diff --git a/README.md b/README.md index abdcd2f1..aee6762e 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,7 @@ repositories: username: optional_username password: optional_password oci: true + passCredentials: true # Advanced configuration: You can use a ca bundle to use an https repo # with a self-signed certificate - name: insecure diff --git a/pkg/app/app_test.go b/pkg/app/app_test.go index 26c3ac3e..8ff6794f 100644 --- a/pkg/app/app_test.go +++ b/pkg/app/app_test.go @@ -2519,7 +2519,7 @@ func (helm *mockHelmExec) SetExtraArgs(args ...string) { func (helm *mockHelmExec) SetHelmBinary(bin string) { return } -func (helm *mockHelmExec) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error { +func (helm *mockHelmExec) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error { helm.repos = append(helm.repos, mockRepo{Name: name}) return nil } diff --git a/pkg/app/mocks_test.go b/pkg/app/mocks_test.go index 978fcfe6..b382eb65 100644 --- a/pkg/app/mocks_test.go +++ b/pkg/app/mocks_test.go @@ -48,7 +48,7 @@ func (helm *noCallHelmExec) SetHelmBinary(bin string) { helm.doPanic() return } -func (helm *noCallHelmExec) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error { +func (helm *noCallHelmExec) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error { helm.doPanic() return nil } diff --git a/pkg/exectest/helm.go b/pkg/exectest/helm.go index b09efc83..9bd0b8d7 100644 --- a/pkg/exectest/helm.go +++ b/pkg/exectest/helm.go @@ -84,8 +84,8 @@ func (helm *Helm) SetExtraArgs(args ...string) { func (helm *Helm) SetHelmBinary(bin string) { return } -func (helm *Helm) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error { - helm.Repo = []string{name, repository, cafile, certfile, keyfile, username, password, managed} +func (helm *Helm) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error { + helm.Repo = []string{name, repository, cafile, certfile, keyfile, username, password, managed, passCredentials} return nil } func (helm *Helm) UpdateRepo() error { diff --git a/pkg/helmexec/exec.go b/pkg/helmexec/exec.go index 56c88cd8..669e03ba 100644 --- a/pkg/helmexec/exec.go +++ b/pkg/helmexec/exec.go @@ -108,7 +108,7 @@ func (helm *execer) SetHelmBinary(bin string) { helm.helmBinary = bin } -func (helm *execer) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error { +func (helm *execer) AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error { var args []string var out []byte var err error @@ -141,6 +141,9 @@ func (helm *execer) AddRepo(name, repository, cafile, certfile, keyfile, usernam if username != "" && password != "" { args = append(args, "--username", username, "--password", password) } + if passCredentials == "true" { + args = append(args, "--pass-credentials") + } helm.logger.Infof("Adding repo %v %v", name, repository) out, err = helm.exec(args, map[string]string{}) default: diff --git a/pkg/helmexec/exec_test.go b/pkg/helmexec/exec_test.go index 82af63ba..dab4af68 100644 --- a/pkg/helmexec/exec_test.go +++ b/pkg/helmexec/exec_test.go @@ -89,7 +89,7 @@ func Test_AddRepo_Helm_3_3_2(t *testing.T) { kubeContext: "dev", runner: &mockRunner{}, } - helm.AddRepo("myRepo", "https://repo.example.com/", "", "cert.pem", "key.pem", "", "", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "", "cert.pem", "key.pem", "", "", "", "") expected := `Adding repo myRepo https://repo.example.com/ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --force-update --cert-file cert.pem --key-file key.pem ` @@ -102,7 +102,7 @@ func Test_AddRepo(t *testing.T) { var buffer bytes.Buffer logger := NewLogger(&buffer, "debug") helm := MockExecer(logger, "dev") - helm.AddRepo("myRepo", "https://repo.example.com/", "", "cert.pem", "key.pem", "", "", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "", "cert.pem", "key.pem", "", "", "", "") expected := `Adding repo myRepo https://repo.example.com/ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --cert-file cert.pem --key-file key.pem ` @@ -111,7 +111,7 @@ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --cert-f } buffer.Reset() - helm.AddRepo("myRepo", "https://repo.example.com/", "ca.crt", "", "", "", "", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "ca.crt", "", "", "", "", "", "") expected = `Adding repo myRepo https://repo.example.com/ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --ca-file ca.crt ` @@ -120,7 +120,7 @@ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --ca-fil } buffer.Reset() - helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "", "", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "", "", "", "") expected = `Adding repo myRepo https://repo.example.com/ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ ` @@ -129,7 +129,7 @@ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ } buffer.Reset() - helm.AddRepo("acrRepo", "", "", "", "", "", "", "acr") + helm.AddRepo("acrRepo", "", "", "", "", "", "", "acr", "") expected = `Adding repo acrRepo (acr) exec: az acr helm repo add --name acrRepo exec: az acr helm repo add --name acrRepo: @@ -139,7 +139,7 @@ exec: az acr helm repo add --name acrRepo: } buffer.Reset() - helm.AddRepo("otherRepo", "", "", "", "", "", "", "unknown") + helm.AddRepo("otherRepo", "", "", "", "", "", "", "unknown", "") expected = `ERROR: unknown type 'unknown' for repository otherRepo ` if buffer.String() != expected { @@ -147,7 +147,7 @@ exec: az acr helm repo add --name acrRepo: } buffer.Reset() - helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "example_user", "example_password", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "example_user", "example_password", "", "") expected = `Adding repo myRepo https://repo.example.com/ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --username example_user --password example_password ` @@ -156,13 +156,23 @@ exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --userna } buffer.Reset() - helm.AddRepo("", "https://repo.example.com/", "", "", "", "", "", "") + helm.AddRepo("", "https://repo.example.com/", "", "", "", "", "", "", "") expected = `empty field name ` if buffer.String() != expected { t.Errorf("helmexec.AddRepo()\nactual = %v\nexpect = %v", buffer.String(), expected) } + + buffer.Reset() + helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "example_user", "example_password", "", "true") + expected = `Adding repo myRepo https://repo.example.com/ +exec: helm --kube-context dev repo add myRepo https://repo.example.com/ --username example_user --password example_password --pass-credentials +` + if buffer.String() != expected { + t.Errorf("helmexec.AddRepo()\nactual = %v\nexpect = %v", buffer.String(), expected) + } + } func Test_UpdateRepo(t *testing.T) { @@ -506,7 +516,7 @@ func Test_LogLevels(t *testing.T) { buffer.Reset() logger := NewLogger(&buffer, logLevel) helm := MockExecer(logger, "") - helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "example_user", "example_password", "") + helm.AddRepo("myRepo", "https://repo.example.com/", "", "", "", "example_user", "example_password", "", "") if buffer.String() != expected { t.Errorf("helmexec.AddRepo()\nactual = %v\nexpect = %v", buffer.String(), expected) } diff --git a/pkg/helmexec/helmexec.go b/pkg/helmexec/helmexec.go index 5c3aba89..2bc5b7d3 100644 --- a/pkg/helmexec/helmexec.go +++ b/pkg/helmexec/helmexec.go @@ -12,7 +12,7 @@ type Interface interface { SetExtraArgs(args ...string) SetHelmBinary(bin string) - AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error + AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error UpdateRepo() error RegistryLogin(name string, username string, password string) error BuildDeps(name, chart string) error diff --git a/pkg/state/state.go b/pkg/state/state.go index a2365798..9c3b663a 100644 --- a/pkg/state/state.go +++ b/pkg/state/state.go @@ -163,15 +163,16 @@ type HelmSpec struct { // RepositorySpec that defines values for a helm repo type RepositorySpec struct { - Name string `yaml:"name,omitempty"` - URL string `yaml:"url,omitempty"` - CaFile string `yaml:"caFile,omitempty"` - CertFile string `yaml:"certFile,omitempty"` - KeyFile string `yaml:"keyFile,omitempty"` - Username string `yaml:"username,omitempty"` - Password string `yaml:"password,omitempty"` - Managed string `yaml:"managed,omitempty"` - OCI bool `yaml:"oci,omitempty"` + Name string `yaml:"name,omitempty"` + URL string `yaml:"url,omitempty"` + CaFile string `yaml:"caFile,omitempty"` + CertFile string `yaml:"certFile,omitempty"` + KeyFile