`Update()` gets repo names before resolving a lock file by calling
`resolveRepoNames(req)`. But that method changes aliased repo URLs into
the actual URLs. That makes digests from `helm update` and `helm build`
be different for each other.
To make them in sync, setting actual (resolved) repo URLs into the
loaded chart during `helm build` is necessary. Thus, this commit adds an
extra step in the `Build()` implementation.
For comments, this commit also changes the name of `getRepoNames()` into
`resolveRepoNames()` to avoid misunderstanding since getters are
expected to not mutate their input data in general.
Signed-off-by: Hang Park <hangpark@kaist.ac.kr>
To make digests include information about Chart.yaml dependencies, not
only the lock file, digest calculation is changed to accept both
contents. This terminates the `dep build` command if Chart.yaml
dependencies have been updated so that `dep up` should be executed
properly, to prevent downloading wrong versions or mismatched subcharts.
Note that previous Helm cannot know whether Chart.yaml dependencies were changed
or not since the Chart.lock's digest is calculated by only Chart.lock
contents, which don't include information about SemVer ranges and extra
dependency fields such as aliases, conditions, and tags. Specially,
SemVer can be written as a version range in Chart.yaml, but Chart.lock
has the specific, resolved version of that range.
Signed-off-by: Hang Park <hangpark@kaist.ac.kr>
This code was ported over from PR #5038, #6738 which were originally for helm
v2. The code contains functions from golang/dep/internal/fs for renaming files.
Signed-off-by: Yagnesh Mistry <ysh@live.in>
This commit includes failing tests for a bug reported by #6416 and
several bugs due to #5874. `helm dependency build` command fails if one
of subcharts has optional dependency fields (e.g. Alias / Condition /
Tags) or SemVer ranges.
Signed-off-by: Hang Park <hangpark@kaist.ac.kr>
* Kubernetes updated to 1.16.1
* SemVer and Sprig updated to latest releases that leverage go
modules
* Tests and checks updated. These already landed in v2 via PR 6457
Signed-off-by: Matt Farina <matt@mattfarina.com>
* allow repository config via cli
* make `helm repo add` create repo config file if it does not exist
* squash a ton of bugs
Signed-off-by: Adam Reese <adam@reese.io>
These packages are generally used only for logic inside of Helm and
can later be re-exported as needed
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
The stable repository provides a quick onboarding with a set of
community curated charts. Two problems with the community stable
repository has lead to its need to be removed.
1. The URL is hard coded to a Google Cloud bucket under Google's
control. This was setup when Helm was part of Kubernetes and
Kubernetes was a Google project. The bucket cannot be
transfered to another non-Google controlled project. And,
the bucket is not accessible in some parts of the world
(e.g., China).
2. The number of charts in the stable repository has grown
generally unmaintainable. The repository maintainers cannot
manage the number of PRs coming it cauing delays in response
or no response and PRs are automatically closed. This is
a poor experience.
The alternatice is the Helm Hub that provides a central point of
search for many Helm repositories. Different people and organizations
can maintain their own charts. A central server is not needed as
Helm is setup to be distributed.
Signed-off-by: Matt Farina <matt@mattfarina.com>
This restores the ability to pass in parameters at runtime to the
ChartDownloader, enabling users to pass in parameters like the --username
and --password flags.
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
This commit replaces usage of github.com/ghodss/yaml with it's forked
version maintained by SIG community. The replaced library has
low-to-none support activity unlike the latter. We believe the new
Helm branch could benefit from using the community-supported version on
a long-term run as yaml parser is a key component of Helm chart rendering
engine.
This commit locks sigs.k8s.io/yaml dependency version on 1.1.0 which
is backwards compatible with ghodss/yaml 1.0.0.
This change also resolves the outdated dependency version lock for
ghodss/yaml (currently 1.0.0) and makes it possible to port changes from
https://github.com/helm/helm/pull/6010 to dev-v3.
Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com>
instead of hard-coding the parameters being passed in the constructor, we should pass in an Options struct that can be used to pass in those parameters.
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
* Remove helmVersion constraint from charts
* Guard compile time set variables behind `internal/`
* Allow configuration of UserAgent for HTTPGetter
Signed-off-by: Adam Reese <adam@reese.io>
* fix(helm): fix golint warning due to ApiVersionV1 constant name
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to ResolveChartVersionAndGetRepo comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warnings on HttpGetter type and SetCredentials method missing a comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm):fix golint warning due to comment on FindChartInAuthRepoURL function
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to RepoFile type name
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to ParseString comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
When a user enters a non-URL (such as stable)
in requirements.yaml and tries to `helm dep up`,
they get a potentially confusing error message.
This tries to make the error message clearer.
Closes#2672