[pull] master from databus23:master #42
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
* Suppress diff output by regex Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * Added unit tests Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * Keep changed filename in output Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * Update diff/diff.go Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com> * extract method Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * hide filteredReport Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * skip doSuppress, if report is empty Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> * Add unit tests for DoSuppress --------- Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de> Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com>
Helm PR helm/helm#9426 enables support for executing lookups during dry run. This PR is to make use of this new support in helm-diff. Backwards compatibility for older versions of helm is maintained by checking the helm version before setting the flag Addresses issue: #449 Signed-off-by: MichaelMorris <michael.morris@est.tech>
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.9.0 to 0.17.0. - [Commits](golang/net@v0.9.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
…package.
See,
cmd/upgrade.go:14:2: import 'github.com/pkg/errors' is not allowed from list 'main': Should be replaced by standard lib errors package (depguard)
"github.com/pkg/errors"
^
Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
This intends to fix a potential security issue introduced via #458 before cutting the next helm-diff release. Since #458 (unreleased), we had forced helm-diff to use `helm template --dry-run=server` for Helm 3.13 or greater. I think this can create an unintended security hole, where any users, who can run helm-diff via CI or any automation with an arbitrary chart and values, is able to view cluster resources via helm template's `lookup` functions. Previously this was impossible because `helm template` run by `helm diff` had no access to the `lookup` function. To fix this, we need to make `--dry-run=server` optional. And we do so by changing helm-diff's `--dry-run` flag to accept only only booleans but also `client` and `server`. The updated flag usage is `--dry-run[=[|true|false|client|server]]`. See the updated README and the updated helm-diff help message for more details.
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.0 to 1.7.11. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.0...v1.7.11) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](golang/crypto@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Automate releases using GHA To publish a release, we currently have to run `make docker-run-release` locally after tagging a release, which is not a huge effort but a bit cumbersome, because we do it only a few times a year and that is long enough to lose my memory :) Starting this change, we use a GHA workflow to automatically build and publish binaries whenever a new semver tag is created, so that we do not need to run `make` anymore. * Applies bonddim's suggestion. Thx! * We do have to wrap files in the diff dir. See #480 (comment)
Signed-off-by: yxxhero <aiopsclub@163.com>
* Added dependabot config * Update actions, move shell-lint to separate workflow * Add workflow to delete PR cache
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@v4...v5) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [luizm/action-sh-checker](https://github.com/luizm/action-sh-checker) from 0.7.0 to 0.8.0. - [Release notes](https://github.com/luizm/action-sh-checker/releases) - [Commits](luizm/action-sh-checker@v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: luizm/action-sh-checker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/kubernetes-sigs/yaml/releases) - [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md) - [Commits](kubernetes-sigs/yaml@v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/yaml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/homeport/dyff](https://github.com/homeport/dyff) from 1.5.7 to 1.6.0. - [Release notes](https://github.com/homeport/dyff/releases) - [Changelog](https://github.com/homeport/dyff/blob/main/.goreleaser.yml) - [Commits](homeport/dyff@v1.5.7...v1.6.0) --- updated-dependencies: - dependency-name: github.com/homeport/dyff dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.15.0 to 0.16.0. - [Commits](golang/term@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0. - [Release notes](https://github.com/google/go-cmp/releases) - [Commits](google/go-cmp@v0.5.9...v0.6.0) --- updated-dependencies: - dependency-name: github.com/google/go-cmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Missed bumping it when we released 3.9.1 🤦
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.13.3 to 3.14.0. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.13.3...v3.14.0) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump k8s.io/api from 0.32.3 to 0.33.0 Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.32.3 to 0.33.0. - [Commits](kubernetes/api@v0.32.3...v0.33.0) --- updated-dependencies: - dependency-name: k8s.io/api dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix more lint issues Signed-off-by: yxxhero <aiopsclub@163.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: yxxhero <aiopsclub@163.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: yxxhero <aiopsclub@163.com>
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.32.3 to 0.33.0. - [Commits](kubernetes/cli-runtime@v0.32.3...v0.33.0) --- updated-dependencies: - dependency-name: k8s.io/cli-runtime dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#770) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.32.3 to 0.33.0. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.32.3...v0.33.0) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump golangci/golangci-lint-action from 7 to 8 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 7 to 8. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@v7...v8) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix lint error Signed-off-by: yxxhero <aiopsclub@163.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: yxxhero <aiopsclub@163.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: yxxhero <aiopsclub@163.com>
#781) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.33.0 to 0.33.1. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.33.0...v0.33.1) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.31.0 to 0.32.0. - [Commits](golang/term@v0.31.0...v0.32.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build: update Helm and Go dependencies to latest versions Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
* add secret decode diff Signed-off-by: yxxhero <aiopsclub@163.com>
* refactor(diff): extract secret handling to preHandleSecrets Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.33.0 to 0.33.1. - [Commits](kubernetes/cli-runtime@v0.33.0...v0.33.1) --- updated-dependencies: - dependency-name: k8s.io/cli-runtime dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* typo: Fix a minor typo * Print error messages to stderr, not stdout Messages that help the reader make sense of the output are printed to stdout and not to stderr right now. When using the structured output options (such as `--output json`), this causes the output to not be valid JSON. It requires the user to filter out the non-JSON lines from the output and then pipe the output to programs that expect valid JSON input (such as [`jq`]) We are using the Helm diff plugin when deploying to our production environments, and we need to [filter] these lines out from the output. The logic that we have implemented is fragile and we would have to keep it in sync with changes in the Helm Diff plugin itself. A better way to do this would be to print the messages for the reader to standard error, and keep the standard output purely output that can be piped into another program without any changes. I believe that this is a common pattern for tools that create structured output. This PR updates the messages that are printed in the helm-diff upgrade command. I have included the before and after outputs related to this change. One concern with this change is if plugin users are using this line in their scripts to detect something (for example: the line `Release was not present` may be used to detect that a new release will be installed into the cluster) If this change is accepted, it would be good to add an entry in the changelog or release message about this change and how it might affect plugin users. In order to output the commit that was built in the binary, I used the following command: ```sh $ go build -v -o bin/diff -ldflags="-X github.com/databus23/helm-diff/v3/cmd.Version=$(git rev-parse HEAD)" ``` \### Before ```sh $ helm diff version 05264b7 $ HELM_DIFF_THREE_WAY_MERGE="true" HELM_DIFF_NORMALIZE_MANIFESTS="true" helm diff upgrade --output json --allow-unreleased wait-for-duration ./ | jq . jq: parse error: Invalid numeric literal at line 1, column 8 Error: plugin "diff" exited with error ``` \### After Once the messages are moved to `stderr`, the output can be parsed properly by `jq`. It is also possible to pipe these messages to `/dev/null`, if we want to see only the structured output. ```sh $ helm diff version 447393a3f61b0c7747fa284ef73de91d0ac216bf $ HELM_DIFF_THREE_WAY_MERGE="true" HELM_DIFF_NORMALIZE_MANIFESTS="true" helm diff upgrade --output json --allow-unreleased wait-for-duration ./ | jq . Enabled three way merge via the envvar Enabled normalize manifests via the envvar ******************** Release was not present in Helm. Diff will show entire contents as new. ******************** [ { "api": "batch", "kind": "Job", "namespace": "default", "name": "sample-job-testing-blocking", "change": "ADD" } ] $ HELM_DIFF_THREE_WAY_MERGE="true" HELM_DIFF_NORMALIZE_MANIFESTS="true" helm diff upgrade --output json --allow-unreleased wait-for-duration ./ 2>/dev/null | jq . [ { "api": "batch", "kind": "Job", "namespace": "default", "name": "sample-job-testing-blocking", "change": "ADD" } ] ``` [`jq`]: https://jqlang.org/ [filter]: https://gitlab.com/gitlab-com/gl-infra/k8s-workloads/gitlab-com/-/blob/18aa8f083d5e45bc97f7745abda6fb50e45eab6a/bin/k-ctl
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.33.1 to 0.33.2. - [Commits](kubernetes/apimachinery@v0.33.1...v0.33.2) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-version: 0.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.2 to 3.18.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.18.2...v3.18.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: yxxhero <aiopsclub@163.com>
#801) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.33.1 to 0.33.2. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.33.1...v0.33.2) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-version: 0.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.33.1 to 0.33.2. - [Commits](kubernetes/cli-runtime@v0.33.1...v0.33.2) --- updated-dependencies: - dependency-name: k8s.io/cli-runtime dependency-version: 0.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#806) Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) from 3.3.1 to 3.4.0. - [Release notes](https://github.com/Masterminds/semver/releases) - [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md) - [Commits](Masterminds/semver@v3.3.1...v3.4.0) --- updated-dependencies: - dependency-name: github.com/Masterminds/semver/v3 dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/gonvenience/bunt](https://github.com/gonvenience/bunt) from 1.4.1 to 1.4.2. - [Release notes](https://github.com/gonvenience/bunt/releases) - [Commits](gonvenience/bunt@v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: github.com/gonvenience/bunt dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/kubernetes-sigs/yaml/releases) - [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md) - [Commits](kubernetes-sigs/yaml@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/yaml dependency-version: 1.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )