2026-01-20 13:24:59 -08:00
|
|
|
import yaml
|
|
|
|
|
import json
|
|
|
|
|
import requests
|
|
|
|
|
import sys
|
|
|
|
|
import os
|
|
|
|
|
from urllib.parse import urljoin
|
2026-01-20 21:05:08 -08:00
|
|
|
from tools import helm_pull
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
|
|
|
|
|
def load_yaml(path):
|
2026-01-20 21:05:08 -08:00
|
|
|
with open(path, "r") as f:
|
2026-01-20 13:24:59 -08:00
|
|
|
return yaml.safe_load(f)
|
|
|
|
|
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
def fetch_index(repo_url):
|
2026-01-20 21:05:08 -08:00
|
|
|
index_url = urljoin(repo_url + "/", "index.yaml")
|
2026-01-20 13:24:59 -08:00
|
|
|
print(f"Fetching index from {index_url}...")
|
|
|
|
|
try:
|
|
|
|
|
r = requests.get(index_url)
|
|
|
|
|
r.raise_for_status()
|
|
|
|
|
return yaml.safe_load(r.text)
|
|
|
|
|
except Exception as e:
|
|
|
|
|
print(f"Error fetching {index_url}: {e}")
|
|
|
|
|
return None
|
|
|
|
|
|
2026-01-20 21:05:08 -08:00
|
|
|
|
|
|
|
|
def resolve_oci(repo_url, chart_name, version):
|
|
|
|
|
# Construct OCI URL
|
|
|
|
|
# repo_url: oci://ghcr.io/stefanprodan/charts
|
|
|
|
|
# chart_name: podinfo
|
|
|
|
|
# result: oci://ghcr.io/stefanprodan/charts/podinfo
|
|
|
|
|
|
|
|
|
|
base_url = repo_url
|
|
|
|
|
if base_url.endswith("/"):
|
|
|
|
|
base_url = base_url[:-1]
|
|
|
|
|
|
|
|
|
|
full_url = f"{base_url}/{chart_name}"
|
|
|
|
|
|
|
|
|
|
print(f"Resolving OCI chart {full_url}:{version}...")
|
|
|
|
|
|
|
|
|
|
# Use helm_pull logic to get manifest and digest
|
|
|
|
|
# Parse URL
|
|
|
|
|
path = full_url[6:] # strip oci://
|
|
|
|
|
registry, repository = path.split("/", 1)
|
|
|
|
|
|
|
|
|
|
token = helm_pull.get_token(registry, repository)
|
|
|
|
|
manifest = helm_pull.get_manifest(registry, repository, version, token)
|
|
|
|
|
|
|
|
|
|
valid_media_types = [
|
|
|
|
|
"application/vnd.cncf.helm.chart.content.v1.tar+gzip",
|
|
|
|
|
"application/x-tar",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
chart_layer = None
|
|
|
|
|
for layer in manifest.get("layers", []):
|
|
|
|
|
if layer.get("mediaType") in valid_media_types:
|
|
|
|
|
chart_layer = layer
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
if not chart_layer:
|
|
|
|
|
raise Exception(
|
|
|
|
|
f"No Helm chart layer found in manifest for {full_url}:{version}"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
digest = chart_layer["digest"]
|
|
|
|
|
|
|
|
|
|
return {"version": version, "url": full_url, "digest": digest}
|
|
|
|
|
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
def main():
|
|
|
|
|
if len(sys.argv) < 2:
|
|
|
|
|
print("Usage: python helm_sync.py <path_to_chartfile.yaml> [output_lock_file]")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
chartfile_path = sys.argv[1]
|
2026-01-20 21:05:08 -08:00
|
|
|
lockfile_path = (
|
|
|
|
|
sys.argv[2]
|
|
|
|
|
if len(sys.argv) > 2
|
|
|
|
|
else chartfile_path.replace(".yaml", ".lock.json")
|
|
|
|
|
)
|
2026-01-20 13:24:59 -08:00
|
|
|
|
|
|
|
|
print(f"Reading {chartfile_path}...")
