workaround: leave the globally set helm repo to empty and add disclaimer - release 2.27 (#410)

2025-02-11 15:36:33 +13:00 · 2025-02-11 15:36:33 +13:00 · 9ac8641f7e
parent 0fddedc1a9
commit 9ac8641f7e
12 changed files with 76 additions and 24 deletions
--- a/api/database/boltdb/json_test.go
+++ b/api/database/boltdb/json_test.go
@ -10,7 +10,7 @@ import (
 )

 const (
-	jsonobject = `{"LogoURL":"","BlackListedLabels":[],"AuthenticationMethod":1,"InternalAuthSettings": {"RequiredPasswordLength": 12}"LDAPSettings":{"AnonymousMode":true,"ReaderDN":"","URL":"","TLSConfig":{"TLS":false,"TLSSkipVerify":false},"StartTLS":false,"SearchSettings":[{"BaseDN":"","Filter":"","UserNameAttribute":""}],"GroupSearchSettings":[{"GroupBaseDN":"","GroupFilter":"","GroupAttribute":""}],"AutoCreateUsers":true},"OAuthSettings":{"ClientID":"","AccessTokenURI":"","AuthorizationURI":"","ResourceURI":"","RedirectURI":"","UserIdentifier":"","Scopes":"","OAuthAutoCreateUsers":false,"DefaultTeamID":0,"SSO":true,"LogoutURI":"","KubeSecretKey":"j0zLVtY/lAWBk62ByyF0uP80SOXaitsABP0TTJX8MhI="},"OpenAMTConfiguration":{"Enabled":false,"MPSServer":"","MPSUser":"","MPSPassword":"","MPSToken":"","CertFileContent":"","CertFileName":"","CertFilePassword":"","DomainName":""},"FeatureFlagSettings":{},"SnapshotInterval":"5m","TemplatesURL":"https://raw.githubusercontent.com/portainer/templates/master/templates-2.0.json","EdgeAgentCheckinInterval":5,"EnableEdgeComputeFeatures":false,"UserSessionTimeout":"8h","KubeconfigExpiry":"0","EnableTelemetry":true,"HelmRepositoryURL":"https://charts.bitnami.com/bitnami","KubectlShellImage":"portainer/kubectl-shell","DisplayDonationHeader":false,"DisplayExternalContributors":false,"EnableHostManagementFeatures":false,"AllowVolumeBrowserForRegularUsers":false,"AllowBindMountsForRegularUsers":false,"AllowPrivilegedModeForRegularUsers":false,"AllowHostNamespaceForRegularUsers":false,"AllowStackManagementForRegularUsers":false,"AllowDeviceMappingForRegularUsers":false,"AllowContainerCapabilitiesForRegularUsers":false}`
+	jsonobject = `{"LogoURL":"","BlackListedLabels":[],"AuthenticationMethod":1,"InternalAuthSettings": {"RequiredPasswordLength": 12}"LDAPSettings":{"AnonymousMode":true,"ReaderDN":"","URL":"","TLSConfig":{"TLS":false,"TLSSkipVerify":false},"StartTLS":false,"SearchSettings":[{"BaseDN":"","Filter":"","UserNameAttribute":""}],"GroupSearchSettings":[{"GroupBaseDN":"","GroupFilter":"","GroupAttribute":""}],"AutoCreateUsers":true},"OAuthSettings":{"ClientID":"","AccessTokenURI":"","AuthorizationURI":"","ResourceURI":"","RedirectURI":"","UserIdentifier":"","Scopes":"","OAuthAutoCreateUsers":false,"DefaultTeamID":0,"SSO":true,"LogoutURI":"","KubeSecretKey":"j0zLVtY/lAWBk62ByyF0uP80SOXaitsABP0TTJX8MhI="},"OpenAMTConfiguration":{"Enabled":false,"MPSServer":"","MPSUser":"","MPSPassword":"","MPSToken":"","CertFileContent":"","CertFileName":"","CertFilePassword":"","DomainName":""},"FeatureFlagSettings":{},"SnapshotInterval":"5m","TemplatesURL":"https://raw.githubusercontent.com/portainer/templates/master/templates-2.0.json","EdgeAgentCheckinInterval":5,"EnableEdgeComputeFeatures":false,"UserSessionTimeout":"8h","KubeconfigExpiry":"0","EnableTelemetry":true,"HelmRepositoryURL":"https://kubernetes.github.io/ingress-nginx","KubectlShellImage":"portainer/kubectl-shell","DisplayDonationHeader":false,"DisplayExternalContributors":false,"EnableHostManagementFeatures":false,"AllowVolumeBrowserForRegularUsers":false,"AllowBindMountsForRegularUsers":false,"AllowPrivilegedModeForRegularUsers":false,"AllowHostNamespaceForRegularUsers":false,"AllowStackManagementForRegularUsers":false,"AllowDeviceMappingForRegularUsers":false,"AllowContainerCapabilitiesForRegularUsers":false}`
 	passphrase = "my secret key"
 )

--- a/api/datastore/test_data/output_24_to_latest.json
+++ b/api/datastore/test_data/output_24_to_latest.json
@ -605,7 +605,7 @@
    "GlobalDeploymentOptions": {
      "hideStacksFunctionality": false
    },
-    "HelmRepositoryURL": "https://charts.bitnami.com/bitnami",
+    "HelmRepositoryURL": "",
    "InternalAuthSettings": {
      "RequiredPasswordLength": 12
    },
--- a/api/http/handler/helm/helm_install_test.go
+++ b/api/http/handler/helm/helm_install_test.go
@ -45,7 +45,7 @@ func Test_helmInstall(t *testing.T) {
 	is.NotNil(h, "Handler should not fail")

 	// Install a single chart.  We expect to get these values back
-	options := options.InstallOptions{Name: "nginx-1", Chart: "nginx", Namespace: "default", Repo: "https://charts.bitnami.com/bitnami"}
+	options := options.InstallOptions{Name: "nginx-1", Chart: "nginx", Namespace: "default", Repo: "https://kubernetes.github.io/ingress-nginx"}
 	optdata, err := json.Marshal(options)
 	is.NoError(err)

--- a/api/http/handler/helm/helm_repo_search_test.go
+++ b/api/http/handler/helm/helm_repo_search_test.go
@ -20,7 +20,7 @@ func Test_helmRepoSearch(t *testing.T) {

 	assert.NotNil(t, h, "Handler should not fail")

-	repos := []string{"https://charts.bitnami.com/bitnami", "https://portainer.github.io/k8s"}
+	repos := []string{"https://kubernetes.github.io/ingress-nginx", "https://portainer.github.io/k8s"}

 	for _, repo := range repos {
 		t.Run(repo, func(t *testing.T) {
--- a/api/http/handler/helm/helm_show_test.go
+++ b/api/http/handler/helm/helm_show_test.go
@ -31,7 +31,7 @@ func Test_helmShow(t *testing.T) {
 		t.Run(cmd, func(t *testing.T) {
 			is.NotNil(h, "Handler should not fail")

-			repoUrlEncoded := url.QueryEscape("https://charts.bitnami.com/bitnami")
+			repoUrlEncoded := url.QueryEscape("https://kubernetes.github.io/ingress-nginx")
 			chart := "nginx"
 			req := httptest.NewRequest("GET", fmt.Sprintf("/templates/helm/%s?repo=%s&chart=%s", cmd, repoUrlEncoded, chart), nil)
 			rr := httptest.NewRecorder()
--- a/api/http/handler/settings/settings_update.go
+++ b/api/http/handler/settings/settings_update.go
@ -46,7 +46,7 @@ type settingsUpdatePayload struct {
 	// Whether telemetry is enabled
 	EnableTelemetry *bool `example:"false"`
 	// Helm repository URL
-	HelmRepositoryURL *string `example:"https://charts.bitnami.com/bitnami"`
+	HelmRepositoryURL *string `example:"https://kubernetes.github.io/ingress-nginx"`
 	// Kubectl Shell Image
 	KubectlShellImage *string `example:"portainer/kubectl-shell:latest"`
 	// TrustOnFirstConnect makes Portainer accepting edge agent connection by default
--- a/api/portainer.go
+++ b/api/portainer.go
@ -588,7 +588,7 @@ type (
 		// User identifier
 		UserID UserID `json:"UserId" example:"1"`
 		// Helm repository URL
-		URL string `json:"URL" example:"https://charts.bitnami.com/bitnami"`
+		URL string `json:"URL" example:"https://kubernetes.github.io/ingress-nginx"`
 	}

