improve handling of Helm index with broken helm chart versions #13176
Comments
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Jul 12, 2024
3 tasks
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Jul 14, 2024
|
First comment: agree, if entries are excluded due to validation failure, then the filtered entries slice should be assigned back to Second comment: #12789 doesn't exclude "bad" entries. It actually does the opposite: it allows bad entries (entries which fail validation) to be included. By ignoring the validation error. And as such, it actually reduces the expose to the bug presented here. I mention, because I want to ensure the fix proposed is the right one (and there isn't another cause) |
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Aug 14, 2024
robertsirc
pushed a commit
to bb-Ricardo/helm
that referenced
this issue
Oct 4, 2024
mattfarina
added a commit
that referenced
this issue
Oct 4, 2024
Improves handling of Helm index with broken helm chart versions #13176
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: [email protected] <[email protected]> (cherry picked from commit 154b477)
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: [email protected] <[email protected]> (cherry picked from commit af13b0d)
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: [email protected] <[email protected]> (cherry picked from commit cdbef2b)
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this issue
Oct 15, 2024
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [helm/helm](https://github.com/helm/helm) | patch | `v3.16.1` -> `v3.16.2` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>helm/helm (helm/helm)</summary> ### [`v3.16.2`](https://github.com/helm/helm/releases/tag/v3.16.2): Helm v3.16.2 [Compare Source](helm/helm@v3.16.1...v3.16.2) Helm v3.16.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing MRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Installation and Upgrading Download Helm v3.16.2. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz.sha256sum) / 33efd48492f2358a49a231873e8baf41f702b5ab059333ae9c31e5517633c16e) - [MacOS arm64](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz.sha256sum) / 56413c7fbb496d2789881039cab61d849727c7b35db00826fae7a2685a403344) - [Linux amd64](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz.sha256sum) / 9318379b847e333460d33d291d4c088156299a26cd93d570a7f5d0c36e50b5bb) - [Linux arm](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz.sha256sum) / f0f606d0806a518b749bd82e8dbfe6a803aa33340215590ef3977c60e366ba82) - [Linux arm64](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz.sha256sum) / 1888301aeb7d08a03b6d9f4d2b73dcd09b89c41577e80e3455c113629fc657a4) - [Linux i386](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz.sha256sum) / 4fb0cdf74a8a23622aac5980fbbc91cd95b08de5624ac0beba271d7b3b1a128d) - [Linux ppc64le](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz.sha256sum) / 32a1b6073064a4a86d2a684180b6662ea202d1294b09ca52a6ba9d4cf071fec7) - [Linux s390x](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz.sha256sum) / a2e80592b9e45487d8bb6b10721c759287cf18be4389b53d67c7cf1e91c84959) - [Linux riscv64](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz.sha256sum) / c9730c8e6a1b2b30e119270793772bcac835737a16e613aabc36b07b8e027009) - [Windows amd64](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip.sha256sum) / 57821dd47d5728912e14000ee62262680e9039e8d05e18342cc010d5ac7908d7) - [Windows arm64](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip.sha256sum) / d746889023a6df98f71d2785835e32cd6fbbf81e21a21d5e9d4542ed3cfe168d) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@​mattfarina](https://github.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.16.3 is the next patch release and will be on November 13, 2024 - 3.17.0 is the next feature release and will be on January 15, 2025 #### Changelog - Revering change unrelated to issue [#​13176](helm/helm#13176) [`13654a5`](helm/helm@13654a5) ([email protected]) - adds tests for handling of Helm index with broken chart versions [#​13176](helm/helm#13176) [`9fc8f1b`](helm/helm@9fc8f1b) ([email protected]) - improves handling of Helm index with broken helm chart versions [#​13176](helm/helm#13176) [`961194d`](helm/helm@961194d) ([email protected]) - Bump the k8s-io group with 7 updates [`f6be62b`](helm/helm@f6be62b) (dependabot\[bot]) - adding check-latest:true [`27d44cf`](helm/helm@27d44cf) (Robert Sirchia) - Grammar fixes [`46e0a0f`](helm/helm@46e0a0f) (Nathan Baulch) - Fix typos [`a1bd541`](helm/helm@a1bd541) (Nathan Baulch) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this issue
Jan 28, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [helm/helm](https://github.com/helm/helm) | minor | `v3.16.4` -> `v3.17.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>helm/helm (helm/helm)</summary> ### [`v3.17.0`](https://github.com/helm/helm/releases/tag/v3.17.0): Helm v3.17.0 [Compare Source](helm/helm@v3.16.4...v3.17.0) Helm v3.17.0 is a feature release. Users are encouraged to upgrade for the best experience. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing MRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Notable Changes - Allow pulling and installation by OCI digest - Annotations and dependencies are now in chart metadata output - New `--take-ownership` flag for install and upgrade commands - SDK: Authorizer and registry authorizer are now configurable - Removed the Kubernetes configuration file permissions check - Added username/password to helm push and dependency build/update subcommands - Added `toYamlPretty` template function #### Installation and Upgrading Download Helm v3.17.0. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.17.0-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-darwin-amd64.tar.gz.sha256sum) / 0d5fd51cf51eb4b9712d52ecd8f2a3cd865680595cca57db38ee01802bd466ea) - [MacOS arm64](https://get.helm.sh/helm-v3.17.0-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-darwin-arm64.tar.gz.sha256sum) / 5db292c69ba756ddbf139abb623b02860feef15c7f1a4ea69b77715b9165a261) - [Linux amd64](https://get.helm.sh/helm-v3.17.0-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-amd64.tar.gz.sha256sum) / fb5d12662fde6eeff36ac4ccacbf3abed96b0ee2de07afdde4edb14e613aee24) - [Linux arm](https://get.helm.sh/helm-v3.17.0-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-arm.tar.gz.sha256sum) / a388478049bf4ad440fa394f28421aa43cec3631ba197a8203c485edbec3e3fe) - [Linux arm64](https://get.helm.sh/helm-v3.17.0-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-arm64.tar.gz.sha256sum) / c4d4be8e80082b7eaa411e3e231d62cf05d01cddfef59b0d01006a7901e11ee4) - [Linux i386](https://get.helm.sh/helm-v3.17.0-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-386.tar.gz.sha256sum) / af89be03bb15175cd27573b48f4b9621e08982ab7788dd36e073baac988d6b2e) - [Linux ppc64le](https://get.helm.sh/helm-v3.17.0-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-ppc64le.tar.gz.sha256sum) / 32833acf72b240e9ca78a3eac630a0ba420e073b02df3030c369a287b8bdc769) - [Linux s390x](https://get.helm.sh/helm-v3.17.0-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-s390x.tar.gz.sha256sum) / 4b002d673ef35d78843c45cc169faf1040eec75937f19fccce41d2074f459653) - [Linux riscv64](https://get.helm.sh/helm-v3.17.0-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.17.0-linux-riscv64.tar.gz.sha256sum) / 38297aca2046fd13f2e0415ecc9cdb006f4008b286467f5f217187647dbbab5b) - [Windows amd64](https://get.helm.sh/helm-v3.17.0-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.17.0-windows-amd64.zip.sha256sum) / 0625e51437107991922f76adbec4a4f12a4438942182677399ab758a3ec8bdc5) - [Windows arm64](https://get.helm.sh/helm-v3.17.0-windows-arm64.zip) ([checksum](https://get.helm.sh/helm-v3.17.0-windows-arm64.zip.sha256sum) / 5fd16dde353aa5909562f127befea8db3879ecf63050fea3fb106ff8bfdd1a9c) This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at [@​r6by](https://github.com/r6by) [keybase account](https://keybase.io/r6by). Please use the attached signatures for verifying this release using gpg. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.17.1 is the next patch release and will be on February 12, 2025 - 3.18.0 is the next minor release and will be on May 14, 2025 #### Changelog - bump version to v3.17.0 [`301108e`](helm/helm@301108e) (Matt Farina) - fix: make ORAS reference private [`949b2e6`](helm/helm@949b2e6) (Terry Howe) - fix: issue with helm template and oci chart [`aba95b9`](helm/helm@aba95b9) (Terry Howe) - feat: allow installation by OCI digest [`c3e5217`](helm/helm@c3e5217) (Terry Howe) - Bump the k8s-io group with 7 updates [`33a0ee7`](helm/helm@33a0ee7) (dependabot\[bot]) - Upgrade golang.org/x/net to v0.33.0 to address CVE-2024-45338 [`79993d2`](helm/helm@79993d2) (cx) - Update golangci-lint version [`037c18a`](helm/helm@037c18a) (Matt Farina) - Update to Go 1.23 [`9f620b8`](helm/helm@9f620b8) (Matt Farina) - ref(create): don't render empty resource fields [`ba180a3`](helm/helm@ba180a3) (dnskr) - Add annotations and dependencies to get metadata output The output of helm get metadata includes a subset of the fields contained in the chart.Metadata struct. This change adds the values of the annotations field and the dependencies field to the output. [`7321579`](helm/helm@7321579) (Niladri Halder) - Run `build-test` action on `dev-v3` branch [`2042f7d`](helm/helm@2042f7d) (George Jenkins) - Fix dev-v3 from take ownership changes [`a3a9e4f`](helm/helm@a3a9e4f) (Matt Farina) - Bump github.com/rubenv/sql-migrate from 1.7.0 to 1.7.1 [`c7cd177`](helm/helm@c7cd177) (dependabot\[bot]) - Bump github.com/cyphar/filepath-securejoin from 0.3.4 to 0.3.6 [`ca61226`](helm/helm@ca61226) (dependabot\[bot]) - Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 [`9421fac`](helm/helm@9421fac) (dependabot\[bot]) - Bump github.com/containerd/containerd from 1.7.23 to 1.7.24 [`562eb54`](helm/helm@562eb54) (dependabot\[bot]) - Bump golang.org/x/crypto from 0.30.0 to 0.31.0 [`6ba4c6e`](helm/helm@6ba4c6e) (dependabot\[bot]) - Bump the k8s-io group with 7 updates [`ac16258`](helm/helm@ac16258) (dependabot\[bot]) - fix test output [`edf7b66`](helm/helm@edf7b66) (Mayank Shah) - fix test [`b9d58a1`](helm/helm@b9d58a1) (Mayank Shah) - fix upgrade [`2541e46`](helm/helm@2541e46) (Mayank Shah) - Shadow ORAS remote.Client interface [`c40cf00`](helm/helm@c40cf00) (George Jenkins) - Make the authorizer and registry authorizer configurable [`3c2ab91`](helm/helm@3c2ab91) (Ryan Nowak) - Rename CAFile to CaFile for consistency [`7a22dd2`](helm/helm@7a22dd2) (Evans Mungai) - Update cmd/helm/upgrade.go [`885e938`](helm/helm@885e938) (Mayank Shah) - Update cmd/helm/install.go [`7efa286`](helm/helm@7efa286) (Mayank Shah) - Add --take-ownership flag for install and upgrade commands [`c3a5f27`](helm/helm@c3a5f27) (Mayank Shah) - Adding CI for dev-v3 branch [`b5a83ea`](helm/helm@b5a83ea) (Matt Farina) - Bump