-
Notifications
You must be signed in to change notification settings - Fork 7.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
improve handling of Helm index with broken helm chart versions #13176
Comments
…13176 Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
…#13176 Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
First comment: agree, if entries are excluded due to validation failure, then the filtered entries slice should be assigned back to Second comment: #12789 doesn't exclude "bad" entries. It actually does the opposite: it allows bad entries (entries which fail validation) to be included. By ignoring the validation error. And as such, it actually reduces the expose to the bug presented here. I mention, because I want to ensure the fix proposed is the right one (and there isn't another cause) |
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
Improves handling of Helm index with broken helm chart versions #13176
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit 154b477)
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit af13b0d)
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit cdbef2b)
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [helm/helm](https://github.com/helm/helm) | patch | `v3.16.1` -> `v3.16.2` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>helm/helm (helm/helm)</summary> ### [`v3.16.2`](https://github.com/helm/helm/releases/tag/v3.16.2): Helm v3.16.2 [Compare Source](helm/helm@v3.16.1...v3.16.2) Helm v3.16.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing MRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Installation and Upgrading Download Helm v3.16.2. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz.sha256sum) / 33efd48492f2358a49a231873e8baf41f702b5ab059333ae9c31e5517633c16e) - [MacOS arm64](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz.sha256sum) / 56413c7fbb496d2789881039cab61d849727c7b35db00826fae7a2685a403344) - [Linux amd64](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz.sha256sum) / 9318379b847e333460d33d291d4c088156299a26cd93d570a7f5d0c36e50b5bb) - [Linux arm](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz.sha256sum) / f0f606d0806a518b749bd82e8dbfe6a803aa33340215590ef3977c60e366ba82) - [Linux arm64](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz.sha256sum) / 1888301aeb7d08a03b6d9f4d2b73dcd09b89c41577e80e3455c113629fc657a4) - [Linux i386](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz.sha256sum) / 4fb0cdf74a8a23622aac5980fbbc91cd95b08de5624ac0beba271d7b3b1a128d) - [Linux ppc64le](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz.sha256sum) / 32a1b6073064a4a86d2a684180b6662ea202d1294b09ca52a6ba9d4cf071fec7) - [Linux s390x](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz.sha256sum) / a2e80592b9e45487d8bb6b10721c759287cf18be4389b53d67c7cf1e91c84959) - [Linux riscv64](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz.sha256sum) / c9730c8e6a1b2b30e119270793772bcac835737a16e613aabc36b07b8e027009) - [Windows amd64](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip.sha256sum) / 57821dd47d5728912e14000ee62262680e9039e8d05e18342cc010d5ac7908d7) - [Windows arm64](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip.sha256sum) / d746889023a6df98f71d2785835e32cd6fbbf81e21a21d5e9d4542ed3cfe168d) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@​mattfarina](https://github.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.16.3 is the next patch release and will be on November 13, 2024 - 3.17.0 is the next feature release and will be on January 15, 2025 #### Changelog - Revering change unrelated to issue [#​13176](helm/helm#13176) [`13654a5`](helm/helm@13654a5) (ricardo.bartels@telekom.de) - adds tests for handling of Helm index with broken chart versions [#​13176](helm/helm#13176) [`9fc8f1b`](helm/helm@9fc8f1b) (ricardo.bartels@telekom.de) - improves handling of Helm index with broken helm chart versions [#​13176](helm/helm#13176) [`961194d`](helm/helm@961194d) (ricardo.bartels@telekom.de) - Bump the k8s-io group with 7 updates [`f6be62b`](helm/helm@f6be62b) (dependabot\[bot]) - adding check-latest:true [`27d44cf`](helm/helm@27d44cf) (Robert Sirchia) - Grammar fixes [`46e0a0f`](helm/helm@46e0a0f) (Nathan Baulch) - Fix typos [`a1bd541`](helm/helm@a1bd541) (Nathan Baulch) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
While trying to figure out the issue fluxcd/source-controller#1515 in the flux source controller of filtering chart versions from a Helm index with broken dependencies we stumbled over this issue #12748 where it has already been fixed in Helm.
On further investigation it appeared that the exclusion of invalid versions in
helm/pkg/repo/index.go
Line 345 in 1a500d5
even though the copied slice
cvs
was adjusted to the correct size, the original slicei.Entries
still remained the original size. It just contained copies of references of valid versions.example of
i.Entries
before filtering:assuming chart versions at location
0xc0001315f0
and0xc000131a70
are invalid. The content of cvs after validating the versions looked like this (which is correct):But
i.Entries
still remains the original size:Technically it does not contain any invalid version. But later on the index gets further sorted and filtered which unnecessarily contains duplicate versions.
a simple reassignment of
cvs
toi.Entries[name]
solves this issue.Additionally:
If the last chart in the index is malformed, it will not be removed
The text was updated successfully, but these errors were encountered: