Helm index.yaml does not quote version numbers
Summary
I have a project on GitLab CE 17.3.2 at my work. I have a series of helm charts that I upload to the package registry that use the git commit SHA as the "appVersion" of the chart. The last helm chart I created had a SHA of "4852e004". The helm chart uploads fine using curl from CI (see below), but the index.yaml generated by GitLab does not quote the version numbers which results in YAML/JSON treating the appVersion as scientific notation of a floating point number. This results in helm commands like helm repo add failing to parse the package registry:
helm repo add geosphere-api "https://gitlab.ssec.wisc.edu/api/v4/projects/2007/packages/helm/unstable/"
Error: looks like "https://gitlab.ssec.wisc.edu/api/v4/projects/2007/packages/helm/unstable/" is not a valid chart repository or cannot be reached: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal number into Go struct field ChartVersion.entries.appVersion of type stringNote the helm chart tarball is properly quoted in Chart.yaml (I can attach the tarball if requested). Here's an example of the index.yaml
---
apiVersion: v1
entries:
geosphere-api:
- name: geosphere-api
type: application
version: 20240913.54469.0
apiVersion: v2
appVersion: 4852e004
description: GeoSphere backend API
created: '2024-09-13T15:07:50.124023000Z'
digest:
urls:
- charts/geosphere-api-20240913.54469.0.tgz
- name: geosphere-api
type: application
version: 20240904.71693.0
apiVersion: v2
appVersion: 69e814d2
description: GeoSphere backend API
created: '2024-09-04T19:54:54.492519000Z'
digest:
urls:
- charts/geosphere-api-20240904.71693.0.tgz
...Steps to reproduce
-
Create a helm chart where
appVersionin the Chart.yaml is"4852e004". Package the chart up withhelm package <chart dir>. -
Upload to a package registry with curl:
curl --fail --request POST --user $CI_REGISTRY_USER:$CI_JOB_TOKEN --form "chart=@mychart.tgz" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/unstable/charts"; -
Request the package index by running
helm repo add "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/unstable/". It should fail with an error about the appVersion.
Example Project
If needed I will create a project on gitlab.com, but I think this project on my local GitLab CE should be public:
https://gitlab.ssec.wisc.edu/cspp_geo/geosphere/geosphere-api
Edit: See comment below, but here's a gitlab.com project:
https://gitlab.com/djhoese/helm-index-test
What is the current bug behavior?
A valid helm chart produces an invalid index.yaml used by helm commands like helm repo add.
helm repo add geosphere-api "https://gitlab.ssec.wisc.edu/api/v4/projects/2007/packages/helm/unstable/"
Error: looks like "https://gitlab.ssec.wisc.edu/api/v4/projects/2007/packages/helm/unstable/" is not a valid chart repository or cannot be reached: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal number into Go struct field ChartVersion.entries.appVersion of type stringWhat is the expected correct behavior?
Helm chart repositories hosted in gitlab package registries are compatible with helm and quote their version strings.
Relevant logs and/or screenshots
See above.
Output of checks
Results of GitLab environment info
GitLab Community Edition v17.3.2 I'm still working on getting the output for the below from our IT folks.
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)(we will only investigate if the tests are passing)