Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

app-build-suite doesn't correctly handle semver suffix when publishing charts to catalog #3785

Closed
AverageMarcus opened this issue Nov 29, 2024 · 3 comments

Comments

@AverageMarcus
Copy link
Member

When publishing a Helm chart to a catalog using app-build-suite if the tag version contains a suffix (e.g. v1.2.3-gs1) then the suffix is dropped and the chart is published with just the version numbers. This could potentially lead to charts being incorrectly overwritten (but hasn't been confirmed).

Example:

cluster-autoscaler-app v1.30.3-gs1

This release was published as https://giantswarm.github.io/default-catalog/cluster-autoscaler-app-1.30.3.tgz instead of the expected https://giantswarm.github.io/default-catalog/cluster-autoscaler-app-1.30.3-gs1.tgz.

CircleCI job

Note: The previous release v1.30.2-gs1 didn't have this bug so it was introduced sometime after that release.

Related slack thread


This is currently blocking https://github.com/giantswarm/giantswarm/issues/32160

@piontec
Copy link

piontec commented Dec 4, 2024

This is fixed now in app-build-suite 1.2.8, which is set as a builder in architect-orb 5.11.2.

Please note, however, that you're abusing semver here: -gs1 and sequential numbers indicate clearly that it's a pre-release. All the libs that we use most probably take this into account (I've seen that already), so it means that, at least (not exclusive) this problems are included:

  1. If you ever release 1.30.3, all the releases tagged 1.30.3-gs(\d+) will be considered pre-releases for that release and will always come before it.
  2. If you never in the future release a version that drops the -gsX suffix, all your versions will be considered pre-releases. So, If you have at least 1 tag without that preffix, no matter how old, it will be considered the most recent stable release for that app.
  3. As you're not using . separator between the pre-release tag (you have -gs1, not -gs.1), i think (95%) it will be sorted lexicographically, so -gs9 will come after -gs10.

TL;DR: please change this tagging scheme to comply with semver or you might get a surprise.

@piontec
Copy link

piontec commented Dec 4, 2024

I'm not closing the ticket yet, please confirm it works OK for you now.

@mproffitt
Copy link

Closing this as complete - if any issues arise we'll work on that under a new ticket

@github-project-automation github-project-automation bot moved this from Inbox 📥 to Done ✅ in Roadmap Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Archived in project
Development

No branches or pull requests

3 participants