ref: https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx
* Skip invalid chart versions when reading the repository index file or
when programmatically adding a chart version.
* Adds semver validation and strips non-printable characters and
normalizes spaces for string fields in Metadata.Validate()
* Fixes a unit test that was pulling a remote repo. Now uses a local
repo.
* Fixes ignored error in repo update command
Signed-off-by: Adam Reese <adam@reese.io>
Because backOffLimit can be 0, a zero value for pod status failed will
always cause the condition to return true.
Signed-off-by: James McElwain <jmcelwain@gmail.com>
What this PR does / why we need it:
fix for issue #9253. The link taken from the projects GitHub page has been used for consistency across the documentation.
Signed-off-by: Jack Whitter-Jones <jackwhitterjones@gmail.com>
This commit updates the default section in values.yaml for the example
ingress definition to correspond with the template.
Signed-off-by: Nick Jones <nick@dischord.org>
The recent addition of oci:// to specify dependencies in the
Chart.yaml dependencies and with helm pull missed handling for the
dependency build command. This command was failing to handle OCI.
This change adds support for the dep build command following the
same pattern used to add oci:// functionality.
Signed-off-by: Matt Farina <matt@mattfarina.com>
This is a follow-up to #8608. k8s.io/apiserver was added but
not added to the go.mod file. Go handled the situation cleanly
but left a dirty git tree.
Signed-off-by: Matt Farina <matt@mattfarina.com>
* Reduce linting severity for users of out-of-date kubernetes
Fixes#8596
Signed-off-by: Joe Julian <me@joejulian.name>
* add more verbose deprecation info
Signed-off-by: Joe Julian <me@joejulian.name>
* use new upstream deprecations
Signed-off-by: Joe Julian <me@joejulian.name>
* do not error for custom resources
Signed-off-by: Joe Julian <me@joejulian.name>
* Define deprecation version in lint rules by LDFLAG
Signed-off-by: Joe Julian <me@joejulian.name>
* make comment clearer
Signed-off-by: Joe Julian <me@joejulian.name>
* Extend the k8s version discovery and constants to chartutil
Signed-off-by: Joe Julian <me@joejulian.name>
* remove awk dependency
Signed-off-by: Joe Julian <me@joejulian.name>
* align k8s version constant names between capabilities.go and deprecations.go
Signed-off-by: Joe Julian <me@joejulian.name>
* show the error if the unexpected happens
Signed-off-by: Joe Julian <me@joejulian.name>
* bump k8sVersionMinor and golden chart templates for k8s 1.20
Signed-off-by: Joe Julian <me@joejulian.name>
* bump for tests to match 1.20.1
Signed-off-by: Joe Julian <me@joejulian.name>
While the comments may seem to state the obvious to someone with helm CLI
experience, an SDK-first user may find these comments helpful.
Signed-off-by: Daniel Lipovetsky <dlipovetsky@d2iq.com>
Previously, storage.Create was ignoring the error. This meant that a user that
relied on the recent release version cleanup would not be notified if that
cleanup failed, and release versions could grow without bound.
Closes#9145
Signed-off-by: Daniel Lipovetsky <dlipovetsky@d2iq.com>
Matthew Fisher
dependabot[bot]
Matt Farina
Adam Reese
Adam Reese
James McElwain
Jack Whitter-Jones
Krish
Ma Xinjian
Josh Dolitsky
Shoubhik Bose
wawa0210
Nick Jones
Guangwen Feng
Joe Julian
Daniel Lipovetsky
Peter Engelbert
Martin Hickey