diff --git a/lib/manager/helmv3/__snapshots__/artifacts.spec.ts.snap b/lib/manager/helmv3/__snapshots__/artifacts.spec.ts.snap index 0878af46f3846d..4314ebd1f6119e 100644 --- a/lib/manager/helmv3/__snapshots__/artifacts.spec.ts.snap +++ b/lib/manager/helmv3/__snapshots__/artifacts.spec.ts.snap @@ -474,19 +474,19 @@ generated: \\"2022-01-20T17:48:47.610371241+01:00\\" exports[`manager/helmv3/artifacts returns updated Chart.lock with docker 2`] = ` Array [ Object { - "cmd": "docker pull renovate/helm", + "cmd": "docker pull renovate/sidecar", "options": Object { "encoding": "utf-8", }, }, Object { - "cmd": "docker ps --filter name=renovate_helm -aq", + "cmd": "docker ps --filter name=renovate_sidecar -aq", "options": Object { "encoding": "utf-8", }, }, Object { - "cmd": "docker run --rm --name=renovate_helm --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e HELM_EXPERIMENTAL_OCI -w \\"/tmp/github/some/repo\\" renovate/helm bash -l -c \\"helm repo add repo-test --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories https://gitlab.com/api/v4/projects/xxxxxxx/packages/helm/stable && helm dependency update --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories ''\\"", + "cmd": "docker run --rm --name=renovate_sidecar --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e HELM_EXPERIMENTAL_OCI -w \\"/tmp/github/some/repo\\" renovate/sidecar bash -l -c \\"install-tool helm v3.7.2 && helm repo add repo-test --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories https://gitlab.com/api/v4/projects/xxxxxxx/packages/helm/stable && helm dependency update --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories ''\\"", "options": Object { "cwd": "/tmp/github/some/repo", "encoding": "utf-8", @@ -633,19 +633,19 @@ generated: \\"2022-01-20T17:48:47.610371241+01:00\\" exports[`manager/helmv3/artifacts sets repositories from aliases with docker 2`] = ` Array [ Object { - "cmd": "docker pull renovate/helm", + "cmd": "docker pull renovate/sidecar", "options": Object { "encoding": "utf-8", }, }, Object { - "cmd": "docker ps --filter name=renovate_helm -aq", + "cmd": "docker ps --filter name=renovate_sidecar -aq", "options": Object { "encoding": "utf-8", }, }, Object { - "cmd": "docker run --rm --name=renovate_helm --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e HELM_EXPERIMENTAL_OCI -w \\"/tmp/github/some/repo\\" renovate/helm bash -l -c \\"helm repo add stable --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories the_stable_url && helm repo add repo1 --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories the_repo1_url && helm repo add repo-test --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories https://gitlab.com/api/v4/projects/xxxxxxx/packages/helm/stable && helm dependency update --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories ''\\"", + "cmd": "docker run --rm --name=renovate_sidecar --label=renovate_child -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -v \\"/tmp/renovate/cache\\":\\"/tmp/renovate/cache\\" -e HELM_EXPERIMENTAL_OCI -w \\"/tmp/github/some/repo\\" renovate/sidecar bash -l -c \\"install-tool helm v3.7.2 && helm repo add stable --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories the_stable_url && helm repo add repo1 --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories the_repo1_url && helm repo add repo-test --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories https://gitlab.com/api/v4/projects/xxxxxxx/packages/helm/stable && helm dependency update --registry-config /tmp/renovate/cache/__renovate-private-cache/registry.json --repository-config /tmp/renovate/cache/__renovate-private-cache/repositories.yaml --repository-cache /tmp/renovate/cache/__renovate-private-cache/repositories ''\\"", "options": Object { "cwd": "/tmp/github/some/repo", "encoding": "utf-8", diff --git a/lib/manager/helmv3/artifacts.spec.ts b/lib/manager/helmv3/artifacts.spec.ts index 9f0940c74640d9..43fc6948164332 