Adds `--suppress-secrets` to `helmfile apply` and `helmfile diff`, so that the diff command omits the contents of secrets from its output. This is a security feature that should always be turned on for CI/CD use-cases.
With `--suppress-secrets`, the output when there is any change looks like:
```
Comparing bar stable/grafana
default, baz-grafana, Secret (v1) has changed:
+ Changes suppressed on sensitive content of type Secret
```
Resolves#269
`helmfile lint` works with relative chart reference (#252)
The tempalte function `readFile` accepts the path relative to helmfile.yaml
Resolves#246Fixes#252
Fixes#233
Output on values render error:
```
err: failed to render [/Users/sstarcher/xxx/xxx/values.yaml], because of template: stringTemplate:10:18: executing "stringTemplate" at <requiredEnv "HELM_AC...>: error calling requiredEnv: required env var `HELM_ACCOUNT` is not set
```
Also removes panic and sets the output as `apps.Run()` can and will return errors. Panic makes no sense.
Changelog:
* improve error handling for value rendering
* only output if error exists
* add exit status
Adds the `--detailed-exitcode` to the `helmfile diff` command to return `1` on failure, and `2` when no error but diff is seen.
This feature requires the latest `helm-diff` containing https://github.com/databus23/helm-diff/pull/78, and `helm` containing https://github.com/helm/helm/pull/4367.
This is verified to work by manually running commands like the followings:
```bash
./helmfile --helm-binary helm211dev -f ./examples/helmfile.d diff --detailed-exitcode; echo $?
./helmfile --helm-binary helm211dev -f ./examples/helmfile.d diff; echo $?
```
Note that, in above example commands, `helm211dev` is a custom `helm` binary that is built from helm's master branch containing [the necessary enhancement to allow propagate non-zero plugin exit code](https://github.com/helm/helm/pull/4367).
Fixes#187
Changelog:
* fix: `helmfile -f dir/ -l k=v sync` fails on first helmfile w/ no match
* fix(ux): present the filename if the selector did not match any releases
```console
$ helmfile -f helmfile.d/ -l foo=bar sync
2018/07/12 23:37:29 specified selector did not match any releases in helmfile.d/00-backend.yaml
2018/07/12 23:37:29 specified selector did not match any releases in helmfile.d/01-frontend.yaml
2018/07/12 23:37:29 err: specified selector did not match any releases in any helmfile
```
Add tillerNamespace and kubeContext to helmDefaults. Also add merging of args capability.
People can start adding additional fields under helmDefaults on top of this. The additional fields are merged to args as long as they are implemented using the framework introduced by this commit.
Changelog:
* adding merging for helm defaults args and --args, adding tillernamspace, kubecontext to helmdefaults, adding getargs to lint command
* adding docs for helmdefaults
* checking if empty default values
The use case is to have a list of helmfile releases version controlled together with all settings and have a CI pipeline that will lint all releases with settings before running sync. The new functionality was mostly copy pasted from the Diff implementation with some extra handling for fetching remote charts.
Notes:
* Added release name to chart path to avoid potential race condition when fetching the chart
**Feature**
An additional sub-command to the helmfile binary; helmfile test
**Why**
Helm provides helm test (https://github.com/kubernetes/helm/blob/master/docs/chart_tests.md) as a method to run automated tests post chart install to ensure things are working as they should be.
It would be nice to be able to run something like helmfile test against a particular helmfile in order to run helm tests against all charts/releases defined in the file. Either as part of the sync (i.e. helmfile sync --test) to be ran immediately after the corresponding chart is installed, or as a separate command ran after a sync (i.e. helmfile test).
A chart without tests will exit with a 0 status, so it can be safely ran against any charts.
**Notes**
`--cleanup` (bool) & `--timeout` (default: 300) are available as first class arguments. Additional arguments can be passed to the helm binary as with other sub commands using `--args=`
Resolves#144
If an entry in the `values` section of a helmfile is an absolute
path, then it would be erroneously prefixed with the base path.
This would cause `helmfile sync` to fail because the value.yaml file
would not exist at the incorrectly prefixed path.
`helmfile delete` has been implying `--purge` but it is not the case since this change.
The new behavior is `helmfile delete --purge` to actually purge releases.
Run just `helmfile delete` to delete releases but not purge them.
Resolves#71
path.Dir() does not support Windows-style directory separators (backslashes). This caused invocations such as "helmfile -f subdir\helmfile.yml" to fail. Fixed by using filepath.Dir() instead.
This adds `releases[].labels` in which you can set arbitrary number of key-value pairs, so that commands like `helmfile sync --selector key=value` can be used to run the helmfile subcommand against a subnet of declared releases.
`labels` and `selector` are named as such on purpose of being consistent with terminology of Kubernetes and other tools in the K8S ecosystem, including kubectl, stern, helm, and so on.
Resolves#8
This is important for deployments where the chart repo is protected by client cert validation.
helmfile.yaml is extended to support `certFile` and `keyFile`:
```
repositories:
- name: roboll
url: http://roboll.io/charts
certFile: optional_client_cert
keyFile: optional_client_key
```
Everything works the same if you don't provide values for them.
Regarding the implementation, the "helm repo add" command already supports the cert-file and key-file values, so we just have to pass them through.
KUOKA Yusuke
Shane Starcher
rmartinez3
Johan Lyheden
Cedric Meury
Dan O'Brien
Mike Eves
David Bliss
Hidetake Iwata
Bastian Eicher
Andreas Bieber
Daniel
Alex Withrow
Greg Burton