Linting is specific to the chart versions. A v2 and v3 chart will
lint differently.
To accomplish this, packages like engine need to be able to handle
different chart versions. This was accomplished by some changes:
1. The introduction of a Charter interface for charts
2. The ChartAccessor which is able to accept a chart and then
provide access to its data via an interface. There is an
interface, factory, and implementation for each version of
chart.
3. Common packages were moved to a common and util packages.
Due to some package loops, there are 2 packages which may
get some consolidation in the future.
The new interfaces provide the foundation to move the actions
and cmd packages to be able to handle multiple apiVersions of
charts.
Signed-off-by: Matt Farina <matt.farina@suse.com>
A new library was introduced that provides JSON Schema checking for
newer versions of the schema. In Helm v4, there is no need to have
two packages doing the JSON schema validation. The message output
can have breaking changes.
This change moves everything to the newer library. It also uses a
wrapper error to enable a clean Helm only interface for the
public Go API validation functions. This would enable the replacement
of the Schema validation library, if needed, without breaking the
Go API contract.
Signed-off-by: Matt Farina <matt.farina@suse.com>
This change moves the code, updates the import locations, and
adds a doc.go file to document what the v2 package is for.
This is part of HIP 20 for v3 charts
Signed-off-by: Matt Farina <matt.farina@suse.com>
chartutil was originally created to operate on protobufs which are
no longer part of Helm. The util package makes more sense to be
part of the chart package.
This change is part of the HIP 20 to create v3 charts and
explicitly call out v2 charts. The changes for this are in smaller
bite size changes.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Since Helm is going through breaking changes with Helm v4, the version path to
Helm needs to be updated.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Test to check deprecation warnings on resource templates that are
created by `helm create` against the latest Kubernetes version. This
test is run in a separate Makefile command to avoid failing other unit
tests configured to run with a specific Kubernetes version(s).
For resources that are disabled by default (like hpa and ingress),
to avoid skipping them from the helm linter test, they are enabled in
the test.
Fixes#11495
Signed-off-by: Bhargav Ravuri <bhargav.ravuri@infracloud.io>
```
In some OS, obtaining the processor type from `uname - p` may fail.
For Golang programs, we should use `go env GOARCH` to obtain the architecture
=====================
$ go env GOARCH
amd64
$ uname -m
x86_64
$ uname -p
unknown
```
Signed-off-by: weidongkl <weidong@uniontech.com>
Noteis:
1. This moves golangci scanning to a GitHub action. This will
enable inline pointers to issues in the PR where linting fails.
2. Go 1.21 is specified in the go.mod because Kubernetes libs
require it.
3. The lint issues were removed. Some were fixed while others
were handled by skipping linting or using _ as an argument.
Many of these can be refactored later for better cleanup.
Signed-off-by: Matt Farina <matt.farina@suse.com>
On Mac OS they have some custom dns c library that uses some
configuration files other than resolv.conf to configure dns lookups. The
standard go library does not handle these custom configuration files
which causes dns lookups to fail for some mac users.
This allows the downstream pacakgers to override CGO_ENABLED to build
binaries that use the custom dns library.
Signed-off-by: Joe Julian <me@joejulian.name>
vcs had a release due to a CVE. This updates to the latest version
that mitigates the CVE.
Note, the Makefile was updated so that `make build` would build
without cgo just like gox does in the CI pipeline. They should
both build without cgo so we can catch issues before merging to
master where a canary build would pick up the problem.
Signed-off-by: Matt Farina <matt@mattfarina.com>
CircleCI has been failing on 'make test-style' because of a timeout.
This commit increases the timeout.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
* Reduce linting severity for users of out-of-date kubernetes
Fixes#8596
Signed-off-by: Joe Julian <me@joejulian.name>
* add more verbose deprecation info
Signed-off-by: Joe Julian <me@joejulian.name>
* use new upstream deprecations
Signed-off-by: Joe Julian <me@joejulian.name>
* do not error for custom resources
Signed-off-by: Joe Julian <me@joejulian.name>
* Define deprecation version in lint rules by LDFLAG
Signed-off-by: Joe Julian <me@joejulian.name>
* make comment clearer
Signed-off-by: Joe Julian <me@joejulian.name>
* Extend the k8s version discovery and constants to chartutil
Signed-off-by: Joe Julian <me@joejulian.name>
* remove awk dependency
Signed-off-by: Joe Julian <me@joejulian.name>
* align k8s version constant names between capabilities.go and deprecations.go
Signed-off-by: Joe Julian <me@joejulian.name>
* show the error if the unexpected happens
Signed-off-by: Joe Julian <me@joejulian.name>
* bump k8sVersionMinor and golden chart templates for k8s 1.20
Signed-off-by: Joe Julian <me@joejulian.name>
* bump for tests to match 1.20.1
Signed-off-by: Joe Julian <me@joejulian.name>
Previously, when there is no *.{gz,zip} files under _dist, the wildcard
will be expanded to 2 strings '_dist/*.gz' and '_dist/*.zip'(see below).
helm$ ls _dist
helm$ make checksum
for f in _dist/*.{gz,zip} ; do \
shasum -a 256 "${f}" | sed 's/_dist\///' > "${f}.sha256sum" ; \
shasum -a 256 "${f}" | awk '{print $1}' > "${f}.sha256" ; \
done
shasum: _dist/*.gz:
shasum: _dist/*.gz:
shasum: _dist/*.zip:
shasum: _dist/*.zip:
helm$ ls _dist
'*.gz.sha256' '*.gz.sha256sum' '*.zip.sha256' '*.zip.sha256sum'
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
When distributions build software it's desirable to have the ability to
define own linker flags, or Go flags. As `-ldflags` defined in `go
build` overrides `-ldflags` defined in the env variable `GOFLAGS`, there
is a distinct need to be able to replace the default values with new
ones or append to them.
Fixes#8645
Signed-off-by: Morten Linderud <morten@linderud.pw>
Fetching these files is part of the release process. When the new
file type was added this step was missed. It will cause the sign
make target to fail.
Signed-off-by: Matt Farina <matt@mattfarina.com>
When #7277 was merged is was intended to create shasums accessible
in a way shasum -c or sha256sum could use to verify the files the
Helm project ships. The solution created a new file named
shasums.txt. This setup contained a few problems:
1. The new file file was not uploaded to get.helm.sh for someone
to download and use.
2. The file had not version in the naming or path. This means that
each new release of Helm will overwrite it. Downloading and
validating an old file is impossible.
3. If one downloads a single file, the shasums.txt file, and uses
shasum -c it will return an exit code that is 1. This is because
of missing files as it is looking for all the files from the
release.
4. The shasums.txt file is not signed for verification like the
other files.
This change fixes these problems with the following changes:
* Instead of a shasums.txt file there is a .sha256sum file for
each package. For example, helm-3.1.0-linux-amd64.zip.sha256sum.
This file will can be used with `shasum -a 256 -c` to verify
the single file helm-3.1.0-linux-amd64.zip. The exit code of
checking a single file is 0 if the file passes.
* This new .sha256sum file is signed just like the .tar.gz, .zip,
and .sha256 files. The provenance can be verified.
* The file name starts with `helm-` meaning the existing upload
script in the deploy.sh file will move it to get.helm.sh.
Note, the existing .sha256 file can be deprecated and removed
in Helm v4 with the new .sha256sum file taking over. But,
for backwards compatibility with scripts it needs to be kept
during v3.
Closes#7567
Signed-off-by: Matt Farina <matt@mattfarina.com>
Matt Farina
Evans Mungai
Terry Howe
George Jenkins
Asmit De
Bhargav Ravuri
weidongkl
Antony Chazapis
Joe Julian
Matthew Fisher
Matt Farina
Adam Reese
Josh Soref
pallavJha
Joe Lanford
Marc Khouzam
Adam Reese
Li Zhijian
Matthew Fisher
Morten Linderud
Ma Xinjian
Chris Wells
Bridget Kromhout
Manuel Rüger
Paul Czarkowski
Thilak Somasundaram
Daniel Poelzleithner
Vivian Kong