msb-public/helm - helm - 马士兵教育代码仓库

Commit Graph

Author	SHA1	Message	Date
Benoit Tigeot	5595c0d005	Prevent failing helm push on ghcr.io using standard GET auth token flow Fix GHCR auth by not forcing OAuth2 POST but also reset ForceAttemptOAuth2 after login. - Remove ForceAttemptOAuth2 in NewClient and only enable during Login ping and always restore to false. - Aligns with OCI Distribution auth (token via GET), avoiding GHCR 405 on POST /token. - Some tests Failures logs: ```sh ~/p/lifen/test/helm-f/quicktest ❯ ../../../helm/bin/helm push quicktest-0.1.0.tgz oci://ghcr.io/benoittgt/helm-charts --debug level=DEBUG msg=HEAD id=0 url=https://ghcr.io/v2/benoittgt/helm-charts/quicktest/manifests/sha256:af359fd8fb968ec1097afbd6e8e1dac9ee130861082e54dc2340d0c019407873 header=" \"Accept\": \"application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, application/vnd.oci.artifact.manifest.v1+json\"\n \"User-Agent\": \"Helm/4.0+unreleased\"" level=DEBUG msg=Resp id=0 status="401 Unauthorized" header=" \"Www-Authenticate\": \"Bearer realm=\\\"https://ghcr.io/token\\\",service=\\\"ghcr.io\\\",scope=\\\"repository:benoittgt/helm-charts/quicktest:pull\\\"\"\n \"Date\": \"Mon, 01 Sep 2025 13:56:35 GMT\"\n \"Content-Length\": \"73\"\n \"X-Github-Request-Id\": \"DC73:115F:2B40F2C:2BAB567:68B5A613\"\n \"Content-Type\": \"application/json\"" body=" Response body is empty" level=DEBUG msg=POST id=1 url=https://ghcr.io/token header=" \"Content-Type\": \"application/x-www-form-urlencoded\"\n \"User-Agent\": \"Helm/4.0+unreleased\"" level=DEBUG msg=Resp id=1 status="405 Method Not Allowed" header=" \"Docker-Distribution-Api-Version\": \"registry/2.0\"\n \"Strict-Transport-Security\": \"max-age=63072000; includeSubDomains; preload\"\n \"Date\": \"Mon, 01 Sep 2025 13:56:35 GMT\"\n \"Content-Length\": \"78\"\n \"X-Github-Request-Id\": \"DC73:115F:2B40F75:2BAB5C2:68B5A613\"\n \"Content-Type\": \"application/json\"" body="{\"errors\":[{\"code\":\"UNSUPPORTED\",\"message\":\"The operation is unsupported.\"}]}\n" Error: failed to perform "Exists" on destination: HEAD "https://ghcr.io/v2/benoittgt/helm-charts/quicktest/manifests/sha256:af359fd8fb968ec1097afbd6e8e1dac9ee130861082e54dc2340d0c019407873": POST "https://ghcr.io/token": response status code 405: unsupported: The operation is unsupported. ``` Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>	2 weeks ago
Matthieu MOREL	56a2bb4188	chore: enable usetesting linter Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	4 months ago
Benoit Tigeot	f939f6145f	Prevent fetching newReference again as we have in calling method Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>	4 months ago
Benoit Tigeot	875e149d6b	Prevent failure when resolving version tags in oras memory store - The newReference() function transforms version tags by replacing + with _ for OCI compatibility - But the code was using the original ref (with +) for TagBytes() - Then it tries to find the tagged reference using parsedRef.String() (with _) - This mismatch causes the Resolve method to fail with "not found" - By using parsedRef.String() consistently in both places, the references will match and the lookup will succeed. I extracted the TagBytes function to improve testability. Push() includes several external calls that are hard to mock, so isolating this logic makes testing more manageable. Close: #30881 Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>	4 months ago
Tom Wieczorek	835ff78f48	Remove ClientOptResolver from OCI Client This option was kept to avoid compile-time incompatibilities in Helm v3 when upgrading to ORAS v2. Let's remove it for Helm v4. This allows Helm to drop the containerd dependency entirely. Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>	6 months ago
Terry Howe	5a7046b9bf	chore(oci): upgrade to ORAS v2 Signed-off-by: Terry Howe <terrylhowe@gmail.com> Co-authored-by: Zoran Regvart <zoran@regvart.com>	8 months ago
Sanskar Jaiswal	6defb96dac	oci: add tests for plain HTTP and insecure HTTPS registries Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>	2 years ago
Andrew Block	08593c8dd6	Added support for insecure OCI registries Signed-off-by: Andrew Block <andy.block@gmail.com>	3 years ago
Soule BA	b0ecb21056	Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com>	3 years ago
Soule BA	42a04c76a4	make token caching an opt in feature If implemented, users have to opt in to cache a token. Signed-off-by: Soule BA <bah.soule@gmail.com>	3 years ago
David Peraza	9f869c6b21	Removing all the checks for oci experimental flag Signed-off-by: David Peraza <dperaza@redhat.com>	4 years ago
Thomas Runyon	91a46ad14f	move paths for updated directory location Signed-off-by: Thomas Runyon <runyontr@gmail.com>	4 years ago
Thomas Runyon	353d74e967	refactor internal/experimental/registry to pkg/registry Signed-off-by: Thomas Runyon <runyontr@gmail.com>	4 years ago
Matthew Fisher	fe952445bd	feat(cmd): put OCI commands behind a feature gate This adds a new `gates` package used for interacting with feature gates. It also marks the OCI registry work as experimental, signalling to users that it is not a stable feature of Helm. Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>	6 years ago
Marc Khouzam	81321532e6	Fix linter issuers Signed-off-by: Marc Khouzam <marc.khouzam@ville.montreal.qc.ca>	6 years ago
Josh Dolitsky	240dd53e78	Helm 3: set custom manifest config media type on chart push (#5719 ) * set custom manifest config media type Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use v1 for manifest schema Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * remove unneeded debug flag Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * update to new config media type Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com>	6 years ago
Josh Dolitsky	5f1128b5f7	pass debug option to registry client Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com>	6 years ago
Josh Dolitsky	a12a396aab	Helm 3: registry login/logout (#5597 ) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com>	6 years ago
Adam Reese	e458a67f0c	ref(pkg/chart): add validation method to chart Consolidate validation of Chart.yaml. Signed-off-by: Adam Reese <adam@reese.io>	7 years ago
Adam Reese	895e9192d4	feat(*): use vanity import helm.sh/helm Signed-off-by: Adam Reese <adam@reese.io>	7 years ago
Adam Reese	f791421fab	feat(Makefile): add formatting target Signed-off-by: Adam Reese <adam@reese.io>	7 years ago
Josh Dolitsky	a32f8ebb37	Helm 3: initial registry support (#5243 ) * initial registry support Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix dependency mess Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add extra chart command output Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * sanitize registry path (windows fix) Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * store all sha256 blobs in same dir Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * switch to use chartutil.SaveDir Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * populate chart command long descriptions Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * remove test cache dir in teardown Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add long description of chart export Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * clean up table rows code Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com>	7 years ago

22 Commits (main)