|
|
|
|
|
chartfile = load_yaml(chartfile_path)
|
|
|
|
|
|
2026-01-20 21:05:08 -08:00
|
|
|
repos = {r["name"]: r["url"] for r in chartfile.get("repositories", [])}
|
2026-01-20 13:24:59 -08:00
|
|
|
indices = {}
|
|
|
|
|
|
|
|
|
|
lock_data = {"charts": {}}
|
|
|
|
|
|
2026-01-20 21:05:08 -08:00
|
|
|
for req in chartfile.get("requires", []):
|
|
|
|
|
chart_ref = req["chart"]
|
|
|
|
|
version = req["version"]
|
|
|
|
|
|
|
|
|
|
if "/" not in chart_ref:
|
2026-01-20 13:24:59 -08:00
|
|
|
print(f"Invalid chart reference: {chart_ref}. Expected repo/name.")
|
|
|
|
|
continue
|
2026-01-20 21:05:08 -08:00
|
|
|
|
|
|
|
|
repo_name, chart_name = chart_ref.split("/", 1)
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
if repo_name not in repos:
|
|
|
|
|
print(f"Repository '{repo_name}' not found for chart {chart_ref}")
|
|
|
|
|
continue
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
repo_url = repos[repo_name]
|
2026-01-20 21:05:08 -08:00
|
|
|
|
|
|
|
|
if repo_url.startswith("oci://"):
|
|
|
|
|
try:
|
|
|
|
|
lock_data["charts"][chart_ref] = resolve_oci(
|
|
|
|
|
repo_url, chart_name, version
|
|
|
|
|
)
|
|
|
|
|
print(f"Resolved {chart_ref} {version} (OCI)")
|
|
|
|
|
except Exception as e:
|
|
|
|
|
print(f"Error resolving OCI chart {chart_ref}: {e}")
|
|
|
|
|
continue
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
if repo_name not in indices:
|
|
|
|
|
indices[repo_name] = fetch_index(repo_url)
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
index = indices[repo_name]
|
|
|
|
|
if not index:
|
|
|
|
|
print(f"Skipping {chart_ref} due to missing index.")
|
|
|
|
|
continue
|
2026-01-20 21:05:08 -08:00
|
|
|
|
|
|
|
|
entries = index.get("entries", {}).get(chart_name, [])
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
# Find exact version
|
|
|
|
|
matched_entry = None
|
|
|
|
|
for entry in entries:
|
2026-01-20 21:05:08 -08:00
|
|
|
if entry["version"] == version:
|
2026-01-20 13:24:59 -08:00
|
|
|
matched_entry = entry
|
|
|
|
|
break
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
if not matched_entry:
|
|
|
|
|
print(f"Version {version} not found for chart {chart_ref}")
|
|
|
|
|
continue
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
# Resolve URL
|
2026-01-20 21:05:08 -08:00
|
|
|
urls = matched_entry.get("urls", [])
|
2026-01-20 13:24:59 -08:00
|
|
|
if not urls:
|
|
|
|
|
print(f"No URLs found for {chart_ref} version {version}")
|
|
|
|
|
continue
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
# URL can be relative or absolute
|
|
|
|
|
chart_url = urls[0]
|
2026-01-20 21:05:08 -08:00
|
|
|
if not chart_url.startswith("http"):
|
|
|
|
|
chart_url = urljoin(repo_url + "/", chart_url)
|
|
|
|
|
|
|
|
|
|
digest = matched_entry.get("digest")
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
print(f"Resolved {chart_ref} {version} -> {chart_url}")
|
2026-01-20 21:05:08 -08:00
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
lock_data["charts"][chart_ref] = {
|
|
|
|
|
"version": version,
|
|
|
|
|
"url": chart_url,
|
2026-01-20 21:05:08 -08:00
|
|
|
"digest": digest,
|
2026-01-20 13:24:59 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
print(f"Writing lockfile to {lockfile_path}...")
|
2026-01-20 21:05:08 -08:00
|
|
|
with open(lockfile_path, "w") as f:
|
2026-01-20 13:24:59 -08:00
|
|
|
json.dump(lock_data, f, indent=2, sort_keys=True)
|
2026-01-20 21:05:08 -08:00
|
|
|
f.write("\n")
|
|
|
|
|
|
2026-01-20 13:24:59 -08:00
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
main()
|
