diff --git a/docs/parameter_reference.md b/docs/parameter_reference.md index 1379ba5..129586b 100644 --- a/docs/parameter_reference.md +++ b/docs/parameter_reference.md @@ -6,6 +6,7 @@ | mode | string | helm_command | Indicates the operation to perform. Recommended, but not required. Valid options are `upgrade`, `uninstall`, `lint`, and `help`. | | update_dependencies | boolean | | Calls `helm dependency update` before running the main command.| | add_repos | list\ | helm_repos | Calls `helm repo add $repo` before running the main command. Each string should be formatted as `repo_name=https://repo.url/`. | +| repo_ca_file | string | | TLS certificate for a chart repository certificate authority. Only applicable when using `add_repos`. | | namespace | string | | Kubernetes namespace to use for this operation. | | debug | boolean | | Generate debug output within drone-helm3 and pass `--debug` to all helm commands. Use with care, since the debug output may include secrets. | diff --git a/internal/helm/config.go b/internal/helm/config.go index b633439..5d3d75f 100644 --- a/internal/helm/config.go +++ b/internal/helm/config.go @@ -24,6 +24,7 @@ type Config struct { DroneEvent string `envconfig:"DRONE_BUILD_EVENT"` // Drone event that invoked this plugin. UpdateDependencies bool `split_words:"true"` // Call `helm dependency update` before the main command AddRepos []string `split_words:"true"` // Call `helm repo add` before the main command + RepoCAFile string `envconfig:"repo_ca_file"` // CA certificate for `helm repo add` Debug bool `` // Generate debug output and pass --debug to all helm commands Values string `` // Argument to pass to --set in applicable helm commands StringValues string `split_words:"true"` // Argument to pass to --set-string in applicable helm commands diff --git a/internal/helm/plan.go b/internal/helm/plan.go index 48f3f5f..6023c1e 100644 --- a/internal/helm/plan.go +++ b/internal/helm/plan.go @@ -171,7 +171,8 @@ func addRepos(cfg Config) []Step { steps := make([]Step, 0) for _, repo := range cfg.AddRepos { steps = append(steps, &run.AddRepo{ - Repo: repo, + Repo: repo, + CAFile: cfg.RepoCAFile, }) } diff --git a/internal/helm/plan_test.go b/internal/helm/plan_test.go index 1bc3e11..1a6b4f3 100644 --- a/internal/helm/plan_test.go +++ b/internal/helm/plan_test.go @@ -291,6 +291,7 @@ func (suite *PlanTestSuite) TestAddRepos() { "first=https://add.repos/one", "second=https://add.repos/two", }, + RepoCAFile: "state_licensure.repo.cert", } steps := addRepos(cfg) suite.Require().Equal(2, len(steps), "addRepos should add one step per repo") @@ -301,6 +302,8 @@ func (suite *PlanTestSuite) TestAddRepos() { suite.Equal(first.Repo, "first=https://add.repos/one") suite.Equal(second.Repo, "second=https://add.repos/two") + suite.Equal(first.CAFile, "state_licensure.repo.cert") + suite.Equal(second.CAFile, "state_licensure.repo.cert") } func (suite *PlanTestSuite) TestLint() { diff --git a/internal/run/addrepo.go b/internal/run/addrepo.go index 3382957..40f8740 100644 --- a/internal/run/addrepo.go +++ b/internal/run/addrepo.go @@ -7,8 +7,9 @@ import ( // AddRepo is an execution step that calls `helm repo add` when executed. type AddRepo struct { - Repo string - cmd cmd + Repo string + CAFile string + cmd cmd } // Execute executes the `helm repo add` command. @@ -38,7 +39,11 @@ func (a *AddRepo) Prepare(cfg Config) error { args = append(args, "--debug") } - args = append(args, "repo", "add", name, url) + args = append(args, "repo", "add") + if a.CAFile != "" { + args = append(args, "--ca-file", a.CAFile) + } + args = append(args, name, url) a.cmd = command(helmBin, args...) a.cmd.Stdout(cfg.Stdout) diff --git a/internal/run/addrepo_test.go b/internal/run/addrepo_test.go index ad42d06..4a8445c 100644 --- a/internal/run/addrepo_test.go +++ b/internal/run/addrepo_test.go @@ -97,6 +97,19 @@ func (suite *AddRepoTestSuite) TestPrepareWithEqualSignInURL() { suite.Contains(suite.commandArgs, "https://github.com/arthur_claypool/samaritan?version=2.1") } +func (suite *AddRepoTestSuite) TestRepoAddFlags() { + suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes() + suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes() + cfg := Config{} + a := AddRepo{ + Repo: "machine=https://github.com/harold_finch/themachine", + CAFile: "./helm/reporepo.cert", + } + suite.NoError(a.Prepare(cfg)) + suite.Equal([]string{"repo", "add", "--ca-file", "./helm/reporepo.cert", + "machine", "https://github.com/harold_finch/themachine"}, suite.commandArgs) +} + func (suite *AddRepoTestSuite) TestNamespaceFlag() { suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes() suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()