Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HIP to support a release tag flag #265

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
116 changes: 29 additions & 87 deletions hips/hip-9999.md
Original file line number Diff line number Diff line change
@@ -1,121 +1,63 @@
---
hip: "9999"
title: "Helm OCI MediaType Registration"
authors: [ "Andrew Block <andy.block@gmail.com>" ]
created: "2022-06-09"
type: "informational"
title: "Helm Release Tag"
authors: [ "Nicholas Colbert <45cali@gmail.com>" ]
created: "2022-08-03"
type: "feature"
status: "draft"
---

## Abstract

The use of OCI artifacts is one of the packaging methods available in Helm. A Helm OCI artifact is comprised of multiple component, each defined by a specific Media Type. Media Types are managed by the [Internet Assigned Numbers Authority (IANA)](https://www.iana.org) and each type should be registered with IANA so that it can not only be known by the organization, but also discoverable by end users. The canonical location for Helm Media Types information below is intended to be the IANA [application registry](https://www.iana.org/assignments/media-types/media-types.xhtml#application). This document describes the necessary fields that are associated within the [registration of a Media Type to IANA](https://www.iana.org/form/media-types) form.
Add an optional release-tag flag for when deploying a helm chart.
45cali marked this conversation as resolved.
Show resolved Hide resolved

## Motivation

Support for the storage of Helm charts as OCI artifacts was released in released in General Availability (GA) in version 3.8.0 and with the continued adoption of this storage format, the specifications should be readily available for producers and consumers. Registration of Media Types with the Internet Assigned Numbers Authority has become a standard process within other technologies whom also make use of OCI artifacts so that not only the packaging types can be understood, but also documented.
Many organizations write a helm chart that they use internally and is not tied to any specific source code. This makes the appVersion in the Chart.yaml file useless because it never gets updated. In addition, appVersion cannot be changed easily on the fly. Adding a release-tag flag for `helm install` and `helm upgrade` gives users the ability to add in important information about the deployment. For example If you need to do a helm rollback to a specific version, its currently difficult to figure out what commit or branch you should rollback to.

## Rationale

A Generally Available (GA) feature that implements a particular specification should account for its usage. Not only does the registration of Media Types to IANA follow a practice that has been implemented previously, but also provides a better understanding of the Helm project.
Add a `--release-tag` flag to `helm install` and `helm upgrade` and give `Release Tag` its own column for the `helm history` command. The flag should be optional and not required.

## Specification

Each Media Type that Helm implements requires their own separate registration to IANA. The sections below detail the properties associated within the registration form for each of the Media Type's that will be submitted to IANA.

### Helm Config

The [OCI config](https://github.com/opencontainers/image-spec/blob/main/config.md) containing a JSON formatted representation of the Helm `Chart.yaml` file.

&nbsp; | &nbsp;
------ | -----
| Type Name | application |
| Tree | Vendor Tree (vnd prefix) |
| Subtype Name | `cncf.helm.config.v1+json` |
| Required Parameters | Fields as required per the Chart.yaml definition |
| Optional Parameters | Remaining fields which as defined within the Chart.yaml definition which are not noted as required |
| Encoding Considerations | Encoding considerations are identical to those specified for the "application/json" media type. See [RFC8259](https://datatracker.ietf.org/doc/html/rfc8259). |
| Security Considerations | Similar security concerns common to all JSON content types. See [RFC 7159 Section #12](https://tools.ietf.org/html/rfc7159#section-12) for additional information. The included content as defined by the Helm chart definition may include sensitive assets including personal contact information, source code repositories or other referenceable locations. |
| Interoperability Consideration | N/A |
| Published specification | [https://helm.sh/docs/topics/charts/#the-chartyaml-file](https://helm.sh/docs/topics/charts/#the-chartyaml-file) |
| Application Usage | Internally within the Helm package manager as well as various interfacing applications |
| Fragment Identifier Considerations | N/A |
| Restrictions on Usage | N/A |
| Provisional Registrations | N/A |
| Additional Information | <ol><li>Deprecated alias names for this type: None</li><li>Magic number(s): None</li><li>File extension(s): .json</li><li>Macintosh file type code: TEXT</li><li>Object Identifiers: None</li></ol>|
| Intended Usage | Common |
| Other Information and Comments | N/A |

### Helm Content

Represents the packaged Helm chart.

