From abeaed4822ecf2907617d6b56127b4ff1302ce30 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Thu, 23 Jan 2020 00:55:46 +0100 Subject: [PATCH] [COMMON] Allow to lint chart without master password When you type make in kubernetes directory all charts are linted. If one of them try to generate password whole linting process ends with an error because masterPassword has not been provided and there is no default value for it. To avoid this issue but still don't provide any default value whcih would be obviously insecure in this context, let's just test current release name. If it matches "testRelease" we treat whis as a special case and use predefined master key. Security implication: You should never, ever name your productional deployment "testRelease" nor use it as a master password. Issue-ID: OOM-2052 Change-Id: I7a2132e81f6910dfea562e8930c7eacd7aa7a00b Signed-off-by: Krzysztof Opasiak --- kubernetes/common/common/templates/_createPassword.tpl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kubernetes/common/common/templates/_createPassword.tpl b/kubernetes/common/common/templates/_createPassword.tpl index 938b0ee514..8b2f1e274d 100644 --- a/kubernetes/common/common/templates/_createPassword.tpl +++ b/kubernetes/common/common/templates/_createPassword.tpl @@ -29,6 +29,9 @@ {{- printf "%d" .Values.global.masterPassword -}} {{ else if .Values.masterPassword }} {{- printf "%d" .Values.masterPassword -}} + {{ else if eq "testRelease" (include "common.release" .) }} + {{/* Special case for chart liniting. DON"T NAME YOUR PRODUCTION RELEASE testRelease */}} + {{- printf "testRelease" -}} {{ else }} {{ fail "masterPassword not provided" }} {{ end }} -- 2.16.6