public_git
/
helmfile
mirror of https://github.com/helmfile/helmfile.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix-insecure-flag (#2072) 

Signed-off-by: tcase44 <toblerone.tc@gmail.com>
Co-authored-by: tcase44 <toblerone.tc@gmail.com>
This commit is contained in:
anontrex 2025-06-09 19:08:10 +10:00 committed by GitHub
parent f0f828b2fd
commit 3df6442bd1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/remote/remote.go
View File

@ -190,6 +190,11 @@ func (r *Remote) Fetch(path string, cacheDirOpt ...string) (string, error) {
return "", err
}
// Block remote access if insecure features are disabled and the source is remote
if disableInsecureFeatures && IsRemote(path) {
return "", fmt.Errorf("remote sources are disabled due to 'HELMFILE_DISABLE_INSECURE_FEATURES'")
}
srcDir := fmt.Sprintf("%s://%s/%s", u.Scheme, u.Host, u.Dir)
file := u.File
@ -532,9 +537,6 @@ func ParseS3Url(s3URL string) (string, string, error) {
}
func NewRemote(logger *zap.SugaredLogger, homeDir string, fs *filesystem.FileSystem) *Remote {
if disableInsecureFeatures {
panic("Remote sources are disabled due to 'DISABLE_INSECURE_FEATURES'")
}
remote := &Remote{
Logger: logger,
Home: homeDir,