 	// QuayRegistryData represents data required for Quay registry to work
@ -984,8 +984,8 @@ type (
 		KubeconfigExpiry string `json:"KubeconfigExpiry" example:"24h"`
 		// Whether telemetry is enabled
 		EnableTelemetry bool `json:"EnableTelemetry" example:"false"`
-		// Helm repository URL, defaults to "https://charts.bitnami.com/bitnami"
-		HelmRepositoryURL string `json:"HelmRepositoryURL" example:"https://charts.bitnami.com/bitnami"`
+		// Helm repository URL, defaults to ""
+		HelmRepositoryURL string `json:"HelmRepositoryURL"`
 		// KubectlImage, defaults to portainer/kubectl-shell
 		KubectlShellImage string `json:"KubectlShellImage" example:"portainer/kubectl-shell"`
 		// TrustOnFirstConnect makes Portainer accepting edge agent connection by default
@ -1672,8 +1672,8 @@ const (
 	DefaultEdgeAgentCheckinIntervalInSeconds = 5
 	// DefaultTemplatesURL represents the URL to the official templates supported by Portainer
 	DefaultTemplatesURL = "https://raw.githubusercontent.com/portainer/templates/v3/templates.json"
-	// DefaultHelmrepositoryURL represents the URL to the official templates supported by Bitnami
-	DefaultHelmRepositoryURL = "https://charts.bitnami.com/bitnami"
+	// DefaultHelmrepositoryURL set to empty string until oci support is added
+	DefaultHelmRepositoryURL = ""
 	// DefaultUserSessionTimeout represents the default timeout after which the user session is cleared
 	DefaultUserSessionTimeout = "8h"
 	// DefaultUserSessionTimeout represents the default timeout after which the user session is cleared
--- a/app/kubernetes/components/helm/helm-templates/helm-templates-list/helm-templates-list.html
+++ b/app/kubernetes/components/helm/helm-templates/helm-templates-list/helm-templates-list.html
@ -31,10 +31,40 @@
      >Select the Helm chart to use. Bring further Helm charts into your selection list via
      <a ui-sref="portainer.account({'#': 'helm-repositories'})">User settings - Helm repositories</a>.</div
    >
-    <beta-alert
-      is-html="true"
-      message="'Beta feature - so far, this functionality has been tested in limited scenarios. For more information, see this <a href=\'https://www.portainer.io/blog/portainer-now-with-helm-support\' target=\'_blank\' class=\'hyperlink\'>blog post on Portainer Helm support</a>.'"
-    ></beta-alert>
+    <div class="w-full">
+      <div class="small text-muted mb-2"
+        >Select the Helm chart to use. Bring further Helm charts into your selection list via
+        <a ui-sref="portainer.account({'#': 'helm-repositories'})">User settings - Helm repositories</a>.</div
+      >
+      <div class="relative flex w-fit gap-1 rounded-lg bg-gray-modern-3 p-4 text-sm th-highcontrast:bg-legacy-grey-3 th-dark:bg-legacy-grey-3 mt-2">
+        <div class="mt-0.5 shrink-0">
+          <svg
+            xmlns="http://www.w3.org/2000/svg"
+            width="24"
+            height="24"
+            viewBox="0 0 24 24"
+            fill="none"
+            stroke="currentColor"
+            stroke-width="2"
+            stroke-linecap="round"
+            stroke-linejoin="round"
+            class="lucide lucide-lightbulb h-4 text-warning-7 th-highcontrast:text-warning-6 th-dark:text-warning-6"
+          >
+            <path d="M15 14c.2-1 .7-1.7 1.5-2.5 1-.9 1.5-2.2 1.5-3.5A6 6 0 0 0 6 8c0 1 .2 2.2 1.5 3.5.7.7 1.3 1.5 1.5 2.5"></path>
+            <path d="M9 18h6"></path>
+            <path d="M10 22h4"></path>
+          </svg>
+        </div>
+        <div>
+          <p class="align-middle text-[0.9em] font-medium pr-10 mb-2">Disclaimer</p>
+          <div class="small">
+            At present Portainer does not support OCI format Helm charts. Support for OCI charts will be available in a future release.<br />
+            If you would like to provide feedback on OCI support or get access to early releases to test this functionality,
+            <a href="https://bit.ly/3WVkayl" target="_blank" rel="noopener noreferrer">please get in touch</a>.
+          </div>
+        </div>
+      </div>
+    </div>
  </div>

  <div class="blocklist !px-0" role="list">
--- a/app/react/portainer/settings/SettingsView/KubeSettingsPanel/HelmSection.tsx
+++ b/app/react/portainer/settings/SettingsView/KubeSettingsPanel/HelmSection.tsx
@ -4,6 +4,7 @@ import { TextTip } from '@@/Tip/TextTip';
 import { FormControl } from '@@/form-components/FormControl';
 import { FormSection } from '@@/form-components/FormSection';
 import { Input } from '@@/form-components/Input';
+import { InsightsBox } from '@@/InsightsBox';

 export function HelmSection() {
  const [{ name }, { error }] = useField<string>('helmRepositoryUrl');
@ -24,13 +25,34 @@ export function HelmSection() {
        </TextTip>
      </div>

+      <InsightsBox
+        header="Disclaimer"
+        content={
+          <>
+            At present Portainer does not support OCI format Helm charts.
+            Support for OCI charts will be available in a future release. If you
+            would like to provide feedback on OCI support or get access to early
+            releases to test this functionality,{' '}
+            <a
+              href="https://bit.ly/3WVkayl"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              please get in touch
+            </a>
+            .
+          </>
+        }
+        className="block w-fit mt-2 mb-1"
+      />
+
      <FormControl label="URL" errors={error} inputId="helm-repo-url">
        <Field
          as={Input}
          id="helm-repo-url"
          data-cy="helm-repo-url-input"
          name={name}
-          placeholder="https://charts.bitnami.com/bitnami"
+          placeholder="https://kubernetes.github.io/ingress-nginx"
        />
      </FormControl>
    </FormSection>
--- a/pkg/libhelm/binary/install_test.go
+++ b/pkg/libhelm/binary/install_test.go
@ -53,11 +53,11 @@ func Test_Install(t *testing.T) {
 	hbpm := NewHelmBinaryPackageManager(path)

 	t.Run("successfully installs nginx chart with name test-nginx", func(t *testing.T) {
-		// helm install test-nginx --repo https://charts.bitnami.com/bitnami nginx
+		// helm install test-nginx --repo https://kubernetes.github.io/ingress-nginx nginx
 		installOpts := options.InstallOptions{
 			Name:  "test-nginx",
 			Chart: "nginx",
-			Repo:  "https://charts.bitnami.com/bitnami",
+			Repo:  "https://kubernetes.github.io/ingress-nginx",
 		}

 		release, err := hbpm.Install(installOpts)
@ -67,10 +67,10 @@ func Test_Install(t *testing.T) {
 	})

 	t.Run("successfully installs nginx chart with generated name", func(t *testing.T) {
-		// helm install --generate-name --repo https://charts.bitnami.com/bitnami nginx
+		// helm install --generate-name --repo https://kubernetes.github.io/ingress-nginx nginx
 		installOpts := options.InstallOptions{
 			Chart: "nginx",
-			Repo:  "https://charts.bitnami.com/bitnami",
+			Repo:  "https://kubernetes.github.io/ingress-nginx",
 		}
 		release, err := hbpm.Install(installOpts)
 		defer hbpm.run("uninstall", []string{release.Name}, nil)
@ -79,7 +79,7 @@ func Test_Install(t *testing.T) {
 	})

 	t.Run("successfully installs nginx with values", func(t *testing.T) {
-		// helm install test-nginx-2 --repo https://charts.bitnami.com/bitnami nginx --values /tmp/helm-values3161785816
+		// helm install test-nginx-2 --repo https://kubernetes.github.io/ingress-nginx nginx --values /tmp/helm-values3161785816
 		values, err := createValuesFile("service:\n  port:  8081")
 		is.NoError(err, "should create a values file")

@ -88,7 +88,7 @@ func Test_Install(t *testing.T) {
 		installOpts := options.InstallOptions{
 			Name:       "test-nginx-2",
 			Chart:      "nginx",
-			Repo:       "https://charts.bitnami.com/bitnami",
+			Repo:       "https://kubernetes.github.io/ingress-nginx",
 			ValuesFile: values,
 		}
 		release, err := hbpm.Install(installOpts)
--- a/pkg/libhelm/binary/search_repo_test.go
+++ b/pkg/libhelm/binary/search_repo_test.go
@ -22,7 +22,7 @@ func Test_SearchRepo(t *testing.T) {

 	tests := []testCase{
 		{"not a helm repo", "https://portainer.io", true},
-		{"bitnami helm repo", "https://charts.bitnami.com/bitnami", false},
+		{"ingress helm repo", "https://kubernetes.github.io/ingress-nginx", false},
 		{"portainer helm repo", "https://portainer.github.io/k8s/", false},
 		{"gitlap helm repo with trailing slash", "https://charts.gitlab.io/", false},
 		{"elastic helm repo with trailing slash", "https://helm.elastic.co/", false},
--- a/pkg/libhelm/validate_repo_test.go
+++ b/pkg/libhelm/validate_repo_test.go
@ -26,7 +26,7 @@ func Test_ValidateHelmRepositoryURL(t *testing.T) {
 		{"not helm repo", "http://google.com", true},
 		{"not valid repo with trailing slash", "http://google.com/", true},
 		{"not valid repo with trailing slashes", "http://google.com////", true},
-		{"bitnami helm repo", "https://charts.bitnami.com/bitnami/", false},
+		{"ingress helm repo", "https://kubernetes.github.io/ingress-nginx/", false},
 		{"gitlap helm repo", "https://charts.gitlab.io/", false},
 		{"portainer helm repo", "https://portainer.github.io/k8s/", false},
 		{"elastic helm repo", "https://helm.elastic.co/", false},