add helm auth validation

suse-edge · Mar 12, 2024 · 95e7034 · 95e7034
1 parent d1e49a9
commit 95e7034
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 0 deletions.
diff --git a/pkg/image/validation/kubernetes.go b/pkg/image/validation/kubernetes.go
@@ -238,6 +238,18 @@ func validateRepo(repo *image.HelmRepository, seenHelmRepos map[string]bool) []F
 		})
 	}
 
+	if repo.Authentication.Username != "" && repo.Authentication.Password == "" {
+		failures = append(failures, FailedValidation{
+			UserMessage: fmt.Sprintf("Helm repository 'password' field not defined for %q.", repo.Name),
+		})
+	}
+
+	if repo.Authentication.Username == "" && repo.Authentication.Password != "" {
+		failures = append(failures, FailedValidation{
+			UserMessage: fmt.Sprintf("Helm repository 'username' field not defined for %q.", repo.Name),
+		})
+	}
+
 	return failures
 }
 

diff --git a/pkg/image/validation/kubernetes_test.go b/pkg/image/validation/kubernetes_test.go
@@ -692,6 +692,58 @@ func TestValidateHelmCharts(t *testing.T) {
 				"Helm repository 'url' field for \"apache-repo\" must begin with either 'oci://', 'http://', or 'https://'.",
 			},
 		},
+		`helm repository username no password`: {
+			K8s: image.Kubernetes{
+				Helm: image.Helm{
+					Charts: []image.HelmChart{
+						{
+							Name:           "apache",
+							RepositoryName: "apache-repo",
+							Version:        "10.7.0",
+						},
+					},
+					Repositories: []image.HelmRepository{
+						{
+							Name: "apache-repo",
+							URL:  "oci://registry-1.docker.io/bitnamicharts/apache",
+							Authentication: image.HelmAuthentication{
+								Username: "user",
+								Password: "",
+							},
+						},
+					},
+				},
+			},
+			ExpectedFailedMessages: []string{
+				"Helm repository 'password' field not defined for \"apache-repo\".",
+			},
+		},
+		`helm repository password no username`: {
+			K8s: image.Kubernetes{
+				Helm: image.Helm{
+					Charts: []image.HelmChart{
+						{
+							Name:           "apache",
+							RepositoryName: "apache-repo",
+							Version:        "10.7.0",
+						},
+					},
+					Repositories: []image.HelmRepository{
+						{
+							Name: "apache-repo",
+							URL:  "oci://registry-1.docker.io/bitnamicharts/apache",
+							Authentication: image.HelmAuthentication{
+								Username: "",
+								Password: "pass",
+							},
+						},
+					},
+				},
+			},
+			ExpectedFailedMessages: []string{
+				"Helm repository 'username' field not defined for \"apache-repo\".",
+			},
+		},
 	}
 
 	for name, test := range tests {