string `yaml:"keyFile,omitempty"` + Username string `yaml:"username,omitempty"` + Password string `yaml:"password,omitempty"` + Managed string `yaml:"managed,omitempty"` + OCI bool `yaml:"oci,omitempty"` + PassCredentials string `yaml:"passCredentials,omitempty"` } // ReleaseSpec defines the structure of a helm release @@ -392,7 +393,7 @@ func (st *HelmState) ApplyOverrides(spec *ReleaseSpec) { type RepoUpdater interface { IsHelm3() bool - AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string) error + AddRepo(name, repository, cafile, certfile, keyfile, username, password string, managed string, passCredentials string) error UpdateRepo() error RegistryLogin(name string, username string, password string) error } @@ -441,7 +442,7 @@ func (st *HelmState) SyncRepos(helm RepoUpdater, shouldSkip map[string]bool) ([] err = helm.RegistryLogin(repo.URL, username, password) } } else { - err = helm.AddRepo(repo.Name, repo.URL, repo.CaFile, repo.CertFile, repo.KeyFile, repo.Username, repo.Password, repo.Managed) + err = helm.AddRepo(repo.Name, repo.URL, repo.CaFile, repo.CertFile, repo.KeyFile, repo.Username, repo.Password, repo.Managed, repo.PassCredentials) } if err != nil { diff --git a/pkg/state/state_test.go b/pkg/state/state_test.go index 30157082..cbf30e69 100644 --- a/pkg/state/state_test.go +++ b/pkg/state/state_test.go @@ -883,16 +883,17 @@ func TestHelmState_SyncRepos(t *testing.T) { name: "normal repository", repos: []RepositorySpec{ { - Name: "name", - URL: "http://example.com/", - CertFile: "", - KeyFile: "", - Username: "", - Password: "", + Name: "name", + URL: "http://example.com/", + CertFile: "", + KeyFile: "", + Username: "", + Password: "", + PassCredentials: "", }, }, helm: &exectest.Helm{}, - want: []string{"name", "http://example.com/", "", "", "", "", "", ""}, + want: []string{"name", "http://example.com/", "", "", "", "", "", "", ""}, }, { name: "ACR hosted repository", @@ -903,51 +904,70 @@ func TestHelmState_SyncRepos(t *testing.T) { }, }, helm: &exectest.Helm{}, - want: []string{"name", "", "", "", "", "", "", "acr"}, + want: []string{"name", "", "", "", "", "", "", "acr", ""}, }, { name: "repository with cert and key", repos: []RepositorySpec{ { - Name: "name", - URL: "http://example.com/", - CertFile: "certfile", - KeyFile: "keyfile", - Username: "", - Password: "", + Name: "name", + URL: "http://example.com/", + CertFile: "certfile", + KeyFile: "keyfile", + Username: "", + Password: "", + PassCredentials: "", }, }, helm: &exectest.Helm{}, - want: []string{"name", "http://example.com/", "", "certfile", "keyfile", "", "", ""}, + want: []string{"name", "http://example.com/", "", "certfile", "keyfile", "", "", "", ""}, }, { name: "repository with ca file", repos: []RepositorySpec{ { - Name: "name", - URL: "http://example.com/", - CaFile: "cafile", - Username: "", - Password: "", + Name: "name", + URL: "http://example.com/", + CaFile: "cafile", + Username: "", + Password: "", + PassCredentials: "", }, }, helm: &exectest.Helm{}, - want: []string{"name", "http://example.com/", "cafile", "", "", "", "", ""}, + want: []string{"name", "http://example.com/", "cafile", "", "", "", "", "", ""}, }, { name: "repository with username and password", repos: []RepositorySpec{ { - Name: "name", - URL: "http://example.com/", - CertFile: "", - KeyFile: "", - Username: "example_user", - Password: "example_password", + Name: "name", + URL: "http://example.com/", + CertFile: "", + KeyFile: "", + Username: "example_user", + Password: "example_password", + PassCredentials: "", }, }, helm: &exectest.Helm{}, - want: []string{"name", "http://example.com/", "", "", "", "example_user", "example_password", ""}, + want: []string{"name", "http://example.com/", "", "", "", "example_user", "example_password", "", ""}, + }, + { + name: "repository with username and password and pass-credentials", + repos: []RepositorySpec{ + { + Name: "name", + URL: "http://example.com/", + CertFile: "", + KeyFile: "", + Username: "example_user", + Password: "example_password", + PassCredentials: "true", + }, + }, + helm: &exectest.Helm{}, + want: []string{"name", "http://example.com/", "", "", "", "example_user", "example_password", "", "true"}, }, } for i := range tests {