hot fix security issue when supplying helm creds

README.md

@@ -28,11 +28,6 @@ Repositories
     repositories:
       stable:
         url: "https://kubernetes-charts.storage.googleapis.com"
-        cafile: "path/to/cafile"
-        certfile: "path/to/certfile"
-        keyfile: "path/to/keyfile"
-        username: "username"
-        password: "password"
 ```
 
 ### Mixin Syntax

docs/atom.xml

@@ -1,31 +1,21 @@
 <feed xmlns="http://www.w3.org/2005/Atom">
     <id>https://github.com/MChorfa/porter-helm3</id>
     <title>Porter Helm3 Mixin</title>
-    <updated>2020-08-18T22:41:16Z</updated>
+    <updated>2020-08-21T19:35:54Z</updated>
     <link rel="self" href="https://mchorfa.github.com/porter-helm3/atom.xml"/>
     <author>
         <name>Mohamed chorfa</name>
         <uri>https://github.com/MChorfa/porter-helm3</uri>
     </author>
     <category term="helm3"/>
     <entry>
-        <id>https://github.com/MChorfa/porter-helm3/releases/download/v0.1.5/helm3</id>
-        <title>helm3 @ v0.1.5</title>
-        <updated>2020-05-18T22:41:16Z</updated>
+        <id>https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6-3-g1289265/helm3</id>
+        <title>helm3 @ v0.1.6-3-g1289265</title>
+        <updated>2020-08-21T19:35:54Z</updated>
         <category term="helm3"/>
-        <content>v0.1.5</content>
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.5/helm3-darwin-amd64" />
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.5/helm3-linux-amd64" />
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.5/helm3-windows-amd64.exe" />
-    </entry>
-    <entry>
-        <id>https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6/helm3</id>
-        <title>helm3 @ v0.1.6</title>
-        <updated>2020-08-18T22:41:16Z</updated>
-        <category term="helm3"/>
-        <content>v0.1.6</content>
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6/helm3-darwin-amd64" />
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6/helm3-linux-amd64" />
-        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6/helm3-windows-amd64.exe" />
+        <content>v0.1.6-3-g1289265</content>
+        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6-3-g1289265/helm3-darwin-amd64" />
+        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6-3-g1289265/helm3-linux-amd64" />
+        <link rel="download" href="https://github.com/MChorfa/porter-helm3/releases/download/v0.1.6-3-g1289265/helm3-windows-amd64.exe" />
     </entry>
 </feed>

pkg/helm3/build.go

@@ -26,23 +26,14 @@ type BuildInput struct {
 //	  repositories:
 //	    stable:
 //		  url: "https://kubernetes-charts.storage.googleapis.com"
-//		  cafile: "path/to/cafile"
-//		  certfile: "path/to/certfile"
-//		  keyfile: "path/to/keyfile"
-//		  username: "username"
-//		  password: "password"
+
 type MixinConfig struct {
 	ClientVersion string `yaml:"clientVersion,omitempty"`
 	Repositories  map[string]Repository
 }
 
 type Repository struct {
-	URL      string `yaml:"url,omitempty"`
-	Cafile   string `yaml:"cafile,omitempty"`
-	Certfile string `yaml:"certfile,omitempty"`
-	Keyfile  string `yaml:"keyfile,omitempty"`
-	Username string `yaml:"username,omitempty"`
-	Password string `yaml:"password,omitempty"`
+	URL string `yaml:"url,omitempty"`
 }
 
 // Build will generate the necessary Dockerfile lines
@@ -81,7 +72,7 @@ func (m *Mixin) Build() error {
 	// Go through repositories
 	for name, repo := range input.Config.Repositories {
 
-		commandValue, err := GetAddRepositoryCommand(name, repo.URL, repo.Cafile, repo.Certfile, repo.Keyfile, repo.Username, repo.Password)
+		commandValue, err := GetAddRepositoryCommand(name, repo.URL)
 		if err != nil && m.Debug {
 			fmt.Fprintf(m.Err, "DEBUG: addition of repository failed: %s\n", err.Error())
 		} else {
@@ -91,7 +82,7 @@ func (m *Mixin) Build() error {
 	return nil
 }
 
-func GetAddRepositoryCommand(name, url, cafile, certfile, keyfile, username, password string) (commandValue []string, err error) {
+func GetAddRepositoryCommand(name, url string) (commandValue []string, err error) {
 
 	var commandBuilder []string
 
@@ -101,16 +92,6 @@ func GetAddRepositoryCommand(name, url, cafile, certfile, keyfile, username, pas
 
 	commandBuilder = append(commandBuilder, "\nRUN", "helm3", "repo", "add", name, url)
 
-	if certfile != "" && keyfile != "" {
-		commandBuilder = append(commandBuilder, "--cert-file", certfile, "--key-file", keyfile)
-	}
-	if cafile != "" {
-		commandBuilder = append(commandBuilder, "--ca-file", cafile)
-	}
-	if username != "" && password != "" {
-		commandBuilder = append(commandBuilder, "--username", username, "--password", password)
-	}
-
 	return commandBuilder, nil
 }
 

pkg/helm3/build_test.go

@@ -32,7 +32,7 @@ RUN mv linux-amd64/helm /usr/local/bin/helm3`
 		err = m.Build()
 		require.NoError(t, err, "build failed")
 
-		wantOutput := fmt.Sprintf(buildOutput, m.HelmClientVersion) + "\nRUN helm3 repo add stable kubernetes-charts --username username --password password"
+		wantOutput := fmt.Sprintf(buildOutput, m.HelmClientVersion) + "\nRUN helm3 repo add stable kubernetes-charts"
 
 		gotOutput := m.TestContext.GetOutput()
 		assert.Equal(t, wantOutput, gotOutput)

pkg/helm3/testdata/build-input-with-valid-config.yaml

@@ -2,8 +2,6 @@ config:
   repositories:
     stable:
       url: "kubernetes-charts"
-      username: "username"
-      password: "password"
 install:
   - helm3:
       description: "Install MySQL"