When a user specifies value overrides for list values out of order,
strvals.listItem panics. Change strvals.listItem to handle this case by
re-initializing nil values to a new map.
Closes#4503
Co-authored-by: Cameron Childress <cameron@cchildress.org>
Co-authored-by: Kevin Collette <hal.collette@gmail.com>
Co-authored-by: Connor McKelvey <connormckelvey@gmail.com>
Co-authored-by: Dan Winter <dan.j.winter@gmail.com>
Signed-off-by: Dan Winter <dan.j.winter@gmail.com>
Signed-off-by: Cameron Childress <cameron@cchildress.org>
Signed-off-by: Kevin Collette <hal.collette@gmail.com>
Signed-off-by: Connor McKelvey <connormckelvey@gmail.com>
When 'helm <install|upgrade> --render-subchart-notes ...' is run, this will include
the notes from the subchart when rendered via Tiller.
Closes#2751
Signed-off-by: jgleonard <jgleonard@gmail.com>
* feat(helm): add $HELM_KEY_PASSPHRASE environment variable for signing helm charts
If $HELM_KEY_PASSPHRASE is set then helm package sign command will not prompt the
user to enter the passphrase for the private key
Signed-off-by: Anumita Shenoy <ansheno@microsoft.com>
* docs(helm): added documentation for HELM_KEY_PASSPHRASE
Added description for HELM_KEY_PASSPHRASE
Signed-off-by: Anumita Shenoy <ansheno@microsoft.com>
* fix(helm): fix regression with TLS flags/envvars
This change fixes some of the assumptions made in an earlier commit. Helm's TLS flags and environment variables were not respected because they were parsed well before execution (during settings.AddFlagsTLS()), causing erroneous behaviour at runtime. By re-introducing environment.Init(), Helm can properly parse environment variables at the correct time.
One change that had to occur in this PR is the fact that we need to call settings.Init() each time we call settings.AddFlagsTLS(). This is because each command owns its own FlagSet, so we need to parse each flagset to read and propagate the environment variables correctly.
I also noticed that we were maintaining two separate variables for each TLS value. Refactoring out some of the older code to all use the settings object makes the code much cleaner to read and fixes an issue where setting a flag or environment variable would propagate to the settings object, but we'd be reading from tlsEnable.
I've also added some unit tests to ensure this regression doesn't occur again.
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
* fix bug where os.ExpandEnv() on the default value causes differing behaviour
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
* add more context to the TODO/FIXME messages
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
* fix(helm): Use env to locate bash
Leverage '/usr/bin/env bash` for find bash instead of hardcoding
'/bin/bash' since some *nix OSes have it installed elsewhere.
Signed-off-by: Robert James Hernandez <rob@sarcasticadmin.com>
* test(helm): Adding case for versions short flag
When git sha is empty if being built from tarball running 'helm version
--short' should just ignore '--short' since sha is empty. Adding test
to ensure this is the case.
Signed-off-by: Robert James Hernandez <rob@sarcasticadmin.com>
* fix(helm): ignore short flag when sha is empty
Signed-off-by: Robert James Hernandez <rob@sarcasticadmin.com>
* Avoid importing k8s.io/kubernetes from pkg/helm
When writing a helm client (e.g. a helm plugin) that talks to tiller importing k8s.io/helm/pkg/helm to get the grpc client is key.
This pkg should not have a dependency to the k8s.io/kubernetes to avoid pulling in a lot of code that is only used within tiller and blow up binary sizes.
Signed-off-by: Fabian Ruff <fabian@progra.de>
* Add references to pull request in errors message
Signed-off-by: Fabian Ruff <fabian@progra.de>
* copy helper function from pkg/storage/driver
Signed-off-by: Fabian Ruff <fabian@progra.de>
* Move storage errors to seperate package
Signed-off-by: Fabian Ruff <fabian@progra.de>
* Keep old error variables for backward compatibility
Signed-off-by: Fabian Ruff <fabian@progra.de>
When using "helm repo add" with "--username" and without "--password",
hide user's input with a password prompt. This allows users to not
expose their passwords to the command line history.
docs(*): update tiller_ssl.md to reflect IP SAN usage.
When using helm/tiller in tls-verify mode, 127.0.0.1 should
be listed as an IP SAN in the tiller certificate to pass
hostname verficiation of the TLS handshake.
Closes#4149
tiller's rendering engine converts os filepath separators into unix-style filepath separators, so we need to split template names with a forward slash.
Adds the `--set-file key=filepath` flag to `install`, `upgrade`, `template` and `lint` sub-commands so that the content of the file at the `filepath` is set to the value for the `key`.
Resolves#1754
in helm install --dep-up
helm install --dep-up does not deploy the charts downloaded by itself.
I reload the charts path after downloading the missing charts.
Closes#3423
When reading through `cmd/tiller/tiller.go`, I noticed a comment around
`rootServer` mentions the usage of an `init` function. However, there is
no `init` function in this package. Update the comment to be more
accurate.
This adds support for installing CRDs well before any other resource
kinds are installed.
This PR introduces a new hook, `crd-install`, that fires before
manifests are even validated. It is used to install a CRD before any
other part of a chart is installed.
Currently, this hook is _only implemented for install_. That means we
currently cannot add new CRDs during `helm upgrade`, nor can they
be rolled back. This is the safest configuration, as the update/rollback
cycle gets very challenging when CRDs are added and removed.
The choice of interface `--output (json|yaml)` is to match that of the
status command, except that -o is not available as it is already used
by --offset.
WIP #1534
The testing.T in the subtest wasn't being used, so subtests were
effectively not being used. Additionally, in case subtests run in
parallel, we assign tt := tt to fix closure captures on range variables,
since the variables produced by a range are re-used between iterations.
The previous code validated the manifests exist within the file system,
which only works when a chart is unpacked, meaning children charts
stored as tgz's in the parent chart's `charts/` directory don't exist as
individual files in the filesystem, causing validation to file.
Instead, we validate against the paths within the chart itself rather
than the filesystem, handling both chart.tgz's and charts that are
unpacked as directories in the chart/ directory.
A recent PR (#3471) wasn't up to date with the latest master changes.
This fixes the issue and adds the right number of parameters to the
`vals` function call.
Adds automountServiceAccountToken when a serviceAccount is specified.
Prior to this, tiller falls back to contacting the KUBERNETES_SERVICE on
localhost:8080 rather than respecting the cluster IP in the
KUBERNETES_SERVICE_{HOST,PORT} environment variables.
Fixes#3460, fixes#3467.
When 'helm package --set stringsArray' is run, this will set/override values
in the packaged chart. 'helm package --values valueFiles' uses one or more
value files to achieve the same.
Closes#3141
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
that leave behind temporary helm home directories during build.
With this fix, the build process no longer leaves behind 'helm_home-*' temp directories.
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
When `helm init -o yaml|json` is run, the service and optional secret manifests
will be included in the output. The manifests are included in a Kubernetes
[List](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#List) object.
This also includes some refactoring and consolidates how manifests are output in
`--dry-run` and removes some unnecessary marshaling between Kubernetes objects
and strings.
Fixes#3145
https://github.com/kubernetes/helm/pull/3183 added a keepalive to the Helm client of 30s period, while Tiller was never configured to permit this, keeping the default minimum keepalive period of 5 minutes, disconnecting any clients which ping more regularly than this.
This commit enforces a minimum that is lower than what Helm is configured for, preventing these disconnections, and thus fixes#3409.
When building helm, golint no longer generates the following warning:
cmd/helm/install.go:502:9⚠️ if block ends with a return statement, so drop this else and outdent its block (golint)
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
This commit improves to display the default value of --kube-version in
help message of `helm template` command.
```
--kube-version string kubernetes version used as Capabilities.KubeVersion.Major/Minor (default "1.9")
```
Prior to this, using the semver template functions with the full
version, which is represented in the GitVersion, was not possible
for helm template and lint commands because the property was not
populated by default. This update adds default handling.
Closes#3349
* feat(helm): Add --full-output to helm list and helm history
The default maximum length of the output table is 60 chars.
When the length is greater than 60, the content will be omitted.
This patch adds -f and --full-output to helm list and helm history
which can display full information of releases on the screen.
Closes#2828
* a
* feat(helm): Add --full-output to helm list and helm history
The default maximum length of the output table is 60 chars.
When the length is greater than 60, the content will be omitted.
This patch adds -f and --full-output to helm list and helm history
which can display full information of releases on the screen.
Closes#2828
* Add "--namespace" to helm lint
Keep lint syntax as close as possible to "helm install" resp. "helm
upgrade", so that one only needs to change the command.
See #2036
* Align lintCmd struct
* Add "--set" and "--values" to helm lint
Keep lint syntax as close as possible to "helm install" resp. "helm
upgrade", so that one only needs to change the command.
Closes #2495,#2036
* Reuse strict parameter, when rendering during lint
We want to see the rendering fail, if we missed a value, so we reuse
"--strict".
See #2495,#2036
* Fix lint unit test
See #2495,#2036
* Update docs
When 'helm package --app-version foo' is run, this will
set the AppVersion field to 'foo' in the packaged chart.
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
Matthew Fisher
Dan Winter
Lev Aminov
liaoj
adshmh
Jon Leonard
Bartel Sielski
masahiro
Martin Hickey
Anumita Shenoy
Adam Reese
Louis Munro
Carlos Tadeu Panato Junior
Robert James Hernandez
Fabian Ruff
Arash Deshmeh
aswinkarthik
roc
smurfralf
Adam Reese
Matt Farina
fibonacci1729
Mike Lundy
Rimas
Julien Bordellier
KUOKA Yusuke
Rohan Chakravarthy
Erik Sundell
Brian
Dusty Rip
Junya Ogasawara
rocky
liyongxin
ruicao
mattjmcnaughton
Johnny Bergström
Yeni Capote Diaz
Jonathan Hall
Doug Winter
Matt Butcher
Marat Garafutdinov
AdamDang
Sean Eagan
Michelle Noorali
Derek Bassett
Nikhil Manchanda
Chance Zibolski
Taylor Thomas
Michelle Noorali
Ryan Hartje
Gijs Kunze
John Koleszar
Helgi Þorbjörnsson
Arturo Contreras
Eyal Ben Moshe
Andrii Soldatenko
Daisuke Maki
Rajat Jindal
Florian Zysset
Morgan Parry
Yaroslav Molochko
Christopher A. Stelma
Ryan Payton
James Munnelly
Justin Scott
ryane
Liam White
Sunny
Ben Langfeld
Pure White
Kazuki Suda
Alex Johnson
Reinhard Nägele
rocky-nupt
Julian
Pietro Menna
Sam Leavens
Igor Vuk
Christoph Hösler
Morgan Parry