Matt Farina

{{< figure src="https://helm.sh/blog/images/happy-5th.png" alt="헬름의 5번째 생일 축하" >}}

5년 전, Deis(그 후 마이크로스프트에 인수됨)의 해커톤에서 헬름이 탄생했다.

오늘 헬름 허브가 아티팩트 허브로 이동한다. 즉, 헬름 허브로 이동하면 아티팩트 허브로 리다이렉션된다.

이것은 무엇을 의미하는가?​

헬름 허브를 검색하거나 헬름 허브에서 차트 목록을 조회할 때 의문이 들지도 모르겠다. 무슨 차이가 있는걸까?

아티팩트 허브에서는 헬름 허브에서 조회된 것과 동일한 차트 목록이 모두 조회된다. 더 빠른 검색을 제공하며 국면 검색을 포함한다. 이전과 비슷한 방식으로 차트를 검색할 수 있다. 검색은 헬름 CLI에서도 계속 작동한다.

다음 주에는 연례행사인 KubeCon 과 CloudNativeCon 이 북미에서 열린다. 헬름 프로젝트 및 유지관리자들은 몇 가지를 준비하고 있고 여러분을 초대하고 싶다.

Devstats and stats on GitHub are able to capture many different types of contributions to an open source project. But there is one type of contribution for which we have yet to figure out a good metric, and it has been essential for Helm's success. That is community management.

Karen Chu has handled community management for Helm since the project was first announced at the inaugural KubeCon in San Francisco. Her work ranges from big things, like planning and executing two Helm Summits, down to smaller (but still essential) things like managing the Helm twitter account.

Today, the Helm Maintainers are proud to announce that we have successfully completed a 3rd party security audit for Helm 3. Helm has been recommended for public deployment.

A security audit is part of the graduation criteria for CNCF projects. Specifically, the graduation criteria says:

Have completed an independent and third party security audit with results published of similar scope and quality as the following example (including critical vulnerabilities addressed): https://github.com/envoyproxy/envoy#security-audit and all critical vulnerabilities need to be addressed before graduation.

Part of the process for Helm to become a graduated CNCF project is to complete an independent and third party security audit with the results being published. As part of the audit of Helm 3 a security issue was found that also impacts Helm v2. Cure53 performed the audit and found the issue. More about the audit will be covered in a future post.

The vulnerability found impacts all versions of Helm between Helm >=2.0.0 and < 2.15.2. Helm commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include content not intended in the chart or to execute a denial of service (DOS) on the computer performing the packaging via the use of symlinks.

Helm v3 development has hit a new milestone with the release of the first beta. This is an especially important milestone because it is the end of the effort to refactor Helm v3. The last of the intended breaking changes has landed. From this point on, Helm v3 is focused on bug fixes, stability, and preparing it for a stable release.

If you are interested in Helm v3 now is a great time to test it out. If you find issues please file an issue if one has not already been filed.