From 70c26aabd9f02abedd11cba14413dcae21537b3c Mon Sep 17 00:00:00 2001 From: Josh De Winne Date: Tue, 25 Jun 2024 11:37:54 -0700 Subject: [PATCH 1/3] Require version for helm chart --- pkg/kots/rego/kots-spec-opa-nonrendered.rego | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/pkg/kots/rego/kots-spec-opa-nonrendered.rego b/pkg/kots/rego/kots-spec-opa-nonrendered.rego index 54a1198..d0df68a 100644 --- a/pkg/kots/rego/kots-spec-opa-nonrendered.rego +++ b/pkg/kots/rego/kots-spec-opa-nonrendered.rego @@ -424,6 +424,25 @@ lint[output] { } } +# Check if helm charts in the embedded cluster config contain a version +lint[output] { + rule_name := "ec-helm-extension-version-required" + rule_config := lint_rule_config(rule_name, "error") + not rule_config.off + spec := specs[_] + chart := spec.spec.extensions.helm.charts[index] + not chart.version + field := concat(".", [spec.field, "version", string(index)]) + output := { + "rule": rule_name, + "type": rule_config.level, + "message": "Missing version for Helm Chart extension", + "path": spec.path, + "field": field, + "docIndex": spec.docIndex + } +} + # Check if the kubernetes installer addons versions are valid is_kubernetes_installer(file) { is_kubernetes_installer_api_version(file.content.apiVersion) From b0dfbfc49005ff1a247fd5e29303071c7d7b7940 Mon Sep 17 00:00:00 2001 From: Josh De Winne Date: Tue, 25 Jun 2024 11:42:14 -0700 Subject: [PATCH 2/3] Require version for helm chart --- pkg/kots/rego/kots-spec-opa-nonrendered.rego | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/kots/rego/kots-spec-opa-nonrendered.rego b/pkg/kots/rego/kots-spec-opa-nonrendered.rego index d0df68a..1e680de 100644 --- a/pkg/kots/rego/kots-spec-opa-nonrendered.rego +++ b/pkg/kots/rego/kots-spec-opa-nonrendered.rego @@ -432,7 +432,7 @@ lint[output] { spec := specs[_] chart := spec.spec.extensions.helm.charts[index] not chart.version - field := concat(".", [spec.field, "version", string(index)]) + field := concat(".", [spec.field, "extensions.helm.charts", string(index)]) output := { "rule": rule_name, "type": rule_config.level, From a284f0b897b08b72663c5e40e77f340bebb0f5c5 Mon Sep 17 00:00:00 2001 From: Josh De Winne Date: Tue, 25 Jun 2024 11:56:42 -0700 Subject: [PATCH 3/3] adding test --- pkg/kots/lint_test.go | 51 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/pkg/kots/lint_test.go b/pkg/kots/lint_test.go index c160081..ceea362 100644 --- a/pkg/kots/lint_test.go +++ b/pkg/kots/lint_test.go @@ -3196,6 +3196,57 @@ spec: }, }, }, + { + name: "missing required version for Helm extension in embedded cluster config", + specFiles: domain.SpecFiles{ + validPreflightSpec, + validConfigSpec, + validSupportBundleSpec, + validKotsAppSpec, + { + Name: "ec-config.yaml", + Path: "ec-config.yaml", + Content: `apiVersion: embeddedcluster.replicated.com/v1beta1 +kind: Config +spec: + version: "v1.2.2+k8s-1.29" + roles: + controller: + name: management + labels: + management: "true" + custom: + - name: app + labels: + app: "true" + extensions: + helm: + repositories: + - name: ingress-nginx + url: https://kubernetes.github.io/ingress-nginx + charts: + - name: ingress-nginx + chartname: ingress-nginx/ingress-nginx + namespace: ingress-nginx +`, + }, + }, + expect: []domain.LintExpression{ + { + Rule: "ec-helm-extension-version-required", + Path: "ec-config.yaml", + Type: "error", + Message: "Missing version for Helm Chart extension", + Positions: []domain.LintExpressionItemPosition{ + { + Start: domain.LintExpressionItemLinePosition{ + Line: 20, + }, + }, + }, + }, + }, + }, { name: "duplicate kots kinds in release", specFiles: domain.SpecFiles{