improve handling of Helm index with broken helm chart versions #13176
Comments
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Jul 12, 2024
…13176 Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
3 tasks
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Jul 14, 2024
…#13176 Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
|
First comment: agree, if entries are excluded due to validation failure, then the filtered entries slice should be assigned back to Second comment: #12789 doesn't exclude "bad" entries. It actually does the opposite: it allows bad entries (entries which fail validation) to be included. By ignoring the validation error. And as such, it actually reduces the expose to the bug presented here. I mention, because I want to ensure the fix proposed is the right one (and there isn't another cause) |
bb-Ricardo
added a commit
to bb-Ricardo/helm
that referenced
this issue
Aug 14, 2024
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
robertsirc
pushed a commit
to bb-Ricardo/helm
that referenced
this issue
Oct 4, 2024
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
mattfarina
added a commit
that referenced
this issue
Oct 4, 2024
Improves handling of Helm index with broken helm chart versions #13176
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit 154b477)
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit af13b0d)
mattfarina
pushed a commit
that referenced
this issue
Oct 9, 2024
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de> (cherry picked from commit cdbef2b)
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this issue
Oct 15, 2024
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [helm/helm](https://github.com/helm/helm) | patch | `v3.16.1` -> `v3.16.2` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>helm/helm (helm/helm)</summary> ### [`v3.16.2`](https://github.com/helm/helm/releases/tag/v3.16.2): Helm v3.16.2 [Compare Source](helm/helm@v3.16.1...v3.16.2) Helm v3.16.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing MRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Installation and Upgrading Download Helm v3.16.2. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-amd64.tar.gz.sha256sum) / 33efd48492f2358a49a231873e8baf41f702b5ab059333ae9c31e5517633c16e) - [MacOS arm64](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-darwin-arm64.tar.gz.sha256sum) / 56413c7fbb496d2789881039cab61d849727c7b35db00826fae7a2685a403344) - [Linux amd64](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-amd64.tar.gz.sha256sum) / 9318379b847e333460d33d291d4c088156299a26cd93d570a7f5d0c36e50b5bb) - [Linux arm](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm.tar.gz.sha256sum) / f0f606d0806a518b749bd82e8dbfe6a803aa33340215590ef3977c60e366ba82) - [Linux arm64](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-arm64.tar.gz.sha256sum) / 1888301aeb7d08a03b6d9f4d2b73dcd09b89c41577e80e3455c113629fc657a4) - [Linux i386](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-386.tar.gz.sha256sum) / 4fb0cdf74a8a23622aac5980fbbc91cd95b08de5624ac0beba271d7b3b1a128d) - [Linux ppc64le](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-ppc64le.tar.gz.sha256sum) / 32a1b6073064a4a86d2a684180b6662ea202d1294b09ca52a6ba9d4cf071fec7) - [Linux s390x](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-s390x.tar.gz.sha256sum) / a2e80592b9e45487d8bb6b10721c759287cf18be4389b53d67c7cf1e91c84959) - [Linux riscv64](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.16.2-linux-riscv64.tar.gz.sha256sum) / c9730c8e6a1b2b30e119270793772bcac835737a16e613aabc36b07b8e027009) - [Windows amd64](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-amd64.zip.sha256sum) / 57821dd47d5728912e14000ee62262680e9039e8d05e18342cc010d5ac7908d7) - [Windows arm64](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip) ([checksum](https://get.helm.sh/helm-v3.16.2-windows-arm64.zip.sha256sum) / d746889023a6df98f71d2785835e32cd6fbbf81e21a21d5e9d4542ed3cfe168d) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@​mattfarina](https://github.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.16.3 is the next patch release and will be on November 13, 2024 - 3.17.0 is the next feature release and will be on January 15, 2025 #### Changelog - Revering change unrelated to issue [#​13176](helm/helm#13176) [`13654a5`](helm/helm@13654a5) (ricardo.bartels@telekom.de) - adds tests for handling of Helm index with broken chart versions [#​13176](helm/helm#13176) [`9fc8f1b`](helm/helm@9fc8f1b) (ricardo.bartels@telekom.de) - improves handling of Helm index with broken helm chart versions [#​13176](helm/helm#13176) [`961194d`](helm/helm@961194d) (ricardo.bartels@telekom.de) - Bump the k8s-io group with 7 updates [`f6be62b`](helm/helm@f6be62b) (dependabot\[bot]) - adding check-latest:true [`27d44cf`](helm/helm@27d44cf) (Robert Sirchia) - Grammar fixes [`46e0a0f`](helm/helm@46e0a0f) (Nathan Baulch) - Fix typos [`a1bd541`](helm/helm@a1bd541) (Nathan Baulch) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While trying to figure out the issue fluxcd/source-controller#1515 in the flux source controller of filtering chart versions from a Helm index with broken dependencies we stumbled over this issue #12748 where it has already been fixed in Helm.
On further investigation it appeared that the exclusion of invalid versions in
helm/pkg/repo/index.go
Line 345 in 1a500d5
even though the copied slice
cvswas adjusted to the correct size, the original slicei.Entriesstill remained the original size. It just contained copies of references of valid versions.example of
i.Entriesbefore filtering:assuming chart versions at location
0xc0001315f0and0xc000131a70are invalid. The content of cvs after validating the versions looked like this (which is correct):But
i.Entriesstill remains the original size:Technically it does not contain any invalid version. But later on the index gets further sorted and filtered which unnecessarily contains duplicate versions.
a simple reassignment of
cvstoi.Entries[name]solves this issue.Additionally:
If the last chart in the index is malformed, it will not be removed
The text was updated successfully, but these errors were encountered: