-
Notifications
You must be signed in to change notification settings - Fork 7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide an option or alternative for --set and/or --set-string to take a value literally #4030
Comments
It appears this is the expected escape behavior. For the code location see https://github.com/kubernetes/helm/blob/b6660cd5c9a9ee35ff24034fcc223b7eaeed3ee2/pkg/strvals/parser.go#L309 For Helm 2 we should document this as changing it would cause a backward incompatibility. |
labelling this as a good first issue if someone wants to do a deep dive around the --set parser and document their findings. |
@technosophos can you provide a little history on why |
The escape character for the Char '\\' cited in the code above is the Keep in mind that you have the shell interpreting things here, too. So often you have to double escape things because the shell will interpret |
I was playing with Workaround was just escaping it, but finding the root cause took a little while! |
I will work on this as my first contribution to documentation. |
Expand and clarify documentation for `helm upgrade` to include nuances of command line values setting. Fixes issue helm#4030
Expand and clarify documentation for `helm upgrade` to include nuances of command line values setting. Fixes issue helm#4030
Expand and clarify documentation for `helm upgrade` to include nuances of command line values setting. Fixes issue helm#4030
Expand and clarify documentation for `helm upgrade` to include nuances of command line values setting. Fixes issue helm#4030
Expand and clarify documentation for `helm upgrade` to include nuances of command line values setting. Fixes issue helm#4030
Improve documentation for helm upgrade (#4030)
closed via #4485 |
@smurfralf I believe you'll need to escape |
Also, I'm not sure if I agree with the resolution. It's great that the documentation is updated (thanks @smurfralf!) but shouldn't the real fix be just taking quoted values literally? Even with the docs, this will continue to confuse folks. |
fair enough. |
I would be very much in favor of actually taking quoted values for —set (variants) literally. |
I'm not entirely sure that the workaround proposed by @0x6D6178 is going to cover 100% of the cases. How about a password including comma? Do I understand correctly that a comma needs to be escaped using backslash? |
Its not clear to me in the comments above what "quoted values" and "literally" mean. Since this is a CLI we have to contend with the shell no matter what. So chars like dollar sign ($), quote (") and tick(') are going to have to be escaped in some way by the user regardless. The use of ticks to quote for the shell also serves to protect against comma (,) and equals (=) delimiter parsing. So isn't the only thing being debated is whether the yaml interpretation of backslashes should be continued? I would argue yes, in case someone wants to use non-printable characters in the value. EDIT: checking on @moikot feedback, looks like my typo in the example (leaving out the comma) was more than just a typo - it does affect behavior. To get the desired value you have to backslash the comma as the comment above mentions. The tick marks don't stop the splitting of the values on the comma. Back to the drawing board... |
@smurfralf You absolutely right, the proposed solution (e.g. --set password="Passw\Ord!" should result in Passw\Ord!) is not gonna work since it's not up to Helm to decide how to treat '\O' in double quotes. But I'm afraid there is another aspect as well, even if you use a value provided in a variable, you are not safe since a comma (',') and an opening curly brace ('{') has a special meaning in --set and --set-string and you have to escape them. For example: export QQQ="bar,baz"
helm lint --set foo=${QQQ} Gives you an error Error: failed parsing --set data: key "baz" has no value and in case of '{' export QQQ="{bar"
helm lint --set foo=${QQQ} Gives you an error Error: failed parsing --set data: list must terminate with '}' There is another issue reported about the escaping and I think it's more correct #4406. |
Bash does not interpret strings that are wrapped with ticks ('), whereas it does for some characters when the string is wrapped with quotes (") (see https://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash#6697781). I would expect that a string is not interpreted by Helm when I supply a tick wrapped string in the Currently the behaviour is: helm lint --set foo='{bar' Currently results in: Error: failed parsing --set data: list must terminate with '}' Whereas I would expect the value to be taken literally. However, I understand the additional functionality that |
@0x6D6178 Command line processors, in general, remove all the special characters (double quotes (") or single quote (')) before passing the resulting value to a program, so Helm doesn't get a chance to distinguish between them. |
Any update on adding |
Hello all together 👋 I would like to give it a try. I added a Currently, escaping is coupled heavily with the parser in |
This issue has been marked as stale because it has been open for 90 days with no activity. This thread will be automatically closed in 30 days if no further activity occurs. |
This is still an issue. Really nothing to add but hopeful for the PR merge |
@bacongobbler in the comment #4030 (comment) you did include this list as the set of characters which should be escaped when passing a string to set-string:
In this list the character |
I ran into this issue today trying to set a literal json string to use it in a template (to set an env var). We get the json string from our TUF repository root key and I just want to set it as a json literal string in an environment variable in the k8s container spec. |
+1 for the pull request |
+1 for the pull request please |
+1 for the this feature :) |
Since this page still does not list the characters that must be escaped, nor does the CLI, shall I make a PR to address the issue? |
+1 |
1 similar comment
+1 |
+1 for a feature like --set-literal this issue of not taking literals in --set is causing many problems for us |
+1 for This will be really useful. When you need to pass stringified JSON through GitHub actions to helm it is hell, as you need to escape the GH YAML templating engine, bash, and at the end Helm interpretation. |
+1 for a feature like --set-literal |
I expect |
I am experiencing an escaping problem with Helm. For instance, if I want to set a password in a chart, I run into the problem that
\
characters are removed.Example:
helm upgrade --install --set password=Passw\Ord! somechart
PasswOrd!
instead ofPassw\Ord!
I looked into possible solutions on my end and did the following:
\
resulting inPassw\\0rd!
does not give the desired output, both\
are removed, resulting inPasswOrd!
.'
) or quotes ("
) results\
being removed, resulting inPasswOrd!
.What did work though is escaping the backslash two times
Passw\\\Ord!
, which results inPassw\Ord!
.Expected behaviour
I would expect that
\\
would result in\
instead of both being removed.Desired outcome
It should be possible for passwords to contain special characters, such as
\
.Possible solution:
Wrapped variable values in the
--set
argument should be taken literally (e.g.--set password='Passw\Ord!'
should result inPassw\Ord!
.Output of
helm version
:2.8.2
Output of
kubectl version
:Client: 1.10.1
Server: 1.9.6
Edit: updated character naming to be more consistent on what is meant
The text was updated successfully, but these errors were encountered: