Unique (HelmChart) Artifact URLs #610
Labels
Comments
hiddeco
added
enhancement
hiddeco
added a commit
that referenced
this issue
Mar 11, 2022
This adds a Unix suffix to the HelmChart Artifact filename, to ensure it is unique for sequential builds triggered due to e.g. a controller restart. The result of this is that consumers who _think_ they are fetching an artifact with a certain checksum run into a 404 when attempting to download a previously advertised but now unavailable file, instead of running into a checksum validation error (due to non-repetitive Helm builds). For more information, see: #610 Signed-off-by: Hidde Beydals <hello@hidde.co>
hiddeco
added a commit
that referenced
this issue
Mar 11, 2022
This adds a Unix suffix to the HelmChart Artifact filename, to ensure it is unique for sequential builds triggered due to e.g. a controller restart. The result of this is that consumers who _think_ they are fetching an Artifact with a certain checksum run into a 404 when attempting to download a previously advertised but now unavailable file, instead of running into a checksum validation error (due to non-repetitive Helm builds). For more information, see: #610 Signed-off-by: Hidde Beydals <hello@hidde.co>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
At present, the Artifact file name (and thus URL) is composed out of just chart metadata. Due to the way Helm chart builds are not reproducable, this may cause issues on the consumer side when a chart is rebuild due to e.g. a controller restart, but advertised on the same URL. As this causes a mismatch in the checksum calculation.
Given a checksum mismatch error triggers a lot more red flags for an operator than a temporary "404 not found", it would be good idea to add some randomness to the advertised Artifact URL.
To my knowledge, only HelmCharts are affected by this, as other resources strip data (e.g. timestamps).
The text was updated successfully, but these errors were encountered: