 0, 1, 0, true), }, want: false, }, { name: "daemonset is ready when maxUnavailable is set", args: args{ - ds: newDaemonSet("foo", 1, 1, 2, 2), + ds: newDaemonSet("foo", 1, 1, 2, 2, true), }, want: true, }, + { + name: "daemonset is not ready when generations are out of sync", + args: args{ + ds: newDaemonSet("foo", 0, 1, 1, 1, false), + }, + want: false, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -135,63 +234,56 @@ func Test_ReadyChecker_statefulSetReady(t *testing.T) { { name: "statefulset is ready", args: args{ - sts: newStatefulSet("foo", 1, 0, 1, 1), + sts: newStatefulSet("foo", 1, 0, 1, 1, true), }, want: true, }, { name: "statefulset is not ready", args: args{ - sts: newStatefulSet("foo", 1, 0, 0, 1), + sts: newStatefulSet("foo", 1, 0, 0, 1, true), }, want: false, }, { name: "statefulset is ready when partition is specified", args: args{ - sts: newStatefulSet("foo", 2, 1, 2, 1), + sts: newStatefulSet("foo", 2, 1, 2, 1, true), }, want: true, }, { name: "statefulset is not ready when partition is set", args: args{ - sts: newStatefulSet("foo", 2, 1, 1, 0), + sts: newStatefulSet("foo", 2, 1, 1, 0, true), }, want: false, }, { name: "statefulset is ready when partition is set and no change in template", args: args{ - sts: newStatefulSet("foo", 2, 1, 2, 2), + sts: newStatefulSet("foo", 2, 1, 2, 2, true), }, want: true, }, { name: "statefulset is ready when partition is greater than replicas", args: args{ - sts: newStatefulSet("foo", 1, 2, 1, 1), + sts: newStatefulSet("foo", 1, 2, 1, 1, true), }, want: true, }, { - name: "statefulset is not ready when status of latest generation has not yet been observed", + name: "statefulset is not ready when generations are out of sync", args: args{ - sts: newStatefulSetWithNewGeneration("foo", 1, 0, 1, 1), - }, - want: false, - }, - { - name: "statefulset is not ready when current revision for current replicas does not match update revision for updated replicas", - args: args{ - sts: newStatefulSetWithUpdateRevision("foo", 1, 0, 1, 1, "foo-bbbbbbb"), + sts: newStatefulSet("foo", 1, 0, 1, 1, false), }, want: false, }, { name: "statefulset is ready when current revision for current replicas does not match update revision for updated replicas when using partition !=0", args: args{ - sts: newStatefulSetWithUpdateRevision("foo", 3, 2, 3, 3, "foo-bbbbbbb"), + sts: newStatefulSetWithUpdateRevision("foo", 3, 2, 3, 3, "foo-bbbbbbb", true), }, want: true, }, @@ -222,7 +314,7 @@ func Test_ReadyChecker_podsReadyForObject(t *testing.T) { name: "pods ready for a replicaset", args: args{ namespace: defaultNamespace, - obj: newReplicaSet("foo", 1, 1), + obj: newReplicaSet("foo", 1, 1, true), }, existPods: []corev1.Pod{ *newPodWithCondition("foo", corev1.ConditionTrue), @@ -234,7 +326,7 @@ func Test_ReadyChecker_podsReadyForObject(t *testing.T) { name: "pods not ready for a replicaset", args: args{ namespace: defaultNamespace, - obj: newReplicaSet("foo", 1, 1), + obj: newReplicaSet("foo", 1, 1, true), }, existPods: []corev1.Pod{ *newPodWithCondition("foo", corev1.ConditionFalse), @@ -371,11 +463,22 @@ func Test_ReadyChecker_volumeReady(t *testing.T) { } } -func newDaemonSet(name string, maxUnavailable, numberReady, desiredNumberScheduled, updatedNumberScheduled int) *appsv1.DaemonSet { +func newStatefulSetWithUpdateRevision(name string, replicas, partition, readyReplicas, updatedReplicas int, updateRevision string, generationInSync bool) *appsv1.StatefulSet { + ss := newStatefulSet(name, replicas, partition, readyReplicas, updatedReplicas, generationInSync) + ss.Status.UpdateRevision = updateRevision + return ss +} + +func newDaemonSet(name string, maxUnavailable, numberReady, desiredNumberScheduled, updatedNumberScheduled int, generationInSync bool) *appsv1.DaemonSet { + var generation, observedGeneration int64 = 1, 1 + if !generationInSync { + generation = 2 + } return &appsv1.DaemonSet{ ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: defaultNamespace, + Name: name, + Namespace: defaultNamespace, + Generation: generation, }, Spec: appsv1.DaemonSetSpec{ UpdateStrategy: appsv1.DaemonSetUpdateStrategy{ @@ -403,16 +506,21 @@ func newDaemonSet(name string, maxUnavailable, numberReady, desiredNumberSchedul DesiredNumberScheduled: int32(desiredNumberScheduled), NumberReady: int32(numberReady), UpdatedNumberScheduled: int32(updatedNumberScheduled), + ObservedGeneration: observedGeneration, }, } } -func newStatefulSet(name string, replicas, partition, readyReplicas, updatedReplicas int) *appsv1.StatefulSet { +func newStatefulSet(name string, replicas, partition, readyReplicas, updatedReplicas int, generationInSync bool) *appsv1.StatefulSet { + var generation, observedGeneration int64 = 1, 1 + if !generationInSync { + generation = 2 + } return &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: defaultNamespace, - Generation: int64(1), + Generation: generation, }, Spec: appsv1.StatefulSetSpec{ UpdateStrategy: appsv1.StatefulSetUpdateStrategy{ @@ -438,32 +546,23 @@ func newStatefulSet(name string, replicas, partition, readyReplicas, updatedRepl }, }, Status: appsv1.StatefulSetStatus{ - ObservedGeneration: int64(1), - CurrentRevision: name + "-aaaaaaa", - UpdateRevision: name + "-aaaaaaa", UpdatedReplicas: int32(updatedReplicas), ReadyReplicas: int32(readyReplicas), + ObservedGeneration: observedGeneration, }, } } -func newStatefulSetWithNewGeneration(name string, replicas, partition, readyReplicas, updatedReplicas int) *appsv1.StatefulSet { - ss := newStatefulSet(name, replicas, partition, readyReplicas, updatedReplicas) - ss.Generation++ - return ss -} - -func newStatefulSetWithUpdateRevision(name string, replicas, partition, readyReplicas, updatedReplicas int, updateRevision string) *appsv1.StatefulSet { - ss := newStatefulSet(name, replicas, partition, readyReplicas, updatedReplicas) - ss.Status.UpdateRevision = updateRevision - return ss -} - -func newDeployment(name string, replicas, maxSurge, maxUnavailable int) *appsv1.Deployment { +func newDeployment(name string, replicas, maxSurge, maxUnavailable int, generationInSync bool) *appsv1.Deployment { + var generation, observedGeneration int64 = 1, 1 + if !generationInSync { + generation = 2 + } return &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: defaultNamespace, + Name: name, + Namespace: defaultNamespace, + Generation: generation, }, Spec: appsv1.DeploymentSpec{ Strategy: appsv1.DeploymentStrategy{ @@ -489,17 +588,37 @@ func newDeployment(name string, replicas, maxSurge, maxUnavailable int) *appsv1. }, }, }, + Status: appsv1.DeploymentStatus{ + ObservedGeneration: observedGeneration, + }, } } -func newReplicaSet(name string, replicas int, readyReplicas int) *appsv1.ReplicaSet { - d := newDeployment(name, replicas, 0, 0) +func newReplicationController(name string, generationInSync bool) *corev1.ReplicationController { + var generation, observedGeneration int64 = 1, 1 + if !generationInSync { + generation = 2 + } + return &corev1.ReplicationController{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Generation: generation, + }, + Status: corev1.ReplicationControllerStatus{ + ObservedGeneration: observedGeneration, + }, + } +} + +func newReplicaSet(name string, replicas int, readyReplicas int, generationInSync bool) *appsv1.ReplicaSet { + d := newDeployment(name, replicas, 0, 0, generationInSync) return &appsv1.ReplicaSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: defaultNamespace, Labels: d.Spec.Selector.MatchLabels, OwnerReferences: []metav1.OwnerReference{*metav1.NewControllerRef(d, d.GroupVersionKind())}, + Generation: d.Generation, }, Spec: appsv1.ReplicaSetSpec{ Selector: d.Spec.Selector, @@ -507,7 +626,8 @@ func newReplicaSet(name string, replicas int, readyReplicas int) *appsv1.Replica Template: d.Spec.Template, }, Status: appsv1.ReplicaSetStatus{ - ReadyReplicas: int32(readyReplicas), + ReadyReplicas: int32(readyReplicas), + ObservedGeneration: d.Status.ObservedGeneration, }, } } diff --git a/pkg/kube/wait.go b/pkg/kube/wait.go index ecdd38940..36110d0de 100644 --- a/pkg/kube/wait.go +++ b/pkg/kube/wait.go @@ -19,6 +19,7 @@ package kube // import "helm.sh/helm/v3/pkg/kube" import ( "context" "fmt" + "net/http" "time" "github.com/pkg/errors" @@ -32,6 +33,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/cli-runtime/pkg/resource" "k8s.io/apimachinery/pkg/util/wait" ) @@ -50,10 +52,27 @@ func (w *waiter) waitForResources(created ResourceList) error { ctx, cancel := context.WithTimeout(context.Background(), w.timeout) defer cancel() + numberOfErrors := make([]int, len(created)) + for i := range numberOfErrors { + numberOfErrors[i] = 0 + } + return wait.PollUntilContextCancel(ctx, 2*time.Second, true, func(ctx context.Context) (bool, error) { - for _, v := range created { + waitRetries := 30 + for i, v := range created { ready, err := w.c.IsReady(ctx, v) - if !ready || err != nil { + + if waitRetries > 0 && w.isRetryableError(err, v) { + numberOfErrors[i]++ + if numberOfErrors[i] > waitRetries { + w.log("Max number of retries reached") + return false, err + } + w.log("Retrying as current number of retries %d less than max number of retries %d", numberOfErrors[i]-1, waitRetries) + return false, nil + } + numberOfErrors[i] = 0 + if !ready { return false, err } } @@ -61,6 +80,25 @@ func (w *waiter) waitForResources(created ResourceList) error { }) } +func (w *waiter) isRetryableError(err error, resource *resource.Info) bool { + if err == nil { + return false + } + w.log("Error received when checking status of resource %s. Error: '%s', Resource details: '%s'", resource.Name, err, resource) + if ev, ok := err.(*apierrors.StatusError); ok { + statusCode := ev.Status().Code + retryable := w.isRetryableHTTPStatusCode(statusCode) + w.log("Status code received: %d. Retryable error? %t", statusCode, retryable) + return retryable + } + w.log("Retryable error? %t", true) + return true +} + +func (w *waiter) isRetryableHTTPStatusCode(httpStatusCode int32) bool { + return httpStatusCode == 0 || httpStatusCode == http.StatusTooManyRequests || (httpStatusCode >= 500 && httpStatusCode != http.StatusNotImplemented) +} + // waitForDeletedResources polls to check if all the resources are deleted or a timeout is reached func (w *waiter) waitForDeletedResources(deleted ResourceList) error { w.log("beginning wait for %d resources to be deleted with timeout of %v", len(deleted), w.timeout) @@ -68,7 +106,7 @@ func (w *waiter) waitForDeletedResources(deleted ResourceList) error { ctx, cancel := context.WithTimeout(context.Background(), w.timeout) defer cancel() - return wait.PollUntilContextCancel(ctx, 2*time.Second, true, func(ctx context.Context) (bool, error) { + return wait.PollUntilContextCancel(ctx, 2*time.Second, true, func(_ context.Context) (bool, error) { for _, v := range deleted { err := v.Get() if err == nil || !apierrors.IsNotFound(err) { diff --git a/pkg/lint/lint.go b/pkg/lint/lint.go index 67e76bd3d..c0e79f55b 100644 --- a/pkg/lint/lint.go +++ b/pkg/lint/lint.go @@ -19,19 +19,25 @@ package lint // import "helm.sh/helm/v3/pkg/lint" import ( "path/filepath" + "helm.sh/helm/v3/pkg/chartutil" "helm.sh/helm/v3/pkg/lint/rules" "helm.sh/helm/v3/pkg/lint/support" ) // All runs all of the available linters on the given base directory. -func All(basedir string, values map[string]interface{}, namespace string, strict bool) support.Linter { +func All(basedir string, values map[string]interface{}, namespace string, _ bool) support.Linter { + return AllWithKubeVersion(basedir, values, namespace, nil) +} + +// AllWithKubeVersion runs all the available linters on the given base directory, allowing to specify the kubernetes version. +func AllWithKubeVersion(basedir string, values map[string]interface{}, namespace string, kubeVersion *chartutil.KubeVersion) support.Linter { // Using abs path to get directory context chartDir, _ := filepath.Abs(basedir) linter := support.Linter{ChartDir: chartDir} rules.Chartfile(&linter) rules.ValuesWithOverrides(&linter, values) - rules.Templates(&linter, values, namespace, strict) + rules.TemplatesWithKubeVersion(&linter, values, namespace, kubeVersion) rules.Dependencies(&linter) return linter } diff --git a/pkg/lint/rules/chartfile.go b/pkg/lint/rules/chartfile.go index 70532ad4f..910602b7d 100644 --- a/pkg/lint/rules/chartfile.go +++ b/pkg/lint/rules/chartfile.go @@ -106,6 +106,10 @@ func validateChartName(cf *chart.Metadata) error { if cf.Name == "" { return errors.New("name is required") } + name := filepath.Base(cf.Name) + if name != cf.Name { + return fmt.Errorf("chart name %q is invalid", cf.Name) + } return nil } diff --git a/pkg/lint/rules/chartfile_test.go b/pkg/lint/rules/chartfile_test.go index 087cda047..a06d7dc31 100644 --- a/pkg/lint/rules/chartfile_test.go +++ b/pkg/lint/rules/chartfile_test.go @@ -30,16 +30,19 @@ import ( ) const ( + badCharNametDir = "testdata/badchartname" badChartDir = "testdata/badchartfile" anotherBadChartDir = "testdata/anotherbadchartfile" ) var ( + badChartNamePath = filepath.Join(badCharNametDir, "Chart.yaml") badChartFilePath = filepath.Join(badChartDir, "Chart.yaml") nonExistingChartFilePath = filepath.Join(os.TempDir(), "Chart.yaml") ) var badChart, _ = chartutil.LoadChartfile(badChartFilePath) +var badChartName, _ = chartutil.LoadChartfile(badChartNamePath) // Validation functions Test func TestValidateChartYamlNotDirectory(t *testing.T) { @@ -69,6 +72,11 @@ func TestValidateChartName(t *testing.T) { if err == nil { t.Errorf("validateChartName to return a linter error, got no error") } + + err = validateChartName(badChartName) + if err == nil { + t.Error("expected validateChartName to return a linter error for an invalid name, got no error") + } } func TestValidateChartVersion(t *testing.T) { diff --git a/pkg/lint/rules/dependencies.go b/pkg/lint/rules/dependencies.go index abecd1feb..f1ab1dcad 100644 --- a/pkg/lint/rules/dependencies.go +++ b/pkg/lint/rules/dependencies.go @@ -37,6 +37,7 @@ func Dependencies(linter *support.Linter) { } linter.RunLinterRule(support.ErrorSev, linter.ChartDir, validateDependencyInMetadata(c)) + linter.RunLinterRule(support.ErrorSev, linter.ChartDir, validateDependenciesUnique(c)) linter.RunLinterRule(support.WarningSev, linter.ChartDir, validateDependencyInChartsDir(c)) } @@ -80,3 +81,23 @@ func validateDependencyInMetadata(c *chart.Chart) (err error) { } return err } + +func validateDependenciesUnique(c *chart.Chart) (err error) { + dependencies := map[string]*chart.Dependency{} + shadowing := []string{} + + for _, dep := range c.Metadata.Dependencies { + key := dep.Name + if dep.Alias != "" { + key = dep.Alias + } + if dependencies[key] != nil { + shadowing = append(shadowing, key) + } + dependencies[key] = dep + } + if len(shadowing) > 0 { + err = fmt.Errorf("multiple dependencies with name or alias: %s", strings.Join(shadowing, ",")) + } + return err +} diff --git a/pkg/lint/rules/dependencies_test.go b/pkg/lint/rules/dependencies_test.go index 24c5faf7f..c0afff133 100644 --- a/pkg/lint/rules/dependencies_test.go +++ b/pkg/lint/rules/dependencies_test.go @@ -76,6 +76,67 @@ func TestValidateDependencyInMetadata(t *testing.T) { } } +func TestValidateDependenciesUnique(t *testing.T) { + tests := []struct { + chart chart.Chart + }{ + {chart.Chart{ + Metadata: &chart.Metadata{ + Name: "badchart", + Version: "0.1.0", + APIVersion: "v2", + Dependencies: []*chart.Dependency{ + { + Name: "foo", + }, + { + Name: "foo", + }, + }, + }, + }}, + {chart.Chart{ + Metadata: &chart.Metadata{ + Name: "badchart", + Version: "0.1.0", + APIVersion: "v2", + Dependencies: []*chart.Dependency{ + { + Name: "foo", + Alias: "bar", + }, + { + Name: "bar", + }, + }, + }, + }}, + {chart.Chart{ + Metadata: &chart.Metadata{ + Name: "badchart", + Version: "0.1.0", + APIVersion: "v2", + Dependencies: []*chart.Dependency{ + { + Name: "foo", + Alias: "baz", + }, + { + Name: "bar", + Alias: "baz", + }, + }, + }, + }}, + } + + for _, tt := range tests { + if err := validateDependenciesUnique(&tt.chart); err == nil { + t.Errorf("chart should have been flagged for dependency shadowing") + } + } +} + func TestDependencies(t *testing.T) { tmp := t.TempDir() diff --git a/pkg/lint/rules/deprecations.go b/pkg/lint/rules/deprecations.go index ce19b91d5..90e7748a4 100644 --- a/pkg/lint/rules/deprecations.go +++ b/pkg/lint/rules/deprecations.go @@ -24,6 +24,8 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apiserver/pkg/endpoints/deprecation" kscheme "k8s.io/client-go/kubernetes/scheme" + + "helm.sh/helm/v3/pkg/chartutil" ) var ( @@ -45,7 +47,7 @@ func (e deprecatedAPIError) Error() string { return msg } -func validateNoDeprecations(resource *K8sYamlStruct) error { +func validateNoDeprecations(resource *K8sYamlStruct, kubeVersion *chartutil.KubeVersion) error { // if `resource` does not have an APIVersion or Kind, we cannot test it for deprecation if resource.APIVersion == "" { return nil @@ -54,6 +56,14 @@ func validateNoDeprecations(resource *K8sYamlStruct) error { return nil } + majorVersion := k8sVersionMajor + minorVersion := k8sVersionMinor + + if kubeVersion != nil { + majorVersion = kubeVersion.Major + minorVersion = kubeVersion.Minor + } + runtimeObject, err := resourceToRuntimeObject(resource) if err != nil { // do not error for non-kubernetes resources @@ -62,11 +72,12 @@ func validateNoDeprecations(resource *K8sYamlStruct) error { } return err } - maj, err := strconv.Atoi(k8sVersionMajor) + + maj, err := strconv.Atoi(majorVersion) if err != nil { return err } - min, err := strconv.Atoi(k8sVersionMinor) + min, err := strconv.Atoi(minorVersion) if err != nil { return err } diff --git a/pkg/lint/rules/deprecations_test.go b/pkg/lint/rules/deprecations_test.go index 96e072d14..cf2409007 100644 --- a/pkg/lint/rules/deprecations_test.go +++ b/pkg/lint/rules/deprecations_test.go @@ -23,7 +23,7 @@ func TestValidateNoDeprecations(t *testing.T) { APIVersion: "extensions/v1beta1", Kind: "Deployment", } - err := validateNoDeprecations(deprecated) + err := validateNoDeprecations(deprecated, nil) if err == nil { t.Fatal("Expected deprecated extension to be flagged") } @@ -35,7 +35,7 @@ func TestValidateNoDeprecations(t *testing.T) { if err := validateNoDeprecations(&K8sYamlStruct{ APIVersion: "v1", Kind: "Pod", - }); err != nil { + }, nil); err != nil { t.Errorf("Expected a v1 Pod to not be deprecated") } } diff --git a/pkg/lint/rules/template.go b/pkg/lint/rules/template.go index 000f7ebcf..661c7f963 100644 --- a/pkg/lint/rules/template.go +++ b/pkg/lint/rules/template.go @@ -45,7 +45,12 @@ var ( ) // Templates lints the templates in the Linter. -func Templates(linter *support.Linter, values map[string]interface{}, namespace string, strict bool) { +func Templates(linter *support.Linter, values map[string]interface{}, namespace string, _ bool) { + TemplatesWithKubeVersion(linter, values, namespace, nil) +} + +// TemplatesWithKubeVersion lints the templates in the Linter, allowing to specify the kubernetes version. +func TemplatesWithKubeVersion(linter *support.Linter, values map[string]interface{}, namespace string, kubeVersion *chartutil.KubeVersion) { fpath := "templates/" templatesPath := filepath.Join(linter.ChartDir, fpath) @@ -70,6 +75,11 @@ func Templates(linter *support.Linter, values map[string]interface{}, namespace Namespace: namespace, } + caps := chartutil.DefaultCapabilities.Copy() + if kubeVersion != nil { + caps.KubeVersion = *kubeVersion + } + // lint ignores import-values // See https://github.com/helm/helm/issues/9658 if err := chartutil.ProcessDependenciesWithMerge(chart, values); err != nil { @@ -80,7 +90,8 @@ func Templates(linter *support.Linter, values map[string]interface{}, namespace if err != nil { return } - valuesToRender, err := chartutil.ToRenderValues(chart, cvals, options, nil) + + valuesToRender, err := chartutil.ToRenderValues(chart, cvals, options, caps) if err != nil { linter.RunLinterRule(support.ErrorSev, fpath, err) return @@ -150,7 +161,7 @@ func Templates(linter *support.Linter, values map[string]interface{}, namespace // NOTE: set to warnings to allow users to support out-of-date kubernetes // Refs https://github.com/helm/helm/issues/8596 linter.RunLinterRule(support.WarningSev, fpath, validateMetadataName(yamlStruct)) - linter.RunLinterRule(support.WarningSev, fpath, validateNoDeprecations(yamlStruct)) + linter.RunLinterRule(support.WarningSev, fpath, validateNoDeprecations(yamlStruct, kubeVersion)) linter.RunLinterRule(support.ErrorSev, fpath, validateMatchSelector(yamlStruct, renderedContent)) linter.RunLinterRule(support.ErrorSev, fpath, validateListAnnotations(yamlStruct, renderedContent)) @@ -264,10 +275,10 @@ func validateMetadataNameFunc(obj *K8sYamlStruct) validation.ValidateNameFunc { case "certificatesigningrequest": // No validation. // https://github.com/kubernetes/kubernetes/blob/v1.20.0/pkg/apis/certificates/validation/validation.go#L137-L140 - return func(name string, prefix bool) []string { return nil } + return func(_ string, _ bool) []string { return nil } case "role", "clusterrole", "rolebinding", "clusterrolebinding": // https://github.com/kubernetes/kubernetes/blob/v1.20.0/pkg/apis/rbac/validation/validation.go#L32-L34 - return func(name string, prefix bool) []string { + return func(name string, _ bool) []string { return apipath.IsValidPathSegmentName(name) } default: diff --git a/pkg/lint/rules/testdata/badchartname/Chart.yaml b/pkg/lint/rules/testdata/badchartname/Chart.yaml new file mode 100644 index 000000000..64f8fb8bf --- /dev/null +++ b/pkg/lint/rules/testdata/badchartname/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +description: A Helm chart for Kubernetes +version: 0.1.0 +name: "../badchartname" +type: application diff --git a/pkg/lint/rules/testdata/badchartname/values.yaml b/pkg/lint/rules/testdata/badchartname/values.yaml new file mode 100644 index 000000000..9f367033b --- /dev/null +++ b/pkg/lint/rules/testdata/badchartname/values.yaml @@ -0,0 +1 @@ +# Default values for badchartfile. diff --git a/pkg/plugin/installer/http_installer_test.go b/pkg/plugin/installer/http_installer_test.go index 177227c5b..f0fe36ecd 100644 --- a/pkg/plugin/installer/http_installer_test.go +++ b/pkg/plugin/installer/http_installer_test.go @@ -44,7 +44,7 @@ type TestHTTPGetter struct { MockError error } -func (t *TestHTTPGetter) Get(href string, _ ...getter.Option) (*bytes.Buffer, error) { +func (t *TestHTTPGetter) Get(_ string, _ ...getter.Option) (*bytes.Buffer, error) { return t.MockResponse, t.MockError } diff --git a/pkg/plugin/plugin.go b/pkg/plugin/plugin.go index fb3bc5215..5bb743481 100644 --- a/pkg/plugin/plugin.go +++ b/pkg/plugin/plugin.go @@ -175,6 +175,10 @@ var validPluginName = regexp.MustCompile("^[A-Za-z0-9_-]+$") // validatePluginData validates a plugin's YAML data. func validatePluginData(plug *Plugin, filepath string) error { + // When metadata section missing, initialize with no data + if plug.Metadata == nil { + plug.Metadata = &Metadata{} + } if !validPluginName.MatchString(plug.Metadata.Name) { return fmt.Errorf("invalid plugin name at %q", filepath) } diff --git a/pkg/plugin/plugin_test.go b/pkg/plugin/plugin_test.go index abbc90f7d..725052346 100644 --- a/pkg/plugin/plugin_test.go +++ b/pkg/plugin/plugin_test.go @@ -91,6 +91,7 @@ func TestPlatformPrepareCommand(t *testing.T) { {OperatingSystem: "linux", Architecture: "arm64", Command: "echo -n linux-arm64"}, {OperatingSystem: "linux", Architecture: "ppc64le", Command: "echo -n linux-ppc64le"}, {OperatingSystem: "linux", Architecture: "s390x", Command: "echo -n linux-s390x"}, + {OperatingSystem: "linux", Architecture: "riscv64", Command: "echo -n linux-riscv64"}, {OperatingSystem: "windows", Architecture: "amd64", Command: "echo -n win-64"}, }, }, @@ -108,6 +109,8 @@ func TestPlatformPrepareCommand(t *testing.T) { osStrCmp = "linux-ppc64le" } else if os == "linux" && arch == "s390x" { osStrCmp = "linux-s390x" + } else if os == "linux" && arch == "riscv64" { + osStrCmp = "linux-riscv64" } else if os == "windows" && arch == "amd64" { osStrCmp = "win-64" } else { @@ -350,6 +353,11 @@ func TestSetupEnvWithSpace(t *testing.T) { } func TestValidatePluginData(t *testing.T) { + // A mock plugin missing any metadata. + mockMissingMeta := &Plugin{ + Dir: "no-such-dir", + } + for i, item := range []struct { pass bool plug *Plugin @@ -360,6 +368,7 @@ func TestValidatePluginData(t *testing.T) { {false, mockPlugin("$foo -bar")}, // Test leading chars {false, mockPlugin("foo -bar ")}, // Test trailing chars {false, mockPlugin("foo\nbar")}, // Test newline + {false, mockMissingMeta}, // Test if the metadata section missing } { err := validatePluginData(item.plug, fmt.Sprintf("test-%d", i)) if item.pass && err != nil { diff --git a/pkg/provenance/sign_test.go b/pkg/provenance/sign_test.go index 17f727ea7..bf6848368 100644 --- a/pkg/provenance/sign_test.go +++ b/pkg/provenance/sign_test.go @@ -196,7 +196,7 @@ func TestDecryptKey(t *testing.T) { } // We give this a simple callback that returns the password. - if err := k.DecryptKey(func(s string) ([]byte, error) { + if err := k.DecryptKey(func(_ string) ([]byte, error) { return []byte("secret"), nil }); err != nil { t.Fatal(err) @@ -208,7 +208,7 @@ func TestDecryptKey(t *testing.T) { t.Fatal(err) } // Now we give it a bogus password. - if err := k.DecryptKey(func(s string) ([]byte, error) { + if err := k.DecryptKey(func(_ string) ([]byte, error) { return []byte("secrets_and_lies"), nil }); err == nil { t.Fatal("Expected an error when giving a bogus passphrase") diff --git a/pkg/pusher/ocipusher.go b/pkg/pusher/ocipusher.go index 94154d389..b37a0c605 100644 --- a/pkg/pusher/ocipusher.go +++ b/pkg/pusher/ocipusher.go @@ -29,6 +29,7 @@ import ( "helm.sh/helm/v3/internal/tlsutil" "helm.sh/helm/v3/pkg/chart/loader" "helm.sh/helm/v3/pkg/registry" + "helm.sh/helm/v3/pkg/time/ctime" ) // OCIPusher is the default OCI backend handler @@ -89,6 +90,9 @@ func (pusher *OCIPusher) push(chartRef, href string) error { path.Join(strings.TrimPrefix(href, fmt.Sprintf("%s://", registry.OCIScheme)), meta.Metadata.Name), meta.Metadata.Version) + chartCreationTime := ctime.Created(stat) + pushOpts = append(pushOpts, registry.PushOptCreationTime(chartCreationTime.Format(time.RFC3339))) + _, err = client.Push(chartBytes, ref, pushOpts...) return err } diff --git a/pkg/pusher/pusher.go b/pkg/pusher/pusher.go index c99d97b35..5b8a9160f 100644 --- a/pkg/pusher/pusher.go +++ b/pkg/pusher/pusher.go @@ -116,7 +116,7 @@ var ociProvider = Provider{ // All finds all of the registered pushers as a list of Provider instances. // Currently, just the built-in pushers are collected. -func All(settings *cli.EnvSettings) Providers { +func All(_ *cli.EnvSettings) Providers { result := Providers{ociProvider} return result } diff --git a/pkg/registry/client.go b/pkg/registry/client.go index 7538cf69b..42f736816 100644 --- a/pkg/registry/client.go +++ b/pkg/registry/client.go @@ -124,7 +124,7 @@ func NewClient(options ...ClientOption) (*Client, error) { "User-Agent": {version.GetUserAgent()}, }, Cache: cache, - Credential: func(ctx context.Context, reg string) (registryauth.Credential, error) { + Credential: func(_ context.Context, reg string) (registryauth.Credential, error) { dockerClient, ok := client.authorizer.(*dockerauth.Client) if !ok { return registryauth.EmptyCredential, errors.New("unable to obtain docker client") @@ -198,7 +198,7 @@ func ClientOptPlainHTTP() ClientOption { // ClientOptResolver returns a function that sets the resolver setting on a client options set func ClientOptResolver(resolver remotes.Resolver) ClientOption { return func(client *Client) { - client.resolver = func(ref registry.Reference) (remotes.Resolver, error) { + client.resolver = func(_ registry.Reference) (remotes.Resolver, error) { return resolver, nil } } @@ -527,9 +527,9 @@ type ( } pushOperation struct { - provData []byte - strictMode bool - test bool + provData []byte + strictMode bool + creationTime string } ) @@ -583,7 +583,7 @@ func (c *Client) Push(data []byte, ref string, options ...PushOption) (*PushResu descriptors = append(descriptors, provDescriptor) } - ociAnnotations := generateOCIAnnotations(meta, operation.test) + ociAnnotations := generateOCIAnnotations(meta, operation.creationTime) manifestData, manifest, err := content.GenerateManifest(&configDescriptor, ociAnnotations, descriptors...) if err != nil { @@ -652,10 +652,10 @@ func PushOptStrictMode(strictMode bool) PushOption { } } -// PushOptTest returns a function that sets whether test setting on push -func PushOptTest(test bool) PushOption { +// PushOptCreationDate returns a function that sets the creation time +func PushOptCreationTime(creationTime string) PushOption { return func(operation *pushOperation) { - operation.test = test + operation.creationTime = creationTime } } diff --git a/pkg/registry/testdata/tls/ca.crt b/pkg/registry/testdata/tls/ca.crt index d5b845acb..8c46ff81e 100644 --- a/pkg/registry/testdata/tls/ca.crt +++ b/pkg/registry/testdata/tls/ca.crt @@ -1,21 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIUEtjKXd8LxpkQf3C5LgdzM1++R3swDQYJKoZIhvcNAQEL +MIIDiTCCAnGgAwIBAgIUbTTp/VG6blpKnXwWpSVtw54jxzswDQYJKoZIhvcNAQEL BQAwUzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdEMQswCQYDVQQHDAJTWjETMBEG -A1UECgwKQWNtZSwgSW5jLjEVMBMGA1UEAwwMQWNtZSBSb290IENBMB4XDTIzMDYw -ODEwNDkzOFoXDTI0MDYwNzEwNDkzOFowUzELMAkGA1UEBhMCQ04xCzAJBgNVBAgM -AkdEMQswCQYDVQQHDAJTWjETMBEGA1UECgwKQWNtZSwgSW5jLjEVMBMGA1UEAwwM -QWNtZSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgrX -Lv3k3trxje2JEoqusYN67Z3byZg69djRatfdboS3JKoTIHtcY7MMLdfhjAK97/wv -BaIMuVNgueu4qH6bea7FCP8XWz2BYBrH2GcKjVrBMkUrlIzjG9gnohkeknJQvQvl -oVbqLgZJn0HQcZtsPDnLwfjWDZrNkFBtvPSIMaRQbmtOFdSqAQjLKezbwlznBCJ5 -qpLsgc67ttDW5QAS+GszWPmypUlw8Ih7m8J95eT9aUESP0DbdraeUktWJQTdqukd -NflLaA2ZoV+uTX+wVE4yyXgSjD3Sd93+XhoSSzDzkzRnLsocRutxrTiNC/1S+qhb -Z72XLk0bvNwQhJjHDQIDAQABo1MwUTAdBgNVHQ4EFgQUoSKAVvuJDGszE361K7IF -RXOVj2YwHwYDVR0jBBgwFoAUoSKAVvuJDGszE361K7IFRXOVj2YwDwYDVR0TAQH/ -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOqH/JFuT1sqY/zVxCsATE1ze85/o -r6yPw3AuXsFzWtHe/XOFJzvbfOBWfocVLXTDc5933f1Ws/+PcxQKEQCwnUHrEAso -jLPzy+igHc07pi9PqHJ21Sn8FF5JVv+Y6CcZKaF5aEzUISsVjbF2vGK8FotMS9rs -Jw//dDfKhHjO9MHPBdkhOrM31LV6gwYPepno/YYygrJwHGQ5V9sdY8ifRBG6lX2a -xK4N2bl5q3Cpz+iERLNGP2c8OVQwLfSYLpFRSbHS8UiN4z6WqfgYHG7YurvbiMiJ -/AFkUatVJQ5YLmfCz4FMAiaxNtEOkZh5cvL1eCLK7nzvgAPCI33mEp6eoA== +A1UECgwKQWNtZSwgSW5jLjEVMBMGA1UEAwwMQWNtZSBSb290IENBMCAXDTI0MDQy +MTA5NDUxOFoYDzMzOTMwNDA0MDk0NTE4WjBTMQswCQYDVQQGEwJDTjELMAkGA1UE +CAwCR0QxCzAJBgNVBAcMAlNaMRMwEQYDVQQKDApBY21lLCBJbmMuMRUwEwYDVQQD +DAxBY21lIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq +OrCgXpMjeSjWJYanmSG/2K4zk0HXeU3eMt5bkshlqHnEwJFD5tMZkJZUsGPiJr9A +vAqYu2V9/gMKUptvHgxmMkh9BZYCnXAGzhl+OogYcJA5l/YBuDvmgz8M3aRZr7xd +IA9KtepnDlp7NRWXsgRHzJNMBkV4PpEVHbJTVdjHVYERCw0C1kcb6wjzshnmUmJJ +JVEQDRCCaYymtIymR6kKrZzIw2FeyXxcccbvTsKILItEECYmRNevo1mc5/f8BEXx +IzEPhDpoKSTq5JjWHCQH1shkwWyg2neL7g0UJ8nyV0pqqScE0L1WUZ1BHnVJAmGm +R61WXxA3xCFzJHSc2enRAgMBAAGjUzBRMB0GA1UdDgQWBBREgz+BR+lJFNaG2D7+ +tDVzzyjc4jAfBgNVHSMEGDAWgBREgz+BR+lJFNaG2D7+tDVzzyjc4jAPBgNVHRMB +Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAL9DjzmNwDljtMWvwAbDC11bIw +zHON10J/bLcoZy3r7SaD1ZjPigzdpd0oVaoq+Kcg/J0JuIN2fBzyFljft//9knDA +GgO4TvDdd7dk4gv6C/fbmeh+/HsnjRDHQmExzgth5akSnmtxyk5HQR72FrWICqjf +oEqg8xs0gVwl8Z0xXLgJ7BZEzRxYlV/G2+vjA1FYIGd3Qfiyg8Qd68Y5bs2/HdBC +a0EteVUNhS1XVjFFxDZnegPKZs30RwDHcVt9Pj/dLVXu2BgtdYupWtMbtfXNmsg2 +pJcFk7Ve1CAtfrQ2t8DAwOpKHkKIqExupQaGwbdTAtNiQtdGntv4oHuEGJ9p -----END CERTIFICATE----- diff --git a/pkg/registry/testdata/tls/ca.key b/pkg/registry/testdata/tls/ca.key new file mode 100644 index 000000000..f228b4d24 --- /dev/null +++ b/pkg/registry/testdata/tls/ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCqOrCgXpMjeSjW +JYanmSG/2K4zk0HXeU3eMt5bkshlqHnEwJFD5tMZkJZUsGPiJr9AvAqYu2V9/gMK +UptvHgxmMkh9BZYCnXAGzhl+OogYcJA5l/YBuDvmgz8M3aRZr7xdIA9KtepnDlp7 +NRWXsgRHzJNMBkV4PpEVHbJTVdjHVYERCw0C1kcb6wjzshnmUmJJJVEQDRCCaYym +tIymR6kKrZzIw2FeyXxcccbvTsKILItEECYmRNevo1mc5/f8BEXxIzEPhDpoKSTq +5JjWHCQH1shkwWyg2neL7g0UJ8nyV0pqqScE0L1WUZ1BHnVJAmGmR61WXxA3xCFz +JHSc2enRAgMBAAECggEAJVX2A1Z64x7hzAYzAHNfqZo2qu0zVbUvVPrHNkJ9XX6U +Jokt0zy/NC44Kp79aU6iR+p2UIVZf0bFF/CCUt6+TXPd3j3pZu1s8rElekAQNXwK +xfcEZ+AmkypaG9JJB7q5j5tGf1Zi8PN++OLtt3W95pmB/PyrI/JlE8KNqCV+BEnq +jLheACmehK+G7Rtez128lPvWHAnUTuQQ0wql1z4Z9VB5UwCYD3AxDz34jd8lwZQ1 +RQLUQblN46zpzkBTAX7sTmi9/y0nHJ7rJukTKxDciZ0xPkhtiAKjh6R2wb1TO51Q +fyGT7iyvtxnqQf+VoNYZGiQ/L7DMppSEHUMm0gkZuQKBgQDoFmLz5J7spQgASjXi +OLt8lWQOovzNC7K/pjILhD86o58efbZs6NdBrdq8GbeBtowd8HW0nwrxPbk0YN8W +Fr8kl6hAHYd4UYpMWYNDmB7KIVTAoU/Fk+p5AjXIBwQcYm9H66tDAO/yC8G8EEzu +iPoBTBQGMss87LH0jsSCDO0oQwKBgQC7xLY58zrU/cdK+ZbKmNA158CibH6ksXHP +Z4gm+yMW0t7Jdd39L+CfyAEWF9BAagJUuiaxIq3ZiHu7rA6PJ2G8jqRcIHyFgMRk +sxKTd7F86AI/IEZy7k0l//E4AsXERVgafvRuuSwYsm+ns6cuVYjAYRaHHinZpQao +Y98SxuxeWwKBgGFE+KX1XHIb3JWahKjSVCmrxuqnfsJFM95Evla7T3C5ILg7wdg1 +Yfoh7jnFoXZY1rK5k+tmeMSQtO1x6C2uzN9+PELa3Wsc6ZSEM5KBz+2xOH8fXHqX +Or8KoRW7cwqears+12FWpDnSmZjDUCrs97LRetb6NNnM7exsZYmH92FXAoGBAJDZ +fm4UCfWXVK+s/TuLSUvcXYmvQr9QN+j1CF5x7C7GO6GUcMzJq3H3e4cMldWrMeMk +u4Z4pz6iADnV0GF00vv/2iFL2mOu41J/pjvm4R/nZxxFjLNKzG8dE3vO/7uadw3x +lCT6al8e/+2SNM0UpOsrupI/na9NlGZArSyyElPzAoGBAIVv0H798SZjUxpfLT8s ++DI1QFbenNeoEaeXdkYtGrSPUhfZQQ2F744QDsbMm6+4oFkD9yg2A3DvSbd9+WrP +eDKKA5MAeNiD3X6glEcQOE1x6iTZ0jEXArv1n/qCl1qaUDPDUr8meIlkuwRgwyyW +vKxiQdtK+ZLUNfU2R5xZwo+X +-----END PRIVATE KEY----- diff --git a/pkg/registry/testdata/tls/client.crt b/pkg/registry/testdata/tls/client.crt index 5b1daf278..f54f46c77 100644 --- a/pkg/registry/testdata/tls/client.crt +++ b/pkg/registry/testdata/tls/client.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAkOgAwIBAgIUdJ6uRYm6RYesJ3CRoLokemFFgX8wDQYJKoZIhvcNAQEL -BQAwUzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdEMQswCQYDVQQHDAJTWjETMBEG -A1UECgwKQWNtZSwgSW5jLjEVMBMGA1UEAwwMQWNtZSBSb290IENBMB4XDTIzMDYw -ODEwNTA0OFoXDTI0MDYwNzEwNTA0OFowWTELMAkGA1UEBhMCQ04xCzAJBgNVBAgM -AkdEMQswCQYDVQQHDAJTWjETMBEGA1UECgwKQWNtZSwgSW5jLjEbMBkGA1UEAwwS -aGVsbS10ZXN0LXJlZ2lzdHJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAxuVrOJyfUO71wlqe/ae8pNVf3z+6b7aCYRrKJ4l66RKMPz9uP5lHD9QImCTU -LddER48iRr5nzaUKqNUsPn4tTcdaH9EEra+PDp+YeToyZARO+coxCq8yt1NxXrlb -E/q9Ie9QUlruhthrgr+5DC+qogZA8kcVPOs2+ObqeCCO6QGpECxROO2ysXHyjy2b -nwGCzZRz90M4z0ifXcey9RLzbmEsYymq6RbaeQvdzevgXhzIANktILuB0D3wJ2ae -WWP2CfBrjaPbOBtzdDhyl4T1aqLiUpDELUJLVpf/h6xCh52Q0svpsGVGtyO+npPe -kZ1LSVAnVGS6JlWWhs7RL0eaPwIDAQABoyEwHzAdBgNVHREEFjAUghJoZWxtLXRl -c3QtcmVnaXN0cnkwDQYJKoZIhvcNAQELBQADggEBABbxtODFOAeTJg4Q3SXqJ8Gq -zh3/1DaAEnMGHILYuS9tK5lisTLiUerqeQaHKR6U90HK/P1vVxe7PvwfHBrVsGkR -4YC6nivf8LMySKBQmsPUHjdotNZZ8O1pqd+CMqZe2ZuvzLZ4pPdw25lKjhZ7qI+t -hQ8yotiJALzEUWLJSgP5Y8k4hFfRGSso1oAC+WppQeW6ITqDo1MrzH7gpjnp+CJG -NWM1oAQCB1qIdo6gY386w6yLyUhfHtAVa3vviQ0dkRLiK95He5xZcO11rlDNdmgF -cF6lElkci8gPuH8UkKAT5bP9dAEbHPSjAIvg5O9NviknLiNAdFRKeTri+hqNLhE= +MIIDijCCAnKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJDTjEL +MAkGA1UECAwCR0QxCzAJBgNVBAcMAlNaMRMwEQYDVQQKDApBY21lLCBJbmMuMRUw +EwYDVQQDDAxBY21lIFJvb3QgQ0EwIBcNMjQwNDIxMTA1MzA1WhgPMzM5MzA0MDQx +MDUzMDVaMFkxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1ox +EzARBgNVBAoMCkFjbWUsIEluYy4xGzAZBgNVBAMMEmhlbG0tdGVzdC1yZWdpc3Ry +eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALK1aOjQvB337gmjkORj +QQyBDsScyWCnc1gjypcwPvi97+FFlp/jZUWasIa+FXeYWhwWiUI2tUttDNPZATqq +c2My1uME2Dm0PG9qAUuvW5CEdE7Bw3T2K/8A1myfux/vyMXEjXKHAl+uhTcqDlew +/yIF2gfO2dKYk+xnZwdE6w8bIQTqnaG0JxtK7Q0ULldsCOFtF+a4C9Zye6ggdieh +cwVuV41ehbVCK3E7AylTFwbALB6ZQ4z3V6jXrXBNdMKSLyesWAAwROcUB+S68NEa +5AWSfGXOT2glHzMHe7fJoulTetvJiaKBpxnFInMquBRzxpNO7A6eVmp6FQfpXqof +wikCAwEAAaNhMF8wHQYDVR0RBBYwFIISaGVsbS10ZXN0LXJlZ2lzdHJ5MB0GA1Ud +DgQWBBT6yXtjugflf08vGK3ClkHGw/D9HzAfBgNVHSMEGDAWgBREgz+BR+lJFNaG +2D7+tDVzzyjc4jANBgkqhkiG9w0BAQsFAAOCAQEAoDEJSYcegsEH1/mzAT8CUul5 +MkxF8U1Dtc8m6Nyosolh16AlJ5dmF5d537lqf0VwHDFtQiwexWVohTW9ngpk0C0Z +Jphf0+9ptpzBQn9x0mcHyKJRD3TbUc80oehY33bHAhPNdV3C1gwCfcbdX8Gz89ZT +MdLY0BfDELeBKVpaHd2vuK+E06X0a7T5P7vnYmNFpQOMyyytl7vM1TofmU905sNI +hrHqKH6c2G6QKW+vuiPoX+QbZFZ4NJ+Lco176wnpJjMZx3+Z6t4TV4sCaZgxj3RT +gDQBRnsD6m03ZoVZvIOlApUs3IEKXsqsrXJpuxfvU89u9z6vOn6TteFsExXiuA== -----END CERTIFICATE----- diff --git a/pkg/registry/testdata/tls/client.key b/pkg/registry/testdata/tls/client.key index 2f6a8aa12..3e7645003 100644 --- a/pkg/registry/testdata/tls/client.key +++ b/pkg/registry/testdata/tls/client.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDG5Ws4nJ9Q7vXC -Wp79p7yk1V/fP7pvtoJhGsoniXrpEow/P24/mUcP1AiYJNQt10RHjyJGvmfNpQqo -1Sw+fi1Nx1of0QStr48On5h5OjJkBE75yjEKrzK3U3FeuVsT+r0h71BSWu6G2GuC -v7kML6qiBkDyRxU86zb45up4II7pAakQLFE47bKxcfKPLZufAYLNlHP3QzjPSJ9d -x7L1EvNuYSxjKarpFtp5C93N6+BeHMgA2S0gu4HQPfAnZp5ZY/YJ8GuNo9s4G3N0 -OHKXhPVqouJSkMQtQktWl/+HrEKHnZDSy+mwZUa3I76ek96RnUtJUCdUZLomVZaG -ztEvR5o/AgMBAAECggEBAKTaovRZXPOIHMrqsb0sun8lHEG+YJkXfRlfSw9aNDXa -2cPSn163fN7xr+3rGLKmKkHlsVNRnlgk46Dsj698hbBh+6FDbc1IJhrIzWgthHbB -23PO0rc4X6Dz2JParlLxELJ/2ONp2yqJVxMYNhiTqaqB5HLr1/6WNwo220CWO92D -vLz3rBHO5Vw5b5Y6Kt6MN6ciIHB2k+obhh4GQRJjUhvmmKCzbk1/R1PFYNwhhMN0 -Av6BdwFgngvNzJ8KMxGia7WJSvDYUk0++RRZ1esiZqwWRVCFFkm4Hj+gKJq6Xnz0 -a2nSvlC9k4GJvD9yY9VcDTJY+WsNN3Ny29gIFUeU9IECgYEA4norD3XakMthgOQk -3NE3HSvpZ22xtVgN9uN0b/JXbg7CLlYzn3tabpbQM/4uI6VG3Mk5Pk83QfKnr4W1 -aYO3YTEQ9B4g0eu3t4zfQOibY2+/Jb7Yfv/fH+pjkI26zYDQn61gsFdV9uxF7Pgu -NGNVe/eY+RkxEWsTtb40jcrbCgsCgYEA4NLWAdlrGKWZP5nLvM1hVB8r4WS82c0e -Orfyv2NhiqfRasARC1lQCqwbmCjb0c/eQiW7lJ7iSECc/8xW3HrJBYpG/tCxi9+m -SWxZXzRXDL8bmuoVvYeA/hFZayef5qCc8eiTYGQp6N5ozQHLXuPbNu7n6YSwvoU4 -ANrVBDRXxR0CgYEAmwbfhPS6iVT+yFjjNthrrqdJXQhElgrRfEfUg3DTEj4+A7P0 -IF4y1/KaUIzUjofrSuTfL1zQSW9OA6M2PCTymTAaF9CrzKZbGuTuSaMwAtASe0b5 -MW37EQDD6MZrsZJUvIjU38DY0m6Hqx9zmV7JvFMPPqxU30R5uHWbyderOmMCgYA5 -P3afIe3TaNeNCmyGtwWBli5mRnCQRVrdONnnQjckR3db52xvp15qWUjthfnzgyrl -TRZm0c5s94cC29WCbwGhF4Tcfee35ktBhwV66KkB5efxmonOqSJ/j4tlbcGZyGwu -bTqZ4OeLFJc7HKncj8jSRCNpoxAec22/SfnUCEARQQKBgAnwaN6kmGqIW2EsNOwB -DXCvG4HI9np5xN5Wo2dz7wqGtrt0TVtJ/PNBL3iadDLyPHahwoEVceFrQwqxjPsV -AoSwVDTdX96PKM/v/2ysw1JLf7UMT59mpxFoYiXCPn5Do4D1/25UfMOsJSmFo1Ij -Hkw1bqG8QneuME16BnDQfY3b +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCytWjo0Lwd9+4J +o5DkY0EMgQ7EnMlgp3NYI8qXMD74ve/hRZaf42VFmrCGvhV3mFocFolCNrVLbQzT +2QE6qnNjMtbjBNg5tDxvagFLr1uQhHROwcN09iv/ANZsn7sf78jFxI1yhwJfroU3 +Kg5XsP8iBdoHztnSmJPsZ2cHROsPGyEE6p2htCcbSu0NFC5XbAjhbRfmuAvWcnuo +IHYnoXMFbleNXoW1QitxOwMpUxcGwCwemUOM91eo161wTXTCki8nrFgAMETnFAfk +uvDRGuQFknxlzk9oJR8zB3u3yaLpU3rbyYmigacZxSJzKrgUc8aTTuwOnlZqehUH +6V6qH8IpAgMBAAECggEAFv5M3oG25pM3GyHiu2QC41k6nXT/2xIIfvtx7lR8kbQc +iGtT90QCjHtcAaY07GObmngS1oRj/K2uBBbsd9AlEwsgR2rg6EHGsd4dhw+rtBM6 +xMRdAfBHlmKU9Dp0EOag+kMxIN56oXV6ue+NE17YYNgIZs9ISvarN7RRNwf4x4NS +wpeWBqt120B3p9mGS64vE6wFxpRKSpFcpIp+yUswI45x8mbvCBr4tNW0OQ7y+WwS +rPp7GayutEUB9etRWviw10D7pz3HrxfarrZJm65IH1Fw5Ye6ayteoWg4IY2s3qSS +gh4qMZNMPeE6G3UBmkMdUf27+Udt8bSrSoz2Z8OlVQKBgQDcMY6h0BTFJcioBLhV +qe0FmckVNzs5jtzdwXFSjQduUCZ74ag5hsW3jQ0KNvd1B/xOv/Df6rYJY3ww8cQ1 ++KRTzt5B4qZwC1swuzqHWjR/W5XBlX3hRbs+I3imveaQ9zNFpktDZhaG72AWLLpa +Y31ddrkG4a8rTZFSuOVCbyj7JQKBgQDPxN/2Ayt/x+n/A4LNDSUQiUSALIeBHCCo +UzNQojcQLyobBVCIu5E3gRqIbvyRde7MQMGhfpLuaW7wmW0hqkUtRDYb4Hy52YMg +PFkno11wdpoEN3McLJNH08q+2dFjUKzQWygelDvkQMkwiL2syu+rEoUIEOCWyW6V +mPEPmfcdtQKBgEbqgwhkTrwr7hMG6iNUxex+2f9GOYHRHBsjeQ7gMtt5XtuZEqfs +WvNBr0hx6YK8nqryMG69VgFyFAZjZxEG0k3Xm0dW6sm9LpJkSnZbO/skkPe24MLT +xXk+zVXOZVqc8ttksmqzj1/H6odZwm7oCfE3EmI//z2QDtS4jcW2rVktAoGABfdn +Xw80PpUlGRemt/C6scDfYLbmpUSDg5HwFU6zOhnAocoDSAnq36crdeOKCTtTwjXR +2ati2MnaT7p4MdFL70LYMvC9ZDDk3RYekU7VrhcZ0Skuew6kpBlm5xgmNS3p6InV +mxsypRlfLa+fksi5HTaI73RcnrfmHxGnSoVnXUkCgYAHggM+T7e11OB+aEQ0nFcL +nS58M7QgB3/Xd7jGrl9Fi5qogtHE80epiV/srWaACZV6ricCZoDikOZzH1rRL2AA +Wlmb4j9yKp4P4uN0tniU0JuFEIQgLklAsEb4BG6izHI0UpXZTKVXY0XymOBdNtaw +QakjUJVKk+LqapUGIR8xRw== -----END PRIVATE KEY----- diff --git a/pkg/registry/testdata/tls/server.crt b/pkg/registry/testdata/tls/server.crt index 5fae09bb9..42585e775 100644 --- a/pkg/registry/testdata/tls/server.crt +++ b/pkg/registry/testdata/tls/server.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAkOgAwIBAgIUdJ6uRYm6RYesJ3CRoLokemFFgX4wDQYJKoZIhvcNAQEL -BQAwUzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdEMQswCQYDVQQHDAJTWjETMBEG -A1UECgwKQWNtZSwgSW5jLjEVMBMGA1UEAwwMQWNtZSBSb290IENBMB4XDTIzMDYw -ODEwNTAzM1oXDTI0MDYwNzEwNTAzM1owWTELMAkGA1UEBhMCQ04xCzAJBgNVBAgM -AkdEMQswCQYDVQQHDAJTWjETMBEGA1UECgwKQWNtZSwgSW5jLjEbMBkGA1UEAwwS -aGVsbS10ZXN0LXJlZ2lzdHJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA59jg4ml82uyvrg+tXf/0S8WHuayl5fB3k1lIPtOrTt5KBNh6z5XHZDogsQ3m -UEko4gVUvKL0Einm1i5c3C6KFFj0RNib0QpOZtxu54mx2Rxazkge0yjoTMwl/P1o -pvRI6qfRri8LdlqWwU9wBIYmKqEM8jPjxKcCOaR0WyQmEJ6KbayTzsVNHaQxG/f3 -aIDCkp3tFl+LaTJHjGdZN7tvJsZ1wXlQy6gXTJIPXHDTS/uh3Xp8jgqhlnQPIr44 -HikiAp9DMnOBGO4u4cZjCr04cQnLS9knsBAQCjja9J9DnZ5vKatBHF3nOVAtGoBM -o69HcYoX5F10Qg8YOa7QwIYjpQIDAQABoyEwHzAdBgNVHREEFjAUghJoZWxtLXRl -c3QtcmVnaXN0cnkwDQYJKoZIhvcNAQELBQADggEBABMYICc/rzijGhFPFOeSrXyk -xFX9SSrGMl0CzV44sxzJFJ89BrW9bUWf4rLuc2ugqWp78kRKGMKgaytDrmGGuZKy -Qy+xl3DTAoc9FYOBphtcH1QndWdbpKSc2sTKvdeV6SslKwWXlAvcqIain80fWAkn -J+9Fd/rq3sJxCYsYhEf17pDjHDnG5ZUsBAWWzN+YjtSAe4PzT1KdljUPCC1GbF+H -1dx+MwapV+atftzlGjld8H73MXrKRNUSZM5lEFvzCZz48J1Ml6UVnYO+QCybeJtQ -lBT3/wclJ86e0eNkZJI0WTmrqlaNS/J7mbZ+4BhfjuO5PyZbLg8DcWmaKeNtT8M= +MIIDijCCAnKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJDTjEL +MAkGA1UECAwCR0QxCzAJBgNVBAcMAlNaMRMwEQYDVQQKDApBY21lLCBJbmMuMRUw +EwYDVQQDDAxBY21lIFJvb3QgQ0EwIBcNMjQwNDIxMTA1MzM4WhgPMzM5MzA0MDQx +MDUzMzhaMFkxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1ox +EzARBgNVBAoMCkFjbWUsIEluYy4xGzAZBgNVBAMMEmhlbG0tdGVzdC1yZWdpc3Ry +eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAME7cQl/08+JJv8aR07t +9nAnqQ6fYUwMBX8ULS2i6dXUoR0WpTBS8VgGUb2pNnH83r/VbvAcHSY/3LSUdt1d +j+cyCBQHXf8ySolInVP3L3s435WJuB9yzVZmlI8xrLOYmfVLnoyWjsirZT2KjLSw +gVgn0N9PQ6K+IvrIph/jgBsv9c6oCLvWH1TcVtS5AN6gb5aSvr2cXRCVelntLH9V +QpsmceMtHfzJUW37AarEvTj8NNTOWMIPNs1rqNpFEy1AepHy388C63SJuqy69dvx +9wE1DCCduH3PMgF7cxWicow9JcIK4kZLrBD4ULdSxTmqA1+yLf+VHhSrDIQy3Lwj +bBcCAwEAAaNhMF8wHQYDVR0RBBYwFIISaGVsbS10ZXN0LXJlZ2lzdHJ5MB0GA1Ud +DgQWBBSQliNnbB0bCKi3c3mqifj3CPZbxTAfBgNVHSMEGDAWgBREgz+BR+lJFNaG +2D7+tDVzzyjc4jANBgkqhkiG9w0BAQsFAAOCAQEAPztylxowZuLT3zRdB0JHkmnI +zoUmG1hwBeRtruMqQGZnSX0F2glTVKcJzC+Wl5XzMHt2AcRmYl4qk7flWfFavlFp +7ycIbbKH/4MVmuJF53Zy40fOZ2rDSfyjNsPNQLxTg3tlWVbEAcuyKAWLJ5RZG+hL +fSKVFzdEsV+Ux//BUuce/q42hTBbZF09GtG+Lg7/DgxGIY7CLzID8GfdcYRBv4sX +eeOHeGnDC1zttMcnWU49zghJ8MXwo7tOsybQEZmSZZdwQwm+pEwxdibJAXQ/OSGb +c7RI+clTmnwbP/vnig5RnMALFbUaP2aE/mTMYLWBBV1VqWkfx4Xc7xbE9lrpuA== -----END CERTIFICATE----- diff --git a/pkg/registry/testdata/tls/server.key b/pkg/registry/testdata/tls/server.key index da44121a7..4f7bd54fb 100644 --- a/pkg/registry/testdata/tls/server.key +++ b/pkg/registry/testdata/tls/server.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDn2ODiaXza7K+u -D61d//RLxYe5rKXl8HeTWUg+06tO3koE2HrPlcdkOiCxDeZQSSjiBVS8ovQSKebW -LlzcLooUWPRE2JvRCk5m3G7nibHZHFrOSB7TKOhMzCX8/Wim9Ejqp9GuLwt2WpbB -T3AEhiYqoQzyM+PEpwI5pHRbJCYQnoptrJPOxU0dpDEb9/dogMKSne0WX4tpMkeM -Z1k3u28mxnXBeVDLqBdMkg9ccNNL+6HdenyOCqGWdA8ivjgeKSICn0Myc4EY7i7h -xmMKvThxCctL2SewEBAKONr0n0Odnm8pq0EcXec5UC0agEyjr0dxihfkXXRCDxg5 -rtDAhiOlAgMBAAECggEBAJ6kfFzwqYpz4lJMT+i+Nz+RzilyxaHtRSUCNrkmxVWW -LTfbmU1pw6IFVFFSnYHaTas60pyxNCkpmtZ7qvbOsZTyuVJSlWwYjUU9GHY+df+F -s2zrVIxQtYO3PVc7Xty+0xYd9xAlCMbXfciQvqmZ0Yvh36Xrc7MgRBmFOkkTFyjO -xaT70D5jwK0QKU8sMY+b9XvvaX59jbRmYAHL0wNcke/E7J4NKEAYfRI+x7kuFhP4 -yDbs9YE0u51cHYAGV4EujZhnv2AwvDnAWs0yHqIbVOIWI9+JRYKmPScr7b1bJfd/ -yy24GXvBu7Ss4TkfsJ/FdGXESr0Gj0ZIPIneDn/vrQECgYEA9jHu4FjTbRff+4tV -3zJJe88+yByjC6Hhj223JmRpCXQrXl2WLAYXl94p7M5NFdkD5QG7jsNUogLb73dV -ekUjuQl7IhJZYcRAXcnlkF+8pKt1duA0uRa22VtlR2wyn8oSnLV/9088Moh35sCP -MjWQDlZ/BW7YUPrOtB14eUCvMjECgYEA8RSpmXZVQdGnIIm6gC3rEhtfHQqAoBn0 -JRvnRXC/LKeVSgVF3ijeT9P/0JQuM9uxubV314nY+fhXsM5kkMZUoXMMSoxE+xPw -cgArpzwsleMn7BQ/UF3GLpdkUgNFI8bolZFbIa54F7YSFNto0NBp3mkceCJwoWmZ -BPIoo4zpV7UCgYEAviK2L8GqF5jWvPhRK300z0+xVu725ObywsijKB1oGYsEa26v -qfRSiFFl46M4WWUu4tBBv/IPDMhUf06UT0fSXPd7h0bQjPb6FvT0PFoT4MEiiNqD -HWbzdE5nm49uUYXIdgqed6tT/Fr07ttMPCStysT2eIWwvmnU9bnE7zALniECgYAr -HM7XqtnEU4HXx8macpu/OTXhM6ec+gc3O644NNl7WtzPx/GesSBQllEBM/6vN3Kp -C1LLMNOkoEzOSZqiaVVpKfHgwwTzAbXWLUGhPpmalGznQxevf5WZb2l5YSxUIZYm -aUAq3dCMLPs+z54G+b51D8cPlNkfhIrg34108hYooQKBgQDWMbc6wY6frvJCmesx -i7F/JHJweqcQdW649RCvtK8M/O062/3vvSNTxqEjPaJOGiD4Cn+D5pYchVujqlTM -8DK77N97NzQvpHm81lpKVIg5sObarvT3RnCSRpOumbX5SCBoBUs+nVC01/zZz79c -AJFLAeHI1RjhB0AFpRDCvZZk6w== +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDBO3EJf9PPiSb/ +GkdO7fZwJ6kOn2FMDAV/FC0tounV1KEdFqUwUvFYBlG9qTZx/N6/1W7wHB0mP9y0 +lHbdXY/nMggUB13/MkqJSJ1T9y97ON+Vibgfcs1WZpSPMayzmJn1S56Mlo7Iq2U9 +ioy0sIFYJ9DfT0OiviL6yKYf44AbL/XOqAi71h9U3FbUuQDeoG+Wkr69nF0QlXpZ +7Sx/VUKbJnHjLR38yVFt+wGqxL04/DTUzljCDzbNa6jaRRMtQHqR8t/PAut0ibqs +uvXb8fcBNQwgnbh9zzIBe3MVonKMPSXCCuJGS6wQ+FC3UsU5qgNfsi3/lR4UqwyE +Mty8I2wXAgMBAAECggEAAKk5/ytSlGCTicatCcZJbb0xy3ZpUcyuVCH28ABuEyiY +DugEU3PLll6Aw+JWG/Ieg1xKj3dSwWe+H785eazK3W9pYanCY4+1FSuMOW/pPkWs +IvA536ARhCmNRo27JoSJU+Wyh1tlTHOk2mukt/vs/vOb6x4NTPttIs7lUP42DC6O +e/gTvwD13Rrg9PC0aDpZzLqdmXyUoHQ4h8dfYytDE9rZ1gC2CNdd7NWvt2JUppRx +qWR5OQxm+QiZqrMDUFTZISB/bD7MX/Ubq5InAfwdznzyav4uWsxq72FuoFFGl9xh +l6WEdusyKay/eNZgXqrHyuJvmt1PUL+Azu8ZYD+C2QKBgQD/nogcrVKLzmmrnggG +lMAvF5tp3gMI7+wqALH/79Gelvj5CWzGBnS7BcuXFR5cbpLk1cW6mj16IPIRA2CR +xpGfYKtYt0j5hvIZTg3TpK3Pj/kqEv0AicdGP6SYduJYgaUwFKRzHSR+N3121v5X +MVXKb5q6pD1wb7cOc2FJAOySHQKBgQDBhR8bAg99EgvVNioSkot++kRffWxwZ9uS +k1jmhLl7djb1tND4yZGZmi8+bdw7qz7J5yEJHuJiMwOkDsBokpKykk36tjBx3UiV +Z46OiKbRkiwBLg6fio6BVwAuQpoQ+qMWwkjZFPzWiEhxTPo3ZyiJP8JlT8sG3rV4 +My3wvLagwwKBgFT3RRcDJaUC/2zkIpbNavQ8TJRsD2YxGbb8dC42cN7eH/Pnhhhs +nPBthLa7dlQTDRCzXf4gtr6ZpNyy2q6Z6l2nrEzY35DRojd3EnF/E6cinBe4KBC9 +u1dGYFetbJ8uuNG6is8YqMCrgTC3VeN1qqaXYj8XyLRO7fIHuBakD/6hAoGARDal +cUK3rPF4hE5UZDmNvFOBWFuAptqlFjSkKJVuQCu6Ub/LzXZXwVoM/yeAcvP47Phw +t6NQTycGSIT+o53O4e0aWZ5w0yIaHLflEy7uBn9MzZmrg+c2NjcxlBzb69I9PJ99 +SC/Ss9hUGMP2iyLssfxsjIOk4CYOt3Dq56nNgjsCgYBWOLVMCV10DpYKUY5LFq60 +CJppqPyBfGB+5LLYfOp8JSIh1ZwSL139A2oCynGjrIyyPksdkBUMcS/qLhT1vmzo +zdUZMwK8D/TjF037F/t34LUHweP/2pl90DUcNPHJJs/IhXji7Kpdnqf3LhSXmgNs +d7TshLFRKM1z2BlZPZ56cA== -----END PRIVATE KEY----- diff --git a/pkg/registry/util.go b/pkg/registry/util.go index 8baf0852a..4bff39495 100644 --- a/pkg/registry/util.go +++ b/pkg/registry/util.go @@ -166,10 +166,10 @@ func NewRegistryClientWithTLS(out io.Writer, certFile, keyFile, caFile string, i } // generateOCIAnnotations will generate OCI annotations to include within the OCI manifest -func generateOCIAnnotations(meta *chart.Metadata, test bool) map[string]string { +func generateOCIAnnotations(meta *chart.Metadata, creationTime string) map[string]string { // Get annotations from Chart attributes - ociAnnotations := generateChartOCIAnnotations(meta, test) + ociAnnotations := generateChartOCIAnnotations(meta, creationTime) // Copy Chart annotations annotations: @@ -190,7 +190,7 @@ annotations: } // getChartOCIAnnotations will generate OCI annotations from the provided chart -func generateChartOCIAnnotations(meta *chart.Metadata, test bool) map[string]string { +func generateChartOCIAnnotations(meta *chart.Metadata, creationTime string) map[string]string { chartOCIAnnotations := map[string]string{} chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationDescription, meta.Description) @@ -198,10 +198,12 @@ func generateChartOCIAnnotations(meta *chart.Metadata, test bool) map[string]str chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationVersion, meta.Version) chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationURL, meta.Home) - if !test { - chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationCreated, helmtime.Now().UTC().Format(time.RFC3339)) + if len(creationTime) == 0 { + creationTime = helmtime.Now().UTC().Format(time.RFC3339) } + chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationCreated, creationTime) + if len(meta.Sources) > 0 { chartOCIAnnotations = addToMap(chartOCIAnnotations, ocispec.AnnotationSource, meta.Sources[0]) } diff --git a/pkg/registry/util_test.go b/pkg/registry/util_test.go index fdf09360b..908ea4950 100644 --- a/pkg/registry/util_test.go +++ b/pkg/registry/util_test.go @@ -29,6 +29,8 @@ import ( func TestGenerateOCIChartAnnotations(t *testing.T) { + nowString := helmtime.Now().Format(time.RFC3339) + tests := []struct { name string chart *chart.Metadata @@ -43,6 +45,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, }, }, { @@ -56,6 +59,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, "org.opencontainers.image.description": "OCI Helm Chart", "org.opencontainers.image.url": "https://helm.sh", }, @@ -76,6 +80,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, "org.opencontainers.image.description": "OCI Helm Chart", "org.opencontainers.image.url": "https://helm.sh", "org.opencontainers.image.authors": "John Snow", @@ -95,6 +100,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, "org.opencontainers.image.description": "OCI Helm Chart", "org.opencontainers.image.url": "https://helm.sh", "org.opencontainers.image.authors": "John Snow (john@winterfell.com)", @@ -115,6 +121,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, "org.opencontainers.image.description": "OCI Helm Chart", "org.opencontainers.image.url": "https://helm.sh", "org.opencontainers.image.authors": "John Snow (john@winterfell.com), Jane Snow", @@ -133,6 +140,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, "org.opencontainers.image.description": "OCI Helm Chart", "org.opencontainers.image.source": "https://github.com/helm/helm", }, @@ -141,7 +149,7 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { for _, tt := range tests { - result := generateChartOCIAnnotations(tt.chart, true) + result := generateChartOCIAnnotations(tt.chart, nowString) if !reflect.DeepEqual(tt.expect, result) { t.Errorf("%s: expected map %v, got %v", tt.name, tt.expect, result) @@ -152,6 +160,8 @@ func TestGenerateOCIChartAnnotations(t *testing.T) { func TestGenerateOCIAnnotations(t *testing.T) { + nowString := helmtime.Now().Format(time.RFC3339) + tests := []struct { name string chart *chart.Metadata @@ -166,6 +176,7 @@ func TestGenerateOCIAnnotations(t *testing.T) { map[string]string{ "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", + "org.opencontainers.image.created": nowString, }, }, { @@ -183,6 +194,7 @@ func TestGenerateOCIAnnotations(t *testing.T) { "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", "org.opencontainers.image.description": "OCI Helm Chart", + "org.opencontainers.image.created": nowString, "extrakey": "extravlue", "anotherkey": "anothervalue", }, @@ -203,6 +215,7 @@ func TestGenerateOCIAnnotations(t *testing.T) { "org.opencontainers.image.title": "oci", "org.opencontainers.image.version": "0.0.1", "org.opencontainers.image.description": "OCI Helm Chart", + "org.opencontainers.image.created": nowString, "extrakey": "extravlue", }, }, @@ -210,7 +223,7 @@ func TestGenerateOCIAnnotations(t *testing.T) { for _, tt := range tests { - result := generateOCIAnnotations(tt.chart, true) + result := generateOCIAnnotations(tt.chart, nowString) if !reflect.DeepEqual(tt.expect, result) { t.Errorf("%s: expected map %v, got %v", tt.name, tt.expect, result) @@ -220,12 +233,16 @@ func TestGenerateOCIAnnotations(t *testing.T) { } func TestGenerateOCICreatedAnnotations(t *testing.T) { + + nowTime := helmtime.Now() + nowTimeString := nowTime.Format(time.RFC3339) + chart := &chart.Metadata{ Name: "oci", Version: "0.0.1", } - result := generateOCIAnnotations(chart, false) + result := generateOCIAnnotations(chart, nowTimeString) // Check that created annotation exists if _, ok := result[ocispec.AnnotationCreated]; !ok { @@ -237,4 +254,22 @@ func TestGenerateOCICreatedAnnotations(t *testing.T) { t.Errorf("%s annotation with value '%s' not in RFC3339 format", ocispec.AnnotationCreated, result[ocispec.AnnotationCreated]) } + // Verify default creation time set + result = generateOCIAnnotations(chart, "") + + // Check that created annotation exists + if _, ok := result[ocispec.AnnotationCreated]; !ok { + t.Errorf("%s annotation not created", ocispec.AnnotationCreated) + } + + if createdTimeAnnotation, err := helmtime.Parse(time.RFC3339, result[ocispec.AnnotationCreated]); err != nil { + t.Errorf("%s annotation with value '%s' not in RFC3339 format", ocispec.AnnotationCreated, result[ocispec.AnnotationCreated]) + + // Verify creation annotation after time test began + if !nowTime.Before(createdTimeAnnotation) { + t.Errorf("%s annotation with value '%s' not configured properly. Annotation value is not after %s", ocispec.AnnotationCreated, result[ocispec.AnnotationCreated], nowTimeString) + } + + } + } diff --git a/pkg/registry/utils_test.go b/pkg/registry/utils_test.go index 74aa0dbc0..d7aba2bb7 100644 --- a/pkg/registry/utils_test.go +++ b/pkg/registry/utils_test.go @@ -216,9 +216,12 @@ func initCompromisedRegistryTestServer() string { } func testPush(suite *TestSuite) { + + testingChartCreationTime := "1977-09-02T22:04:05Z" + // Bad bytes ref := fmt.Sprintf("%s/testrepo/testchart:1.2.3", suite.DockerRegistryHost) - _, err := suite.RegistryClient.Push([]byte("hello"), ref, PushOptTest(true)) + _, err := suite.RegistryClient.Push([]byte("hello"), ref, PushOptCreationTime(testingChartCreationTime)) suite.NotNil(err, "error pushing non-chart bytes") // Load a test chart @@ -229,20 +232,20 @@ func testPush(suite *TestSuite) { // non-strict ref (chart name) ref = fmt.Sprintf("%s/testrepo/boop:%s", suite.DockerRegistryHost, meta.Version) - _, err = suite.RegistryClient.Push(chartData, ref, PushOptTest(true)) + _, err = suite.RegistryClient.Push(chartData, ref, PushOptCreationTime(testingChartCreationTime)) suite.NotNil(err, "error pushing non-strict ref (bad basename)") // non-strict ref (chart name), with strict mode disabled - _, err = suite.RegistryClient.Push(chartData, ref, PushOptStrictMode(false), PushOptTest(true)) + _, err = suite.RegistryClient.Push(chartData, ref, PushOptStrictMode(false), PushOptCreationTime(testingChartCreationTime)) suite.Nil(err, "no error pushing non-strict ref (bad basename), with strict mode disabled") // non-strict ref (chart version) ref = fmt.Sprintf("%s/testrepo/%s:latest", suite.DockerRegistryHost, meta.Name) - _, err = suite.RegistryClient.Push(chartData, ref, PushOptTest(true)) + _, err = suite.RegistryClient.Push(chartData, ref, PushOptCreationTime(testingChartCreationTime)) suite.NotNil(err, "error pushing non-strict ref (bad tag)") // non-strict ref (chart version), with strict mode disabled - _, err = suite.RegistryClient.Push(chartData, ref, PushOptStrictMode(false), PushOptTest(true)) + _, err = suite.RegistryClient.Push(chartData, ref, PushOptStrictMode(false), PushOptCreationTime(testingChartCreationTime)) suite.Nil(err, "no error pushing non-strict ref (bad tag), with strict mode disabled") // basic push, good ref @@ -251,7 +254,7 @@ func testPush(suite *TestSuite) { meta, err = extractChartMeta(chartData) suite.Nil(err, "no error extracting chart meta") ref = fmt.Sprintf("%s/testrepo/%s:%s", suite.DockerRegistryHost, meta.Name, meta.Version) - _, err = suite.RegistryClient.Push(chartData, ref, PushOptTest(true)) + _, err = suite.RegistryClient.Push(chartData, ref, PushOptCreationTime(testingChartCreationTime)) suite.Nil(err, "no error pushing good ref") _, err = suite.RegistryClient.Pull(ref) @@ -269,7 +272,7 @@ func testPush(suite *TestSuite) { // push with prov ref = fmt.Sprintf("%s/testrepo/%s:%s", suite.DockerRegistryHost, meta.Name, meta.Version) - result, err := suite.RegistryClient.Push(chartData, ref, PushOptProvData(provData), PushOptTest(true)) + result, err := suite.RegistryClient.Push(chartData, ref, PushOptProvData(provData), PushOptCreationTime(testingChartCreationTime)) suite.Nil(err, "no error pushing good ref with prov") _, err = suite.RegistryClient.Pull(ref) @@ -281,12 +284,12 @@ func testPush(suite *TestSuite) { suite.Equal(ref, result.Ref) suite.Equal(meta.Name, result.Chart.Meta.Name) suite.Equal(meta.Version, result.Chart.Meta.Version) - suite.Equal(int64(684), result.Manifest.Size) + suite.Equal(int64(742), result.Manifest.Size) suite.Equal(int64(99), result.Config.Size) suite.Equal(int64(973), result.Chart.Size) suite.Equal(int64(695), result.Prov.Size) suite.Equal( - "sha256:b57e8ffd938c43253f30afedb3c209136288e6b3af3b33473e95ea3b805888e6", + "sha256:fbbade96da6050f68f94f122881e3b80051a18f13ab5f4081868dd494538f5c2", result.Manifest.Digest) suite.Equal( "sha256:8d17cb6bf6ccd8c29aace9a658495cbd5e2e87fc267876e86117c7db681c9580", @@ -354,12 +357,12 @@ func testPull(suite *TestSuite) { suite.Equal(ref, result.Ref) suite.Equal(meta.Name, result.Chart.Meta.Name) suite.Equal(meta.Version, result.Chart.Meta.Version) - suite.Equal(int64(684), result.Manifest.Size) + suite.Equal(int64(742), result.Manifest.Size) suite.Equal(int64(99), result.Config.Size) suite.Equal(int64(973), result.Chart.Size) suite.Equal(int64(695), result.Prov.Size) suite.Equal( - "sha256:b57e8ffd938c43253f30afedb3c209136288e6b3af3b33473e95ea3b805888e6", + "sha256:fbbade96da6050f68f94f122881e3b80051a18f13ab5f4081868dd494538f5c2", result.Manifest.Digest) suite.Equal( "sha256:8d17cb6bf6ccd8c29aace9a658495cbd5e2e87fc267876e86117c7db681c9580", @@ -370,7 +373,7 @@ func testPull(suite *TestSuite) { suite.Equal( "sha256:b0a02b7412f78ae93324d48df8fcc316d8482e5ad7827b5b238657a29a22f256", result.Prov.Digest) - suite.Equal("{\"schemaVersion\":2,\"config\":{\"mediaType\":\"application/vnd.cncf.helm.config.v1+json\",\"digest\":\"sha256:8d17cb6bf6ccd8c29aace9a658495cbd5e2e87fc267876e86117c7db681c9580\",\"size\":99},\"layers\":[{\"mediaType\":\"application/vnd.cncf.helm.chart.provenance.v1.prov\",\"digest\":\"sha256:b0a02b7412f78ae93324d48df8fcc316d8482e5ad7827b5b238657a29a22f256\",\"size\":695},{\"mediaType\":\"application/vnd.cncf.helm.chart.content.v1.tar+gzip\",\"digest\":\"sha256:e5ef611620fb97704d8751c16bab17fedb68883bfb0edc76f78a70e9173f9b55\",\"size\":973}],\"annotations\":{\"org.opencontainers.image.description\":\"A Helm chart for Kubernetes\",\"org.opencontainers.image.title\":\"signtest\",\"org.opencontainers.image.version\":\"0.1.0\"}}", + suite.Equal("{\"schemaVersion\":2,\"config\":{\"mediaType\":\"application/vnd.cncf.helm.config.v1+json\",\"digest\":\"sha256:8d17cb6bf6ccd8c29aace9a658495cbd5e2e87fc267876e86117c7db681c9580\",\"size\":99},\"layers\":[{\"mediaType\":\"application/vnd.cncf.helm.chart.provenance.v1.prov\",\"digest\":\"sha256:b0a02b7412f78ae93324d48df8fcc316d8482e5ad7827b5b238657a29a22f256\",\"size\":695},{\"mediaType\":\"application/vnd.cncf.helm.chart.content.v1.tar+gzip\",\"digest\":\"sha256:e5ef611620fb97704d8751c16bab17fedb68883bfb0edc76f78a70e9173f9b55\",\"size\":973}],\"annotations\":{\"org.opencontainers.image.created\":\"1977-09-02T22:04:05Z\",\"org.opencontainers.image.description\":\"A Helm chart for Kubernetes\",\"org.opencontainers.image.title\":\"signtest\",\"org.opencontainers.image.version\":\"0.1.0\"}}", string(result.Manifest.Data)) suite.Equal("{\"name\":\"signtest\",\"version\":\"0.1.0\",\"description\":\"A Helm chart for Kubernetes\",\"apiVersion\":\"v1\"}", string(result.Config.Data)) diff --git a/pkg/releaseutil/kind_sorter.go b/pkg/releaseutil/kind_sorter.go index b5d75b88b..bb8e84dda 100644 --- a/pkg/releaseutil/kind_sorter.go +++ b/pkg/releaseutil/kind_sorter.go @@ -132,7 +132,7 @@ func sortHooksByKind(hooks []*release.Hook, ordering KindSortOrder) []*release.H return h } -func lessByKind(a interface{}, b interface{}, kindA string, kindB string, o KindSortOrder) bool { +func lessByKind(_ interface{}, _ interface{}, kindA string, kindB string, o KindSortOrder) bool { ordering := make(map[string]int, len(o)) for v, k := range o { ordering[k] = v diff --git a/pkg/repo/chartrepo.go b/pkg/repo/chartrepo.go index d9022ee6e..970e96da2 100644 --- a/pkg/repo/chartrepo.go +++ b/pkg/repo/chartrepo.go @@ -96,7 +96,7 @@ func (r *ChartRepository) Load() error { // FIXME: Why are we recursively walking directories? // FIXME: Why are we not reading the repositories.yaml to figure out // what repos to use? - filepath.Walk(r.Config.Name, func(path string, f os.FileInfo, err error) error { + filepath.Walk(r.Config.Name, func(path string, f os.FileInfo, _ error) error { if !f.IsDir() { if strings.Contains(f.Name(), "-index.yaml") { i, err := LoadIndexFile(path) diff --git a/pkg/repo/chartrepo_test.go b/pkg/repo/chartrepo_test.go index 4d4395c2d..4e72731ea 100644 --- a/pkg/repo/chartrepo_test.go +++ b/pkg/repo/chartrepo_test.go @@ -115,7 +115,7 @@ type CustomGetter struct { repoUrls []string } -func (g *CustomGetter) Get(href string, options ...getter.Option) (*bytes.Buffer, error) { +func (g *CustomGetter) Get(href string, _ ...getter.Option) (*bytes.Buffer, error) { index := &IndexFile{ APIVersion: "v1", Generated: time.Now(), @@ -132,7 +132,7 @@ func TestIndexCustomSchemeDownload(t *testing.T) { repoName := "gcs-repo" repoURL := "gs://some-gcs-bucket" myCustomGetter := &CustomGetter{} - customGetterConstructor := func(options ...getter.Option) (getter.Getter, error) { + customGetterConstructor := func(_ ...getter.Option) (getter.Getter, error) { return myCustomGetter, nil } providers := getter.Providers{{ @@ -267,7 +267,7 @@ func startLocalServerForTests(handler http.Handler) (*httptest.Server, error) { if err != nil { return nil, err } - handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + handler = http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Write(fileBytes) }) } @@ -282,7 +282,7 @@ func startLocalTLSServerForTests(handler http.Handler) (*httptest.Server, error) if err != nil { return nil, err } - handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + handler = http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Write(fileBytes) }) } diff --git a/pkg/repo/index.go b/pkg/repo/index.go index 8a23ba060..40b11c5cf 100644 --- a/pkg/repo/index.go +++ b/pkg/repo/index.go @@ -359,10 +359,14 @@ func loadIndex(data []byte, source string) (*IndexFile, error) { log.Printf("skipping loading invalid entry for chart %q from %s: empty entry", name, source) continue } + // When metadata section missing, initialize with no data + if cvs[idx].Metadata == nil { + cvs[idx].Metadata = &chart.Metadata{} + } if cvs[idx].APIVersion == "" { cvs[idx].APIVersion = chart.APIVersionV1 } - if err := cvs[idx].Validate(); err != nil { + if err := cvs[idx].Validate(); ignoreSkippableChartValidationError(err) != nil { log.Printf("skipping loading invalid entry for chart %q %q from %s: %s", name, cvs[idx].Version, source, err) cvs = append(cvs[:idx], cvs[idx+1:]...) } @@ -388,3 +392,23 @@ func jsonOrYamlUnmarshal(b []byte, i interface{}) error { } return yaml.UnmarshalStrict(b, i) } + +// ignoreSkippableChartValidationError inspect the given error and returns nil if +// the error isn't important for index loading +// +// In particular, charts may introduce validations that don't impact repository indexes +// And repository indexes may be generated by older/non-complient software, which doesn't +// conform to all validations. +func ignoreSkippableChartValidationError(err error) error { + verr, ok := err.(chart.ValidationError) + if !ok { + return err + } + + // https://github.com/helm/helm/issues/12748 (JFrog repository strips alias field) + if strings.HasPrefix(verr.Error(), "validation: more than one dependency with name or alias") { + return nil + } + + return err +} diff --git a/pkg/repo/index_test.go b/pkg/repo/index_test.go index efb50ba6a..91486670b 100644 --- a/pkg/repo/index_test.go +++ b/pkg/repo/index_test.go @@ -20,6 +20,7 @@ import ( "bufio" "bytes" "encoding/json" + "fmt" "net/http" "os" "path/filepath" @@ -69,6 +70,10 @@ entries: name: grafana foo: - + bar: + - digest: "sha256:1234567890abcdef" + urls: + - https://charts.helm.sh/stable/alpine-1.0.0.tgz ` ) @@ -445,7 +450,7 @@ func verifyLocalIndex(t *testing.T, i *IndexFile) { } func verifyLocalChartsFile(t *testing.T, chartsContent []byte, indexContent *IndexFile) { - var expected, real []string + var expected, reald []string for chart := range indexContent.Entries { expected = append(expected, chart) } @@ -453,12 +458,12 @@ func verifyLocalChartsFile(t *testing.T, chartsContent []byte, indexContent *Ind scanner := bufio.NewScanner(bytes.NewReader(chartsContent)) for scanner.Scan() { - real = append(real, scanner.Text()) + reald = append(reald, scanner.Text()) } - sort.Strings(real) + sort.Strings(reald) - if strings.Join(expected, " ") != strings.Join(real, " ") { - t.Errorf("Cached charts file content unexpected. Expected:\n%s\ngot:\n%s", expected, real) + if strings.Join(expected, " ") != strings.Join(reald, " ") { + t.Errorf("Cached charts file content unexpected. Expected:\n%s\ngot:\n%s", expected, reald) } } @@ -592,3 +597,50 @@ func TestAddFileIndexEntriesNil(t *testing.T) { } } } + +func TestIgnoreSkippableChartValidationError(t *testing.T) { + type TestCase struct { + Input error + ErrorSkipped bool + } + testCases := map[string]TestCase{ + "nil": { + Input: nil, + }, + "generic_error": { + Input: fmt.Errorf("foo"), + }, + "non_skipped_validation_error": { + Input: chart.ValidationError("chart.metadata.type must be application or library"), + }, + "skipped_validation_error": { + Input: chart.ValidationErrorf("more than one dependency with name or alias %q", "foo"), + ErrorSkipped: true, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := ignoreSkippableChartValidationError(tc.Input) + + if tc.Input == nil { + if result != nil { + t.Error("expected nil result for nil input") + } + return + } + + if tc.ErrorSkipped { + if result != nil { + t.Error("expected nil result for skipped error") + } + return + } + + if tc.Input != result { + t.Error("expected the result equal to input") + } + + }) + } +} diff --git a/pkg/repo/repotest/server.go b/pkg/repo/repotest/server.go index d9a5201aa..4a86707cf 100644 --- a/pkg/repo/repotest/server.go +++ b/pkg/repo/repotest/server.go @@ -61,7 +61,7 @@ func NewTempServerWithCleanupAndBasicAuth(t *testing.T, glob string) *Server { if err != nil { t.Fatal(err) } - srv.WithMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + srv.WithMiddleware(http.HandlerFunc(func(_ http.ResponseWriter, r *http.Request) { username, password, ok := r.BasicAuth() if !ok || username != "username" || password != "password" { t.Errorf("Expected request to use basic auth and for username == 'username' and password == 'password', got '%v', '%s', '%s'", ok, username, password) diff --git a/pkg/storage/driver/mock_test.go b/pkg/storage/driver/mock_test.go index 7a1541a02..9174a8c71 100644 --- a/pkg/storage/driver/mock_test.go +++ b/pkg/storage/driver/mock_test.go @@ -253,7 +253,7 @@ func (mock *MockSecretsInterface) Delete(_ context.Context, name string, _ metav } // newTestFixtureSQL mocks the SQL database (for testing purposes) -func newTestFixtureSQL(t *testing.T, releases ...*rspb.Release) (*SQL, sqlmock.Sqlmock) { +func newTestFixtureSQL(t *testing.T, _ ...*rspb.Release) (*SQL, sqlmock.Sqlmock) { sqlDB, mock, err := sqlmock.New() if err != nil { t.Fatalf("error when opening stub database connection: %v", err) @@ -262,7 +262,7 @@ func newTestFixtureSQL(t *testing.T, releases ...*rspb.Release) (*SQL, sqlmock.S sqlxDB := sqlx.NewDb(sqlDB, "sqlmock") return &SQL{ db: sqlxDB, - Log: func(a string, b ...interface{}) {}, + Log: func(_ string, _ ...interface{}) {}, namespace: "default", statementBuilder: sq.StatementBuilder.PlaceholderFormat(sq.Dollar), }, mock diff --git a/pkg/storage/driver/sql.go b/pkg/storage/driver/sql.go index a1c2209a3..2ef951184 100644 --- a/pkg/storage/driver/sql.go +++ b/pkg/storage/driver/sql.go @@ -98,9 +98,9 @@ func (s *SQL) Name() string { // Check if all migrations al func (s *SQL) checkAlreadyApplied(migrations []*migrate.Migration) bool { // make map (set) of ids for fast search - migrationsIds := make(map[string]struct{}) + migrationsIDs := make(map[string]struct{}) for _, migration := range migrations { - migrationsIds[migration.Id] = struct{}{} + migrationsIDs[migration.Id] = struct{}{} } // get list of applied migrations @@ -113,15 +113,15 @@ func (s *SQL) checkAlreadyApplied(migrations []*migrate.Migration) bool { } for _, record := range records { - if _, ok := migrationsIds[record.Id]; ok { + if _, ok := migrationsIDs[record.Id]; ok { s.Log("checkAlreadyApplied: found previous migration (Id: %v) applied at %v", record.Id, record.AppliedAt) - delete(migrationsIds, record.Id) + delete(migrationsIDs, record.Id) } } // check if all migrations appliyed - if len(migrationsIds) != 0 { - for id := range migrationsIds { + if len(migrationsIDs) != 0 { + for id := range migrationsIDs { s.Log("checkAlreadyApplied: find unapplied migration (id: %v)", id) } return false @@ -662,7 +662,7 @@ func (s *SQL) Delete(key string) (*rspb.Release, error) { } // Get release custom labels from database -func (s *SQL) getReleaseCustomLabels(key string, namespace string) (map[string]string, error) { +func (s *SQL) getReleaseCustomLabels(key string, _ string) (map[string]string, error) { query, args, err := s.statementBuilder. Select(sqlCustomLabelsTableKeyColumn, sqlCustomLabelsTableValueColumn). From(sqlCustomLabelsTableName). diff --git a/pkg/storage/driver/sql_test.go b/pkg/storage/driver/sql_test.go index 0dfa85e38..37dcc8503 100644 --- a/pkg/storage/driver/sql_test.go +++ b/pkg/storage/driver/sql_test.go @@ -546,31 +546,31 @@ func mockGetReleaseCustomLabels(mock sqlmock.Sqlmock, key string, namespace stri func TestSqlChechkAppliedMigrations(t *testing.T) { cases := []struct { migrationsToApply []*migrate.Migration - appliedMigrationsIds []string + appliedMigrationsIDs []string expectedResult bool errorExplanation string }{ { migrationsToApply: []*migrate.Migration{{Id: "init1"}, {Id: "init2"}, {Id: "init3"}}, - appliedMigrationsIds: []string{"1", "2", "init1", "3", "init2", "4", "5"}, + appliedMigrationsIDs: []string{"1", "2", "init1", "3", "init2", "4", "5"}, expectedResult: false, errorExplanation: "Has found one migration id \"init3\" as applied, that was not applied", }, { migrationsToApply: []*migrate.Migration{{Id: "init1"}, {Id: "init2"}, {Id: "init3"}}, - appliedMigrationsIds: []string{"1", "2", "init1", "3", "init2", "4", "init3", "5"}, + appliedMigrationsIDs: []string{"1", "2", "init1", "3", "init2", "4", "init3", "5"}, expectedResult: true, errorExplanation: "Has not found one or more migration ids, that was applied", }, { migrationsToApply: []*migrate.Migration{{Id: "init"}}, - appliedMigrationsIds: []string{"1", "2", "3", "inits", "4", "tinit", "5"}, + appliedMigrationsIDs: []string{"1", "2", "3", "inits", "4", "tinit", "5"}, expectedResult: false, errorExplanation: "Has found single \"init\", that was not applied", }, { migrationsToApply: []*migrate.Migration{{Id: "init"}}, - appliedMigrationsIds: []string{"1", "2", "init", "3", "init2", "4", "init3", "5"}, + appliedMigrationsIDs: []string{"1", "2", "init", "3", "init2", "4", "init3", "5"}, expectedResult: true, errorExplanation: "Has not found single migration id \"init\", that was applied", }, @@ -578,7 +578,7 @@ func TestSqlChechkAppliedMigrations(t *testing.T) { for i, c := range cases { sqlDriver, mock := newTestFixtureSQL(t) rows := sqlmock.NewRows([]string{"id", "applied_at"}) - for _, id := range c.appliedMigrationsIds { + for _, id := range c.appliedMigrationsIDs { rows.AddRow(id, time.Time{}) } mock. diff --git a/pkg/storage/storage_test.go b/pkg/storage/storage_test.go index 058b077e8..d50e3fbfe 100644 --- a/pkg/storage/storage_test.go +++ b/pkg/storage/storage_test.go @@ -293,7 +293,7 @@ func (d *MaxHistoryMockDriver) Create(key string, rls *rspb.Release) error { func (d *MaxHistoryMockDriver) Update(key string, rls *rspb.Release) error { return d.Driver.Update(key, rls) } -func (d *MaxHistoryMockDriver) Delete(key string) (*rspb.Release, error) { +func (d *MaxHistoryMockDriver) Delete(_ string) (*rspb.Release, error) { return nil, errMaxHistoryMockDriverSomethingHappened } func (d *MaxHistoryMockDriver) Get(key string) (*rspb.Release, error) { diff --git a/pkg/time/ctime/ctime.go b/pkg/time/ctime/ctime.go new file mode 100644 index 000000000..f2998d76d --- /dev/null +++ b/pkg/time/ctime/ctime.go @@ -0,0 +1,25 @@ +/* +Copyright The Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package ctime + +import ( + "os" + "time" +) + +func Created(fi os.FileInfo) time.Time { + return created(fi) +} diff --git a/pkg/time/ctime/ctime_linux.go b/pkg/time/ctime/ctime_linux.go new file mode 100644 index 000000000..c3cea1d78 --- /dev/null +++ b/pkg/time/ctime/ctime_linux.go @@ -0,0 +1,30 @@ +//go:build linux + +/* +Copyright The Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package ctime + +import ( + "os" + "syscall" + "time" +) + +func created(fi os.FileInfo) time.Time { + st := fi.Sys().(*syscall.Stat_t) + //nolint + return time.Unix(int64(st.Ctim.Sec), int64(st.Ctim.Nsec)) +} diff --git a/pkg/time/ctime/ctime_other.go b/pkg/time/ctime/ctime_other.go new file mode 100644 index 000000000..f21ed7347 --- /dev/null +++ b/pkg/time/ctime/ctime_other.go @@ -0,0 +1,27 @@ +//go:build !linux + +/* +Copyright The Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package ctime + +import ( + "os" + "time" +) + +func created(fi os.FileInfo) time.Time { + return fi.ModTime() +} diff --git a/scripts/get b/scripts/get index 594fd92c3..a65540e02 100755 --- a/scripts/get +++ b/scripts/get @@ -60,7 +60,7 @@ runAsRoot() { # verifySupported checks that the os/arch combination is supported for # binary builds. verifySupported() { - local supported="darwin-amd64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nwindows-amd64" + local supported="darwin-amd64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nlinux-riscv64\nwindows-amd64" if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then echo "No prebuilt binary for ${OS}-${ARCH}." echo "To build from source, go to https://github.com/helm/helm" diff --git a/scripts/get-helm-3 b/scripts/get-helm-3 index 983dfd2bf..31678a177 100755 --- a/scripts/get-helm-3 +++ b/scripts/get-helm-3 @@ -68,7 +68,7 @@ runAsRoot() { # verifySupported checks that the os/arch combination is supported for # binary builds, as well whether or not necessary tools are present. verifySupported() { - local supported="darwin-amd64\ndarwin-arm64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nwindows-amd64" + local supported="darwin-amd64\ndarwin-arm64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nlinux-riscv64\nwindows-amd64" if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then echo "No prebuilt binary for ${OS}-${ARCH}." echo "To build from source, go to https://github.com/helm/helm" diff --git a/scripts/release-notes.sh b/scripts/release-notes.sh index d0dcca8ca..08c4a8b14 100755 --- a/scripts/release-notes.sh +++ b/scripts/release-notes.sh @@ -89,6 +89,7 @@ Download Helm ${RELEASE}. The common platform binaries are here: - [Linux i386](https://get.helm.sh/helm-${RELEASE}-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-${RELEASE}-linux-386.tar.gz.sha256sum) / $(cat _dist/helm-${RELEASE}-linux-386.tar.gz.sha256)) - [Linux ppc64le](https://get.helm.sh/helm-${RELEASE}-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-${RELEASE}-linux-ppc64le.tar.gz.sha256sum) / $(cat _dist/helm-${RELEASE}-linux-ppc64le.tar.gz.sha256)) - [Linux s390x](https://get.helm.sh/helm-${RELEASE}-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-${RELEASE}-linux-s390x.tar.gz.sha256sum) / $(cat _dist/helm-${RELEASE}-linux-s390x.tar.gz.sha256)) +- [Linux riscv64](https://get.helm.sh/helm-${RELEASE}-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-${RELEASE}-linux-riscv64.tar.gz.sha256sum) / $(cat _dist/helm-${RELEASE}-linux-riscv64.tar.gz.sha256)) - [Windows amd64](https://get.helm.sh/helm-${RELEASE}-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-${RELEASE}-windows-amd64.zip.sha256sum) / $(cat _dist/helm-${RELEASE}-windows-amd64.zip.sha256)) The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with \`bash\`.