-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
helm: introduce customized chart loaders #663
Conversation
1b7a559
to
05008d5
Compare
05008d5
to
d6488b4
Compare
We require these to be able to mimic Helm's own directory loader, and surprisingly (for `ignore` at least), these are not public. Signed-off-by: Hidde Beydals <hello@hidde.co>
This can be used to detect traversion outside of a certain path scope while walking. Signed-off-by: Hidde Beydals <hello@hidde.co>
Signed-off-by: Hidde Beydals <hello@hidde.co>
This introduces our own `secureloader` package, with a directory loader that's capable of following symlinks while validating they stay within a certain root boundary. Signed-off-by: Hidde Beydals <hello@hidde.co>
39d5bbb
to
f0a5e7a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hiddeco great effort! LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Signed-off-by: Hidde Beydals <hello@hidde.co>
This includes some rewiring of tests, and slight changes in how we work with the local chart reference. `Path` is expected to be relative to `WorkDir`, and both fields are now mandatory. Signed-off-by: Hidde Beydals <hello@hidde.co>
Signed-off-by: Hidde Beydals <hello@hidde.co>
f0a5e7a
to
9a17fd5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks @hiddeco
No description provided.