This change is about handling the interfaces to public functions for
different chart apiVersions. The internals are still focused on v2.
This enables v3 to be layered in layer.
Signed-off-by: Matt Farina <matt.farina@suse.com>
When --skip-schema-validation is enabled, the lint command will now skip
JSON schema validation for values.yaml files, allowing charts with schema
validation errors to pass linting when the flag is used.
This addresses the gap where --skip-schema-validation only applied to
templates but not to values files, providing complete schema validation
bypass when needed.
Fixes: #13413
Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
- v3.18.5 switched jsonschema and began resolving external $ref
at compile-time, exposing missing urn handling
(“no URLLoader registered for urn:…”).
- Add urn scheme loader and pluggable URNResolver. If unresolved, log
a warning and return a permissive true schema (back-compat).
- Apply to pkg/chart/v2 and internal/chart/v3 validators. Not sure about
that
Note: external URNs need AddResource/Resolver (the CLI uses --map for
this). Warning may appear twice since both validators run.
Another strategy could be to add the option to import more "external
schema" explicitly but it is another PR. Something similar to `--map`
from jsonschema package
(santhosh-tekuri/jsonschema@ed65924).
Close: #31170
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
Linting is specific to the chart versions. A v2 and v3 chart will
lint differently.
To accomplish this, packages like engine need to be able to handle
different chart versions. This was accomplished by some changes:
1. The introduction of a Charter interface for charts
2. The ChartAccessor which is able to accept a chart and then
provide access to its data via an interface. There is an
interface, factory, and implementation for each version of
chart.
3. Common packages were moved to a common and util packages.
Due to some package loops, there are 2 packages which may
get some consolidation in the future.
The new interfaces provide the foundation to move the actions
and cmd packages to be able to handle multiple apiVersions of
charts.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Closes: https://github.com/helm/helm/pull/30907
To be able to upgrade to v6.0.2 for jsonschema lib we need to upgrade
this test.
I am wondering if it's related to this commit:
86cca28795
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
This reverts #13533
This change has caused issues with numerous charts around things
unrelated to toml. This is because of functions like typeIs/typeOf
being used and acted upon.
The change caused a significant regression.
Note: This kind of change can be put into v3 charts, that are in
active development, without causing a regression.
Closes#30880
Signed-off-by: Matt Farina <matt@mattfarina.com>
imported values are stored in dependency objects, which breaks if a chart dependency is shared among multiple aliases.
By copying the dependency objects in the metadata values can be imported correctly.
Supersedes #10174
Signed-off-by: Daniel Strobusch <1847260+dastrobu@users.noreply.github.com>
Dependencies keep a reference on their parent chart, which breaks if a chart reference is shared among multiple aliases.
By copying the dependencies, parent information can be set correctly to render the templates as expected later on.
Note that this change will make ChartFullPath return a different path for sub-subcharts. It will contain the alias names instead of the path to the chart files which makes it consistent with paths to templates on the subchart level.
Closes#9150
Signed-off-by: Daniel Strobusch <1847260+dastrobu@users.noreply.github.com>
When "helm lint" is run, it now errors on invalid chartfiles,
e.g. those with duplicate keys
Closes#12381
Signed-off-by: Edward Miller <edmiller287@gmail.com>
A new library was introduced that provides JSON Schema checking for
newer versions of the schema. In Helm v4, there is no need to have
two packages doing the JSON schema validation. The message output
can have breaking changes.
This change moves everything to the newer library. It also uses a
wrapper error to enable a clean Helm only interface for the
public Go API validation functions. This would enable the replacement
of the Schema validation library, if needed, without breaking the
Go API contract.
Signed-off-by: Matt Farina <matt.farina@suse.com>
This change moves the code, updates the import locations, and
adds a doc.go file to document what the v2 package is for.
This is part of HIP 20 for v3 charts
Signed-off-by: Matt Farina <matt.farina@suse.com>
chartutil was originally created to operate on protobufs which are
no longer part of Helm. The util package makes more sense to be
part of the chart package.
