Add a new flags and associated environment variables to override
the TLS Settings used when constructing the Kube Client.
- `--kube-insecure-skip-tls-verify | HELM_KUBEINSECURE_SKIP_TLS_VERIFY`: if true, the kube api server's certificate will not be checked for validity. This will make your HTTPS connections insecure
- `--kube-tls-server-name | HELM_KUBETLS_SERVER_NAME`: server name to use for kube api server certificate validation. If it is not provided, the hostname used to contact the server is used
Signed-off-by: Justen Walker <justen.walker+github@gmail.com>
* feat: add configuration for client-side throttling limit
Client-side throttling seems to be an issue in larger environments such as OpenShift clusters, where
it is common to have several hundreds CRDs out-of-the-box.
From this view point, it is fair that clients should be able to fine tune this accordingly should the
environment they work on evolves, which is currently not possible, and quite frustrating.
This change introduces the --default-burst-limit option to helm (and its counterpart
HELM_DEFAULT_BURST_LIMIT environment variable) to address that issue, allowing clients to properly
tune their client usage as their environment evolves.
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
* chore: change DefaultBurstLimit to BurstLimit
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
* chore: add HELM_BURST_LIMIT to golden file
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
* chore: add burst limit tests
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
* docs: add burst limit default value to documentation
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
* refactor: change burst limit default value to 100 per review instructions
Signed-off-by: Igor Sutton <isuttonl@redhat.com>
go:build is the new conditional compilation directive used to specify build constraints. It was introduced in Go 1.17. It is meant to replace the old +build directives.
Now that go.mod points to Go 1.17 we no longer need to support both
build flags.
Signed-off-by: Matthew Fisher <matt.fisher@fermyon.com>
When used with helm install, helm template, helm upgrade, it enables
to set json values (scalars/objects/arrays) from the command line.
Closes#10428
Signed-off-by: Luca Di Rocco <lucadirocco@gmail.com>
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Quiet flag reduce the verbosity, such that the only text
that is written to the console is lint warnings/errors
Closes#9994
Signed-off-by: Piotr Resztak <piotr.resztak@gmail.com>
golint which is used as one of the sublinters in golangci-lint is deprecated.
It is replaced with revive which is a drop-in replacement.
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
Co-authored-by: Martin Mulholland <mmulholl@redhat.com>
When range support for OCI went in via #10527 it created a situation
where some lookups for a chart could cause a panic. This change
makes sure the registry client is available to lookup OCI charts
Signed-off-by: Matt Farina <matt.farina@suse.com>
Currently, `helm repo list -o json` returns (either `[]` or an english
"no repositories" error message, depending on whether
`$HELM_CONFIG_HOME/repositories.yaml` exists). This PR aligns the two cases
so that it always returns `[]`.
Signed-off-by: Teo Klestrup Röijezon <teo@nullable.se>
We had made the assumption that when doing shell completion, we only
needed choices that had for *prefix* what the user had typed.
However, the zsh and fish shells have a more advanced matching system
which first matches on prefix, but if no match is found, then does
more advanced matching attempts, such as sub-strings; fish even matches
on descriptions of completions.
For example,
helm status nginx<tab>
would match releases such as
ingress-nginx
ingress-nginx-release
as long as no release had a prefix of "nginx".
Such fuzzy matching can make completion even more useful for users in
cases where identical prefixes are common.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
`runTestCmd` is identical to `runTestActionCmd` except that it
* runs the command multiple times if the `repeat` property is greater
than zero,
* calls its storage `storage` instead of `store`,
* fails if the `Create` method returns an error, and
* logs a "running cmd" message.
This is most easily demonstrated by copying the functions to their own
files and diffing the files with this command:
git diff --no-index --ignore-space-change --color-words=. runTestActionCmd.go runTestCmd.go
Also, `runTestCmd` is used 32 times; `runTestActionCmd` only 1.
Signed-off-by: Simon Alling <alling.simon@gmail.com>
Option that works is `sql`, not `postgres`.
Probably not a commonly used value, since no one has caught this until now.
Signed-off-by: Ed Carrel <edward@carrel.org>
If set, 'uninstall' command will wait until all the resources are deleted before returning.
It will wait for as long as --timeout
closes#2378
Signed-off-by: Mike Ng <ming@redhat.com>
This subcommand will display manifests under `crds/` if some exist.
This also changes the behaviour of `show all` to include CRDs.
Signed-off-by: Mario Valderrama <woldy401@gmail.com>
Fix typos
Remove condition arround time.Sleep
Because a negative or zero duration causes Sleep to return immediately.
Signed-off-by: Stephane Moser <moser.sts@gmail.com>
Cobra's bash completion V2 has the following benefits:
- aligned with the completion logic for the other shells
- provides completion descriptions as for the other shells
- uses a 300-line shell script (versus 4K lines for V1)
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Cobra provides powershell auto-completion out of the box. This commit
teaches helm how to use it.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
**What*
Without this commit, you can't pipe the password into `helm repo add`:
```
$ echo password | helm repo add repo-name https://repo-url --username username
Password:
Error: inappropriate ioctl for device
```
This commit introduces `--password-stdin`:
```
$ echo password | helm repo add repo-name https://repo-url --username username --password-stdin
"repo-name" has been added to your repositories
```
**Why**
There are two reasons I see for adding this:
* I personally would expect that it's possible to pipe the password into
`helm repo add` but that's currently not the case. If I understand it
correctly, you currently either need to pass the password via a cli
parameter (`--password`) or use a expect/send mechanism.
