Properly lock chart dependencies #326

Merged
luhahn merged 2 commits from justusbunsi/helm-chart:dependency-hardening into master 2 months ago
Collaborator

As mentioned in the Bitnami chart issue, they've created a git tag to
represent the latest full content index.yaml. This should be used
instead of a commit that could be changed.

https://github.com/bitnami/charts/issues/10539#issuecomment-1152641771

I've also removed the Chart.lock file from the ignore list. This file
ensures correct dependency retrieval when using helm dependency build.

https://helm.sh/docs/helm/helm_dependency_build/#helm-dependency-build

Signed-off-by: justusbunsi sk.bunsenbrenner@gmail.com

As mentioned in the Bitnami chart issue, they've created a git tag to represent the latest full content `index.yaml`. This should be used instead of a commit that could be changed. https://github.com/bitnami/charts/issues/10539#issuecomment-1152641771 I've also removed the `Chart.lock` file from the ignore list. This file ensures correct dependency retrieval when using `helm dependency build`. https://helm.sh/docs/helm/helm_dependency_build/#helm-dependency-build Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
justusbunsi added 1 commit 2 months ago
20c727a5a0
Properly lock chart dependencies
techknowlogick approved these changes 2 months ago
justusbunsi added 1 commit 2 months ago
luhahn approved these changes 2 months ago
luhahn left a comment
Collaborator

LGTM

LGTM
luhahn merged commit 0172a59889 into master 2 months ago
luhahn referenced this issue from a commit 2 months ago
justusbunsi deleted branch dependency-hardening 2 months ago

Reviewers

techknowlogick approved these changes 2 months ago
luhahn approved these changes 2 months ago
continuous-integration/drone/pr Build is passing
The pull request has been merged as 0172a59889.
Sign in to join this conversation.
Loading…
There is no content yet.