This change is part of the HIP 20 to create v3 charts and
explicitly call out v2 charts. The changes for this are in smaller
bite size changes.
Signed-off-by: Matt Farina <matt.farina@suse.com>
This commit fixes the issue where the yaml.Unmarshaller converts all int values into float64, this passes in option to decoder,
which enables conversion of int into .
Signed-off-by: Althaf M <althafm@outlook.com>
Since Helm is going through breaking changes with Helm v4, the version path to
Helm needs to be updated.
Signed-off-by: Matt Farina <matt.farina@suse.com>
In the event some malformed folders/files make its way into the
`charts/` directory meant for subcharts, it is possible one may see an
error message like the below:
```
Error: error unpacking foo in app: Chart.yaml file is missing
```
This error is not very descriptive, as it doesn't reference where on
disk `Chart.yaml` is missing. In the event this happens, this error is
being updated to include that `Chart.yaml` is missing for the `foo`
subchart.
Without this updated error messaging, one would need to look into Helm's
codebase to troubleshoot what exactly is wrong.
Signed-off-by: Taylor Jasko <taylor@taylorjasko.com>
The output of helm get metadata includes a subset of the fields contained in
the chart.Metadata struct. This change adds the values of the annotations field
and the dependencies field to the output.
Signed-off-by: Niladri Halder <niladri.halder26@gmail.com>
Report charts with the following bad dependency specifications as bad charts:
dependencies:
- name: foo
alias: baz # ← baz used twice
version: 1.0.0
- name: bar
alias: baz # ← baz used twice
version: 1.0.0
dependencies:
- name: foo
alias: bar # ← shadows chart below
version: 1.0.0
- name: bar
version: 1.0.0
dependencies:
- name: foo
version: 1.0.0
- name: foo # ← chart with same name as above (although version or repo will be different, this will not work currently)
version: 1.2.3
Closes#9169
Signed-off-by: Daniel Strobusch <1847260+dastrobu@users.noreply.github.com>
At this time both Go 1.19 and 1.20 are supported. The version
specified in the go.mod file is the minimum version we expect Helm
to be compiled against. This is the oldest supported version to
support environments where others compile Helm. The Helm project
is using Go 1.20 to build Helm itself.
Updating to Go 1.19 also includes dealing with io/ioutil
deprecation and some additional linting issues around staticcheck.
All the staticcheck issues were in test files so linting was
skipped for those.
Signed-off-by: Matt Farina <matt.farina@suse.com>
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
ref: https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx
* Skip invalid chart versions when reading the repository index file or
when programmatically adding a chart version.
* Adds semver validation and strips non-printable characters and
normalizes spaces for string fields in Metadata.Validate()
* Fixes a unit test that was pulling a remote repo. Now uses a local
repo.
* Fixes ignored error in repo update command
Signed-off-by: Adam Reese <adam@reese.io>
LoadFiles needs to load the Chart.yaml file first. When later files
are loaded there are checks for metadata. If that is not loaded
the checks could be handled incorrectly.
Signed-off-by: Matt Farina <matt@mattfarina.com>
Terry Howe
George Jenkins
Matt Farina
Benoit Tigeot
Kamil Swiechowski
Robert Sirchia
Isaiah Lewis
joemicky
Joe Julian
Borys Hulii
yumeiyin
curlwget
acceptacross
Matt Farina
Matthieu MOREL
yetyear
findnature
Justen Stall
Daniel Strobusch
Ryan Hockstad
Edward Miller
Kurnia D Win
Henrik Gerdes
lubingtan
Althaf M
Taylor Jasko
Niladri Halder
Adam Korczynski
Nathan Baulch
Aaron U'Ren
Ismail Alidzhikov
MR ZHAO
wujunwei
Eng Zer Jun
Adam Reese
Zhengyi Lai