&nbsp; | &nbsp;
------ | -----
| Type Name | application |
| Tree | Vendor Tree (vnd prefix) |
| Subtype Name | `cncf.helm.chart.content.v1.tar+gzip` |
| Required Parameters | N/A |
| Optional Parameters | N/A |
| Encoding Considerations | Binary |
| Security Considerations | No security controls are enforced by Helm. The content of a Helm package is not intended to – but may potentially – contain resources that are sensitive in nature. |
| Interoperability Consideration | N/A |`
| Published specification | None |
| Application Usage | Internally within the Helm package manager as well as various interfacing applications |
| Fragment Identifier Considerations | N/A |
| Restrictions on Usage | N/A |
| Provisional Registrations | N/A |
| Additional Information | <ol><li>Deprecated alias names for this type: None</li><li>Magic number(s): None</li><li>File extension(s): None</li><li>Macintosh file type code: None</li><li>Object Identifiers: None</li></ol>
| Intended Usage | Common |
| Other Information and Comments | N/A |

### Helm Provenance

Represents the Helm Provenance file associated with a signed chart.

&nbsp; | &nbsp;
------ | -----
| Type Name | application |
| Tree |Vendor Tree (vnd prefix) |
| Subtype Name | `cncf.helm.chart.provenance.v1.prov` |
| Required Parameters | Fields as specified within Helm provenance file definition |
| Optional Parameters N/A |
| Encoding Considerations | The utf-8 charset is always used for this type |
| Security Considerations | The contents of a Helm provenance file contains a GnuPG detached ASCII-armored signature of the Helm chart definition file as well as the definition itself. The Helm chart definition may include sensitive assets including personal contact information, source code repositories or other referenceable locations.
| Interoperability Consideration | N/A |
| Published specification | <https://helm.sh/docs/topics/provenance/#the-provenance-file> |
| Application Usage | Internally within the Helm package manager as well as various interfacing applications |
| Fragment Identifier Considerations | N/A |
| Restrictions on Usage | N/A |
| Provisional Registrations | N/A |
| Additional Information | <ol><li>Deprecated alias names for this type: None</li><li>Magic number(s): None</li><li>File extension(s): None</li><li>Macintosh file type code: Text</li><li>Object Identifiers: None</li></ol> |
| Intended Usage | Common |
| Other Information and Comments | N/A |
Running helm install should look look this
`helm install <release> --release-tag`

Running helm upgrade should look like this
`helm upgrade <release> --release-tag`

The output of helm history should look similar to this
```
go run ./ history demo-nginx
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION RELEASE TAG
1 Tue Jul 19 15:31:37 2022 superseded nginx-13.1.2 1.23.0 Release Mock 921103db
2 Tue Jul 19 15:31:52 2022 superseded nginx-13.1.2 1.23.0 Release Mock 1a6f3966
3 Tue Jul 19 15:32:05 2022 superseded nginx-13.1.2 1.23.0 Release Mock 211bd2b6
4 Tue Jul 19 15:32:19 2022 deployed nginx-13.1.2 1.23.0 Release Mock 886f1e55
```

## Backwards Compatibility

N/A
This is adding an additional field and is not a required flag. There should be no issue with backwards compatability.

## Security implications

N/A
Cannot think of any security concerns with this feature.

## Reference implementation

The responses associated with each Media Type registration has been inspired by the previously registered [IANA Media Types](https://www.iana.org/assignments/media-types/media-types.xhtml).
There is a open pr for this feature.
https://github.com/helm/helm/pull/11165

## Rejected ideas

None
N/A

## Open issues

None
https://github.com/helm/helm/issues/8194

## References

Existing Media Types of similar category and purpose can be found within the list of registered [IANA Media Types](https://www.iana.org/assignments/media-types/media-types.xhtml). The following are examples of media types that have been registered with IANA:

* [json](https://www.iana.org/assignments/media-types/application/json)
* [gzip](https://www.iana.org/assignments/media-types/application/gzip)
* [wasm](https://www.iana.org/assignments/media-types/application/wasm)
N/A