* fix(helm): fix golint warning due to ApiVersionV1 constant name
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to ResolveChartVersionAndGetRepo comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warnings on HttpGetter type and SetCredentials method missing a comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm):fix golint warning due to comment on FindChartInAuthRepoURL function
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to RepoFile type name
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
* fix(helm): fix golint warning due to ParseString comment
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
Existing helm.sh/hook-delete-policy annotation variables (hook-failed, hook-succeeded) do not allow to leave failed jobs for debugging without blocking the next job launching: every failed job must be deleted manually before the next related release is launching (installing, updating or rolling back).
New policy, before-hook-creation, removes the hook from previous release if there is one before the new hook is launched and can be used with another variable.
When Helm v2.8.2 was released, we made a change to the default connection timeout by supplying a value passed from pkg/helm/environment. This broke support for third party clients relying on pkg/helm because now the default connection timeout is zero. Adding a default 5 second timeout back retains old behaviour, while not breaking backwards compatibility because the connection timeout can still be configured.
When using `helm upgrade --install`, if the first release fails, Helm will respond with an error saying that it cannot upgrade from an unknown state.
With this feature, `helm upgrade --install --force` automates the same process as `helm delete && helm install --replace`. It will mark the previous release as DELETED, delete any existing resources inside Kubernetes, then replace it as if it was a fresh install. It will then mark the FAILED release as SUPERSEDED.
* add test for rolling back from a FAILED deployment
* Update naming of release variables
Use same naming as the rest of the file.
* Update rollback test
- Add logging
- Verify other release names not changed
* fix(tiller): Supersede multiple deployments
There are cases when multiple revisions of a release has been
marked with DEPLOYED status. This makes sure any previous deployment
will be set to SUPERSEDED when doing rollbacks.
Closes#2941#3513#3275
Between grpc 1.2.x and 1.7.x there was an API change. The
previous MaxMsgSize is now a wrapper around MaxRecvMsgSize. This
change now sets the MaxRecvMsgSize and MaxSendMsgSize which need
to be set independently.
CRDs and other objects seen as unstructured cannot use strategic
merge patching. It has never been supported on CRDs. Previously,
cases like unstructured objects could have caused an unregistered
error. This is no longer the case.
This change explicitly looks for unstructured objects and handles
those using json merge patching.
Closes#3382
Prior to this, using the semver template functions with the full
version, which is represented in the GitVersion, was not possible
for helm template and lint commands because the property was not
populated by default. This update adds default handling.
Closes#3349
* Add template for chart name
* Use named ports and simplify service configuration
* Add affinity
* Add tolerations
* Use 'with' statements where possible
* Enhance ingress
* Add fullnameOverride to fullname template
When a user enters a non-URL (such as stable)
in requirements.yaml and tries to `helm dep up`,
they get a potentially confusing error message.
This tries to make the error message clearer.
Closes#2672
This error occures when resource is not found in helm release:
`Error: UPGRADE FAILED: no resource with the name "redis-cluster-sentinel" found`
Changed to:
`Error: UPGRADE FAILED: no ConfigMap with the name "redis-cluster-sentinel" found`
So now that resource can easily be found in cluster.
change to helm client to no longer save request options in the client
options. This resulted in options from a previous call still being
present in future calls.
Closes#3253
* Add "--namespace" to helm lint
Keep lint syntax as close as possible to "helm install" resp. "helm
upgrade", so that one only needs to change the command.
See #2036
* Align lintCmd struct
* Add "--set" and "--values" to helm lint
Keep lint syntax as close as possible to "helm install" resp. "helm
upgrade", so that one only needs to change the command.
Closes #2495,#2036
* Reuse strict parameter, when rendering during lint
We want to see the rendering fail, if we missed a value, so we reuse
"--strict".
See #2495,#2036
* Fix lint unit test
See #2495,#2036
* Update docs
New users to helm don't always run `helm init` (e.g. if their cluster
already has helm installed). The user's initial interaction with any of
helm's repository commands (e.g. `helm repo list`) will then be an error
message due to a missing repositories.yaml in their local config.
Give the user a little hint about how to fix the error without them having
to hunt through the man/help pages.
k8s client-go closes the ready channel that's passed in (see https://github.com/kubernetes/client-go/blob/master/tools/portforward/portforward.go#L171) This means that Tunnel's Close will always panic, as the client-go library will have closed then channel. This isn't reproducible unless helm.Client is externally, as the helm cli runner doesn't actually invoke Close.
Adding a user-agent to the http getter will enable servers to
distinguish between helm (including various versions) and other
tools connecting to the server.
* fix(helm): add TLS params back
During a recent refactor, several TLS flags stopped being processed for
a few of the commands. This fixes those commands, and documents how to
set up TLS.
* fix(tiller): add stricter certificate verification
The older version of Tiller allowed a weaker set of certificate checks
than we intended. This version requires a client certificate, and then
requires that that certificate be signed by a known CA. This works
around the situation where a user could provide a self-signed
certificate.
Fixes#2437
Two bugs were causing this behavior
- Tiller was marking the previous release superseded when an upgrade
failed.
- Upgrade was diffing against failed releases
Each maintainer can have an optional URL. There are seceral use
cases for providing a URL instead of an email address:
- The case where a maintainer wants to hide their email address
behind a webform for personal security
- When the maintainer is an organization and feedback should
go to an issue queue
This change:
- Adds the proto field for url
- Updates the generated files for the chart proto
- Includes linting for the url
- Updates the docs to include the url
Closes#3056
* Closes#2937
Added required dependency to run make test in developer's guide
* Fixed base URL appending when chart address is not absolute
* Removed requirement from developers.md
* Fixed unnecessary line breaks
* Added tests for query string repo
* Returning URL along with error
Kind can change it's APIVersion with time, such as "Deployment" which was
"extensions/v1beta1" and then migrated to "apps/v1beta1" in Kube 1.6.
Name, Kind and optinally Namespace are used to find relevant Info
object for a original resource which is being upgraded, it safe enough,
as it is uniquely identifies an object.