* Subcommands like `helm registry login` already support
`--password-stdin`. The cli interfaces should be consistent regarding
which options they support.
**Notes**
I basically just copy-pasted code from `cmd/helm/registry_login.go`.
Signed-off-by: André Schröder <andre.schroedr@gmail.com>
Testing that a bad completion directive was being replaced by the
default one was actually testing Cobra's behaviour. This is unnecessary
especially since that behaviour changed in the 1.2.0 release. Helm
tests should focus on testing Helm's behaviour.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
This is a port to helm v3 of #5182.
A little more flexible than the v2 version, it allows to specify a list
of repositories that should be updated.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
managedFields were a changed that landed in 1.18. This is an array
under metadata with managedFields. The kubernetes client pkgs that
Helm uses automatically add them.
This change added a manager for the managedFields. The flow for
deciding on the name to use is:
1. An explicit name if one is chosen
2. The base name of the first os.Arg (the binary name) if no name
explicitly set.
3. unknown if no name set and name cannot be detected
The name is at the package level as there is no other place to easily
set it for Helm v3. Since the name is for the binary or app it should
be ok to set app wide.
Signed-off-by: Matt Farina <matt.farina@suse.com>
For more information, please see the following URL:
https://github.com/helm/community/blob/main/hips/hip-0006.md
Note: OCI support remains experimental, and you are still
required to set HELM_EXPERIMENTAL_OCI=1 in your environment.
Signed-off-by: Josh Dolitsky <josh@dolit.ski>
Current documentation list all available template vars, but does not provide an example of a template string that demonstrates template substitution. I had to look it up in the unit test.
Signed-off-by: Iaroslav Sheptykin <i.sheptykin@neusta.de>
The 'uninstall' command can accept more than one release name as
arguments; this commit teaches the completion logic to respect this.
At the same time, the commit adds tests for the commands using the
modified code path.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
The example given in the help out of the list command seems random, not a valid time format for golang.
Signed-off-by: Mert Inan <inanme@gmail.com>
Signed-off-by: mert <mert.inan@sky.uk>
Ref: HIP 0008
When completing output formats, extra information will be shown
for shells that support completions (fish, zsh). For example:
$ helm status -o <TAB>
json -- Output result in JSON format
table -- Output result in human-readable format
yaml -- Output result in YAML format
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Ref: HIP 0008
When completing a version, extra information will be shown for
shells that support completions (fish, zsh). For example:
$ helm upgrade nginx stable/grafana --version <TAB>
0.8.4 -- Created: March 30, 2018
0.8.5 -- App: 5.0.4, Created: April 10, 2018
1.0.0 -- App: 5.0.4, Created: April 11, 2018 (deprecated)
1.10.0 -- App: 5.1.2, Created: June 1, 2018
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Ref: HIP 0008
When completing a revision, extra information will be shown for
shells that support completions (fish, zsh). For example:
$ helm get manifest nginx --revision <TAB>
1 -- App: 1.19.1, Chart: nginx-6.0.2
2 -- App: v0.34.1, Chart: nginx-ingress-1.41.2
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Ref: HIP 0008
When completing a kube-context, extra information will be shown for
shells that support completions (fish, zsh). For example:
$ helm --kube-context <TAB>
acc -- accept
default -- k3d-k3s-default
lab -- lab
lab2 -- cluster.local
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Ref: HIP 0008
When completing a plugin name, extra information will be shown for
shells that support completions (fish, zsh). For example:
$ helm plugin uninstall <TAB>
2to3 -- migrate and cleanup Helm v2 configuration and releases in-place to Helm v3
diff -- Preview helm upgrade changes as a diff
fullstatus -- provide status of resources part of the release
github -- Install or upgrade Helm charts from GitHub repos
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
Ref: HIP 0008
When completing a release name, extra information will be shown for
shells that support completions (fish, zsh). For example, if I have
two releases: "nginx" and "nginx2", completion would yield:
$ helm history n<TAB>
nginx -- nginx-6.0.2 -> deployed
nginx2 -- nginx-ingress-1.41.2 -> deployed
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
The 'plugin update' and 'plugin uninstall' commands can accept more than
one plugin name as arguments; this commit teaches the completion logic
to respect this.
Also, the commit adds go test for completion of the plugin commands.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
The "helm completion zsh" and "helm completion fish" commands accept the
"--no-descriptions" flag, therefore we should not disable the addition
of "[flags]" to the usage line when printing help.
Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
ref: https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx
* Skip invalid chart versions when reading the repository index file or
when programmatically adding a chart version.
* Adds semver validation and strips non-printable characters and
normalizes spaces for string fields in Metadata.Validate()
* Fixes a unit test that was pulling a remote repo. Now uses a local
repo.
* Fixes ignored error in repo update command
Signed-off-by: Adam Reese <adam@reese.io>