100644 --- a/lib/manager/helmv3/artifacts.spec.ts +++ b/lib/manager/helmv3/artifacts.spec.ts @@ -5,6 +5,7 @@ import { envMock, mockExecAll } from '../../../test/exec-util'; import { loadFixture, mocked } from '../../../test/util'; import { GlobalConfig } from '../../config/global'; import type { RepoGlobalConfig } from '../../config/types'; +import * as _datasource from '../../datasource'; import * as docker from '../../util/exec/docker'; import * as _env from '../../util/exec/env'; import * as hostRules from '../../util/host-rules'; @@ -13,9 +14,12 @@ import * as helmv3 from './artifacts'; jest.mock('fs-extra'); jest.mock('child_process'); +jest.mock('../../datasource'); jest.mock('../../util/exec/env'); jest.mock('../../util/http'); +const datasource = mocked(_datasource); + const fs: jest.Mocked = _fs as any; const exec: jest.Mock = _exec as any; const env = mocked(_env); @@ -133,6 +137,9 @@ describe('manager/helmv3/artifacts', () => { fs.readFile.mockResolvedValueOnce(ociLockFile1 as never); const execSnapshots = mockExecAll(exec); fs.readFile.mockResolvedValueOnce(ociLockFile2 as never); + datasource.getPkgReleases.mockResolvedValueOnce({ + releases: [{ version: 'v3.7.2' }], + }); const updatedDeps = [{ depName: 'dep1' }]; expect( await helmv3.updateArtifacts({ @@ -209,6 +216,9 @@ describe('manager/helmv3/artifacts', () => { fs.readFile.mockResolvedValueOnce(ociLockFile1 as never); const execSnapshots = mockExecAll(exec); fs.readFile.mockResolvedValueOnce(ociLockFile2 as never); + datasource.getPkgReleases.mockResolvedValueOnce({ + releases: [{ version: 'v3.7.2' }], + }); expect( await helmv3.updateArtifacts({ packageFileName: 'Chart.yaml', diff --git a/lib/manager/helmv3/artifacts.ts b/lib/manager/helmv3/artifacts.ts index 072d8962096dc7..fe52ce7ff06263 100644 --- a/lib/manager/helmv3/artifacts.ts +++ b/lib/manager/helmv3/artifacts.ts @@ -5,7 +5,7 @@ import { TEMPORARY_ERROR } from '../../constants/error-messages'; import * as datasourceDocker from '../../datasource/docker'; import { logger } from '../../logger'; import { exec } from '../../util/exec'; -import type { ExecOptions } from '../../util/exec/types'; +import type { ExecOptions, ToolConstraint } from '../../util/exec/types'; import { getSiblingFileName, getSubDirectory, @@ -23,17 +23,10 @@ import { } from './utils'; async function helmCommands( + execOptions: ExecOptions, manifestPath: string, repositories: Repository[] ): Promise { - const execOptions: ExecOptions = { - docker: { - image: 'helm', - }, - extraEnv: { - HELM_EXPERIMENTAL_OCI: '1', - }, - }; const cmd = []; // set cache and config files to a path in privateCacheDir to prevent file and credential leakage const helmConfigParameters = [ @@ -148,7 +141,21 @@ export async function updateArtifacts({ await writeLocalFile(packageFileName, newPackageFileContent); logger.debug('Updating ' + lockFileName); - await helmCommands(packageFileName, repositories); + const helmToolConstraint: ToolConstraint = { + toolName: 'helm', + constraint: config.constraints?.helm, + }; + + const execOptions: ExecOptions = { + docker: { + image: 'sidecar', + }, + extraEnv: { + HELM_EXPERIMENTAL_OCI: '1', + }, + toolConstraints: [helmToolConstraint], + }; + await helmCommands(execOptions, packageFileName, repositories); logger.debug('Returning updated Chart.lock'); const newHelmLockContent = await readLocalFile(lockFileName, 'utf8'); if (existingLockFileContent === newHelmLockContent) { diff --git a/lib/util/exec/buildpack.ts b/lib/util/exec/buildpack.ts index 159a90843e14e8..67236c2938357d 100644 --- a/lib/util/exec/buildpack.ts +++ b/lib/util/exec/buildpack.ts @@ -20,6 +20,11 @@ const allToolConfig: Record = { depName: 'composer/composer', versioning: composerVersioningId, }, + helm: { + datasource: 'github-releases', + depName: 'helm/helm', + versioning: semverVersioningId, + }, jb: { datasource: 'github-releases', depName: 'jsonnet-bundler/jsonnet-bundler',