golang.org/x/crypto from 0.28.0 to 0.29.0 [`a2d289f`](helm/helm@a2d289f) (dependabot\[bot]) - fix: fix label name [`e4062e7`](helm/helm@e4062e7) (wangjingcun) - Updating subchart load error to be more descriptive [`6f2f7d4`](helm/helm@6f2f7d4) (Taylor Jasko) - Add tests to `helm/pkg/kube/client_test.go` to cover `wait.go` [`9fd943b`](helm/helm@9fd943b) (Alex Johnson) - Fix typo in pkg/lint/rules/chartfile_test.go [`0cc78c6`](helm/helm@0cc78c6) (Zach Burgess) - Increasing the size of the runner used for releases. [`029e983`](helm/helm@029e983) (Matt Farina) - fix(hooks): correct hooks delete order [`f4f4a6b`](helm/helm@f4f4a6b) (Suleiman Dibirov) - Allow tests to run on loong64 [`a51ea6e`](helm/helm@a51ea6e) (Tianle Xu) - Bump actions/checkout from 4.2.1 to 4.2.2 [`f983342`](helm/helm@f983342) (dependabot\[bot]) - Bump actions/setup-go from 5.0.2 to 5.1.0 [`c867af8`](helm/helm@c867af8) (dependabot\[bot]) - chore: fix some function names in comment [`de9e138`](helm/helm@de9e138) (wangjingcun) - Bump the k8s-io group with 7 updates [`e4304bd`](helm/helm@e4304bd) (dependabot\[bot]) - removing duplicate empty test [`7e6b34d`](helm/helm@7e6b34d) (Robert Sirchia) - fixing unit test as per Matt [`16a4e37`](helm/helm@16a4e37) (Robert Sirchia) - Ensure test fails without causing panic [`bdaa93b`](helm/helm@bdaa93b) (Evans Mungai) - Fix failing tests [`3c4d0bb`](helm/helm@3c4d0bb) (Evans Mungai) - Remove unnecessary function arguments [`d25b0d9`](helm/helm@d25b0d9) (Evans Mungai) - chore: Check tar is installed install script [`3a5805e`](helm/helm@3a5805e) (Evans Mungai) - adding more unit test [`a205af7`](helm/helm@a205af7) (Robert Sirchia) - Cleanup redundant GO11MODULE [`4a15cc3`](helm/helm@4a15cc3) (George Jenkins) - adding test coverage for ready.go [`999b851`](helm/helm@999b851) (Robert Sirchia) - fix(helm): Retry Conflict error for createResource, deleteResource [`79a1f2c`](helm/helm@79a1f2c) (Andreas Karis) - minor spelling fix [`ca58464`](helm/helm@ca58464) (Jon Olsson) - Bump github.com/containerd/containerd from 1.7.12 to 1.7.23 [`fe4d0d9`](helm/helm@fe4d0d9) (dependabot\[bot]) - Reorder triage ids [`8b85934`](helm/helm@8b85934) (Evans Mungai) - chore: Add Evans to OWNERS file [`75c124a`](helm/helm@75c124a) (Evans Mungai) - Bump github.com/cyphar/filepath-securejoin from 0.3.1 to 0.3.4 [`b45680c`](helm/helm@b45680c) (dependabot\[bot]) - chore(deps): bump actions/stale from 3.0.14 to 9.0.0 [`140a376`](helm/helm@140a376) (dependabot\[bot]) - chore: Make retryingRoundTripper type public [`ab3c589`](helm/helm@ab3c589) (Luis Davim) - Bump actions/checkout from 4.2.0 to 4.2.1 [`d517450`](helm/helm@d517450) (dependabot\[bot]) - Doc: add Flox as an installation option. [`30de3bb`](helm/helm@30de3bb) (Bryan Honof) - Move jdolitsky to emeritus [`076bb1f`](helm/helm@076bb1f) (Josh Dolitsky) - verbs [`f5fcae8`](helm/helm@f5fcae8) (George Jenkins) - fix: Use chart archive modifed time for OCI push [`02ef83f`](helm/helm@02ef83f) (George Jenkins) - Bump golang.org/x/crypto from 0.27.0 to 0.28.0 [`4c54d15`](helm/helm@4c54d15) (dependabot\[bot]) - Revering change unrelated to issue [#​13176](helm/helm#13176) [`cdbef2b`](helm/helm@cdbef2b) ([email protected]) - Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 [`9e192b2`](helm/helm@9e192b2) (dependabot\[bot]) - updating owners file [`36f0b42`](helm/helm@36f0b42) (Robert Sirchia) - Bump the k8s-io group with 7 updates [`d5df067`](helm/helm@d5df067) (dependabot\[bot]) - Bump golang/govulncheck-action from 1.0.3 to 1.0.4 [`7925733`](helm/helm@7925733) (dependabot\[bot]) - Move gjenkins to maintainer [`9c36d1f`](helm/helm@9c36d1f) (George Jenkins) - Bump actions/checkout from 4.1.7 to 4.2.0 [`2cd8d54`](helm/helm@2cd8d54) (dependabot\[bot]) - fix: add missing formatChartName call [`de18ac1`](helm/helm@de18ac1) (Terry Howe) - Update history.go [`4735f2b`](helm/helm@4735f2b) (myeunee) - adding toplevel permissions to workflows missing them [`a8750f4`](helm/helm@a8750f4) (Robert Sirchia) - add strvals fuzzer from cncf-fuzzing [`b203cc1`](helm/helm@b203cc1) (Adam Korczynski) - add chart fuzz tests [`e432f39`](helm/helm@e432f39) (Adam Korczynski) - Remove the Kubernetes configuration file permissions check [`49cb14a`](helm/helm@49cb14a) (Yarden Shoham) - Grammar fixes [`ef85fa7`](helm/helm@ef85fa7) (Nathan Baulch) - Fix typos [`ff9dd26`](helm/helm@ff9dd26) (Nathan Baulch) - removing testing trigger from govulncheck action [`62069eb`](helm/helm@62069eb) (Robert Sirchia) - adding top-level permissions [`114db17`](helm/helm@114db17) (Robert Sirchia) - Fixing the action trigger [`8642225`](helm/helm@8642225) (Robert Sirchia) - testing permissing for codeql [`5217ea8`](helm/helm@5217ea8) (Robert Sirchia) - Bump ossf/scorecard-action from 2.3.1 to 2.4.0 [`9134b9e`](helm/helm@9134b9e) (dependabot\[bot]) - Bump actions/checkout from 4.1.1 to 4.1.7 [`144e7b0`](helm/helm@144e7b0) (dependabot\[bot]) - fix: fix testchart lint errors [`ddead08`](helm/helm@ddead08) (Rui Chen) - adding check-latest:true [`611fae3`](helm/helm@611fae3) (Robert Sirchia) - Revert "Improve helm dependency update performance" [`c81bd89`](helm/helm@c81bd89) (Matt Farina) - bumping version to 1.22.7 [`e7b25ba`](helm/helm@e7b25ba) (Robert Sirchia) - Add New Relic [`a55c0b4`](helm/helm@a55c0b4) (Calvin A. Allen) - Update ADOPTERS.md [`2b6f76c`](helm/helm@2b6f76c) (Richard Hooper) - Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 [`06afebb`](helm/helm@06afebb) (dependabot\[bot]) - Bump golang.org/x/crypto from 0.26.0 to 0.27.0 [`9f6925e`](helm/helm@9f6925e) (dependabot\[bot]) - refectoring to ONE GH action [`5326d79`](helm/helm@5326d79) (Robert Sirchia) - adding new lines at the end of each files [`d911881`](helm/helm@d911881) (Robert Sirchia) - changing the trigger file [`1aa640f`](helm/helm@1aa640f) (Robert Sirchia) - removing line break used for testing [`0eae854`](helm/helm@0eae854) (Robert Sirchia) - adding a line break to test the GH trigger [`438221f`](helm/helm@438221f) (Robert Sirchia) - changing trigger file from go.sum to go.mod [`3ef6dd4`](helm/helm@3ef6dd4) (Robert Sirchia) - removing govulncheck from build-test [`5f15f53`](helm/helm@5f15f53) (Robert Sirchia) - adding new workflows for govulncheck [`4df7d56`](helm/helm@4df7d56) (Robert Sirchia) - bump version to v3.16.0 [`d644da6`](helm/helm@d644da6) (Matt Farina) - Bump github.com/gofrs/flock from 0.8.1 to 0.12.1 [`a77ad1a`](helm/helm@a77ad1a) (dependabot\[bot]) - adding a new line at the end of the file as per the request of the maintainers [`88fa81e`](helm/helm@88fa81e) (Robert Sirchia) - restoring the original triggers that were removed for testing [`76b9d96`](helm/helm@76b9d96) (Robert Sirchia) - moving govulncheck to a seperate job [`38dd4a7`](helm/helm@38dd4a7) (Robert Sirchia) - removing specific go version for govulncheck [`1ad6af9`](helm/helm@1ad6af9) (Robert Sirchia) - updating go version for govulncheck [`e46e0dd`](helm/helm@e46e0dd) (Robert Sirchia) - fixing directory for go-packages [`6757f8a`](helm/helm@6757f8a) (Robert Sirchia) - changing the triggers to test this GH actions [`031b344`](helm/helm@031b344) (Robert Sirchia) - Adding in workflow_call to test GH Actions [`7e3df4b`](helm/helm@7e3df4b) (Robert Sirchia) - adding workflow_dispatch to test [`b351fdc`](helm/helm@b351fdc) (Robert Sirchia) - adding govulncheck [`6761729`](helm/helm@6761729) (Robert Sirchia) - fix: fixed the token-permission and pinned-dependencies issue [`b4caed9`](helm/helm@b4caed9) (harshitasao) - docs(repo_index): explicitly state that the result is written to the directory passed in [`a71eaea`](helm/helm@a71eaea) (Rauno Viskus) - Added the scorecard github action and its badge [`ae17dea`](helm/helm@ae17dea) (harshitasao) - Revert CAFile rename breaking change [`0687961`](helm/helm@0687961) (Evans Mungai) - kube/client: add to global client-go scheme in init func [`b9bdeca`](helm/helm@b9bdeca) (Dr. Stefan Schimanski) - adds tests for handling of Helm index with broken chart versions [#​13176](helm/helm#13176) [`af13b0d`](helm/helm@af13b0d) ([email protected]) - improves handling of Helm index with broken helm chart versions [#​13176](helm/helm#13176) [`154b477`](helm/helm@154b477) ([email protected]) - Add username/password to package subcommand [`12d8d28`](helm/helm@12d8d28) (Evans Mungai) - Run go fmt [`0ad80e3`](helm/helm@0ad80e3) (Evans Mungai) - Add username/password to dependency build/update subcommands [`837ae42`](helm/helm@837ae42) (Evans Mungai) - Add username/password to push subcommand [`7672a17`](helm/helm@7672a17) (Evans Mungai) - Update ADOPTERS.md [`e0751f3`](helm/helm@e0751f3) (Nick Josevski) - ISSUE-9507: TEST server with varied Accept Header [`3c39705`](helm/helm@3c39705) (Matt Clegg) - ISSUE-9507: ADD `application/gzip,application/octet-stream` accept header when downloading chart [`fff3547`](helm/helm@fff3547) (Matt Clegg) - test(create): Test to check deprecated resource templates [`9c0b4c8`](helm/helm@9c0b4c8) (Bhargav Ravuri) - added sprintf solution and found other possible overflow occurences [`ab640a7`](helm/helm@ab640a7) (Trenton VanderWert) - changed Iota to FormatInt to allow int64 value preventing 2038 overflow [`4a45342`](helm/helm@4a45342) (Trenton VanderWert) - fix(helm): pass down username/password CLI parameters to OCI registry clients [`dc158f6`](helm/helm@dc158f6) (Evans Mungai) - Added `toYamlPretty` template function [`73f1dcc`](helm/helm@73f1dcc) (Fred Heinecke) - test(pkg/engine): add tests for TOML parsing [`266ab5a`](helm/helm@266ab5a) (Dominik Müller) - feat(pkg/engine): add TOML parsing functionality [`f550eda`](helm/helm@f550eda) (Dominik Müller) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMzcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjEzNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While trying to figure out the issue fluxcd/source-controller#1515 in the flux source controller of filtering chart versions from a Helm index with broken dependencies we stumbled over this issue #12748 where it has already been fixed in Helm.
On further investigation it appeared that the exclusion of invalid versions in
helm/pkg/repo/index.go
Line 345 in 1a500d5
even though the copied slice
cvswas adjusted to the correct size, the original slicei.Entriesstill remained the original size. It just contained copies of references of valid versions.example of
i.Entriesbefore filtering:assuming chart versions at location
0xc0001315f0and0xc000131a70are invalid. The content of cvs after validating the versions looked like this (which is correct):But
i.Entriesstill remains the original size:Technically it does not contain any invalid version. But later on the index gets further sorted and filtered which unnecessarily contains duplicate versions.
a simple reassignment of
cvstoi.Entries[name]solves this issue.Additionally:
If the last chart in the index is malformed, it will not be removed
The text was updated successfully, but these errors were encountered: