Test to check deprecation warnings on resource templates that are
created by `helm create` against the latest Kubernetes version. This
test is run in a separate Makefile command to avoid failing other unit
tests configured to run with a specific Kubernetes version(s).
For resources that are disabled by default (like hpa and ingress),
to avoid skipping them from the helm linter test, they are enabled in
the test.
Fixes#11495
Signed-off-by: Bhargav Ravuri <bhargav.ravuri@infracloud.io>
```
In some OS, obtaining the processor type from `uname - p` may fail.
For Golang programs, we should use `go env GOARCH` to obtain the architecture
=====================
$ go env GOARCH
amd64
$ uname -m
x86_64
$ uname -p
unknown
```
Signed-off-by: weidongkl <weidong@uniontech.com>
Noteis:
1. This moves golangci scanning to a GitHub action. This will
enable inline pointers to issues in the PR where linting fails.
2. Go 1.21 is specified in the go.mod because Kubernetes libs
require it.
3. The lint issues were removed. Some were fixed while others
were handled by skipping linting or using _ as an argument.
Many of these can be refactored later for better cleanup.
Signed-off-by: Matt Farina <matt.farina@suse.com>
On Mac OS they have some custom dns c library that uses some
configuration files other than resolv.conf to configure dns lookups. The
standard go library does not handle these custom configuration files
which causes dns lookups to fail for some mac users.
This allows the downstream pacakgers to override CGO_ENABLED to build
binaries that use the custom dns library.
Signed-off-by: Joe Julian <me@joejulian.name>
vcs had a release due to a CVE. This updates to the latest version
that mitigates the CVE.
Note, the Makefile was updated so that `make build` would build
without cgo just like gox does in the CI pipeline. They should
both build without cgo so we can catch issues before merging to
master where a canary build would pick up the problem.
Signed-off-by: Matt Farina <matt@mattfarina.com>
CircleCI has been failing on 'make test-style' because of a timeout.
This commit increases the timeout.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
* Reduce linting severity for users of out-of-date kubernetes
Fixes#8596
Signed-off-by: Joe Julian <me@joejulian.name>
* add more verbose deprecation info
Signed-off-by: Joe Julian <me@joejulian.name>
* use new upstream deprecations
Signed-off-by: Joe Julian <me@joejulian.name>
* do not error for custom resources
Signed-off-by: Joe Julian <me@joejulian.name>
* Define deprecation version in lint rules by LDFLAG
Signed-off-by: Joe Julian <me@joejulian.name>
* make comment clearer
Signed-off-by: Joe Julian <me@joejulian.name>
* Extend the k8s version discovery and constants to chartutil
Signed-off-by: Joe Julian <me@joejulian.name>
* remove awk dependency
Signed-off-by: Joe Julian <me@joejulian.name>
* align k8s version constant names between capabilities.go and deprecations.go
Signed-off-by: Joe Julian <me@joejulian.name>
* show the error if the unexpected happens
Signed-off-by: Joe Julian <me@joejulian.name>
* bump k8sVersionMinor and golden chart templates for k8s 1.20
Signed-off-by: Joe Julian <me@joejulian.name>
* bump for tests to match 1.20.1
Signed-off-by: Joe Julian <me@joejulian.name>
Previously, when there is no *.{gz,zip} files under _dist, the wildcard
will be expanded to 2 strings '_dist/*.gz' and '_dist/*.zip'(see below).
helm$ ls _dist
helm$ make checksum
for f in _dist/*.{gz,zip} ; do \
shasum -a 256 "${f}" | sed 's/_dist\///' > "${f}.sha256sum" ; \
shasum -a 256 "${f}" | awk '{print $1}' > "${f}.sha256" ; \
done
shasum: _dist/*.gz:
shasum: _dist/*.gz:
shasum: _dist/*.zip:
shasum: _dist/*.zip:
helm$ ls _dist
'*.gz.sha256' '*.gz.sha256sum' '*.zip.sha256' '*.zip.sha256sum'
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
When distributions build software it's desirable to have the ability to
define own linker flags, or Go flags. As `-ldflags` defined in `go
build` overrides `-ldflags` defined in the env variable `GOFLAGS`, there
is a distinct need to be able to replace the default values with new
ones or append to them.
Fixes#8645
Signed-off-by: Morten Linderud <morten@linderud.pw>
Fetching these files is part of the release process. When the new
file type was added this step was missed. It will cause the sign
make target to fail.
Signed-off-by: Matt Farina <matt@mattfarina.com>
When #7277 was merged is was intended to create shasums accessible
in a way shasum -c or sha256sum could use to verify the files the
Helm project ships. The solution created a new file named
shasums.txt. This setup contained a few problems:
1. The new file file was not uploaded to get.helm.sh for someone
to download and use.
2. The file had not version in the naming or path. This means that
each new release of Helm will overwrite it. Downloading and
validating an old file is impossible.
3. If one downloads a single file, the shasums.txt file, and uses
shasum -c it will return an exit code that is 1. This is because
of missing files as it is looking for all the files from the
release.
4. The shasums.txt file is not signed for verification like the
other files.
This change fixes these problems with the following changes:
* Instead of a shasums.txt file there is a .sha256sum file for
each package. For example, helm-3.1.0-linux-amd64.zip.sha256sum.
This file will can be used with `shasum -a 256 -c` to verify
the single file helm-3.1.0-linux-amd64.zip. The exit code of
checking a single file is 0 if the file passes.
* This new .sha256sum file is signed just like the .tar.gz, .zip,
and .sha256 files. The provenance can be verified.
* The file name starts with `helm-` meaning the existing upload
script in the deploy.sh file will move it to get.helm.sh.
Note, the existing .sha256 file can be deprecated and removed
in Helm v4 with the new .sha256sum file taking over. But,
for backwards compatibility with scripts it needs to be kept
during v3.
Closes#7567
Signed-off-by: Matt Farina <matt@mattfarina.com>
With Helm using go modules, its git repo need not reside under
$GOPATH/src/helm.sh anymore. In fact it may be desirable for a user to
move it to another location (e.g., to get the debugger to work).
In the same train of thought, the acceptance-testing repo, which is not
even a go program, need not be in the GOPATH.
This commit reduces the requirement on the location of the
acceptance-testing repo to a relative path to the helm repo, instead
of an absolute path within GOPATH.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Commands shasum -a 256 -c (or) sha256sum -c can read the SHA sum and validate the TAR/ZIP archive
Example:
Download helm-v3.0.2-darwin-amd64.tar.gz.sha256 and helm-v3.0.2-darwin-amd64.tar.gz and running below will resule in
shasum -a 256 -c helm-v3.0.2-darwin-amd64.tar.gz.sha256
helm-v3.0.2-darwin-amd64.tar.gz: OK
Closes#4968
Signed-off-by: Thilak Somasundaram <t2same@gmail.com>
These make targets are used as part of the release process. They
had yet to be brought over to the v3 branch from the v2 branch
as they were developed after the branching happened.
Signed-off-by: Matt Farina <matt@mattfarina.com>
George Jenkins
Matt Farina
Asmit De
Bhargav Ravuri
weidongkl
Antony Chazapis
Joe Julian
Matthew Fisher
Matt Farina
Adam Reese
Josh Soref
pallavJha
Joe Lanford
Marc Khouzam
Adam Reese
Li Zhijian
Matthew Fisher
Morten Linderud
Ma Xinjian
Chris Wells
Bridget Kromhout
Manuel Rüger
Paul Czarkowski
Thilak Somasundaram
Daniel Poelzleithner
Vivian Kong
Dean Coakley