Helm index validation not honoring Artifactory bug which was mitigated in Helm 3.14.3 #1515
Comments
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jun 14, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jun 14, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 12, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 12, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 12, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 14, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 15, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 15, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 15, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 15, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 18, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 18, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 18, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 18, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 18, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 19, 2024
bb-Ricardo
added a commit
to bb-Ricardo/source-controller
that referenced
this issue
Jul 19, 2024
github-actions bot
pushed a commit
that referenced
this issue
Jul 22, 2024
Signed-off-by: [email protected] <[email protected]> (cherry picked from commit a65f6fd)
|
Hi, was wondering if any release is planned/scheduled? Last release was May 4th. |
|
Thank you. I assumed there would be a bug fix release 1.3.1 (hence the backport to the 1.3.x branch) |
|
No patch release, only if a CVE is found in helm-controller we'll backport. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
today we ran into an issue with source controller version 1.3.0.
First we discovered that some Helm charts were missing from the index that source-controller created.
Downloading the index.yaml directly from the repository in Artifactory confirmed that the chart was present.
Then we downgraded the source-controller version to 1.2.4 and all was working as expected again.
So we started to investigate the changes between the two versions and we found it was the upgrade of the
Helm dependency from
helm.sh/helm/v3 v3.13.3tohelm.sh/helm/v3 v3.14.4.And found this issue: helm/helm#12748
The behavior of the this validate function has changed.
version 1.13.3
https://github.com/helm/helm/blob/v3.13.3/pkg/chart/metadata.go#L131-L135
Version 1.14.4
https://github.com/helm/helm/blob/v3.14.4/pkg/chart/metadata.go#L138-L150
To mitigate the reported Helm issue check has been added:
https://github.com/helm/helm/blob/15f76cf83c670a329b62c2b5ddeb0864ec99daec/pkg/repo/index.go#L369
https://github.com/helm/helm/blob/15f76cf83c670a329b62c2b5ddeb0864ec99daec/pkg/repo/index.go#L402-L414
Which is now missing from the logic in source-controller.
Best way forward from here I currently see is to copy the the behavior from Helm to implement the level of validation.
Another option would be to ask the Helm project to change the loadIndex
to a public function and then use this directly in source-controller. (Might still be an issue with the logging and naming the source)
Cheers
Ricardo
The text was updated successfully, but these errors were encountered: