Merge pull request #40 from pelotech/no-eks-support

Mention that EKS isn't currently supported [#5]

.gitignore

@@ -5,6 +5,8 @@
 *.so
 *.dylib
 
+.idea
+
 # Test binary, built with `go test -c`
 *.test
 

Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine/helm
+FROM alpine/helm:3.0.2
 MAINTAINER Erin Call <erin@liffft.com>
 
 COPY build/drone-helm /bin/drone-helm

LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

README.md

@@ -1,5 +1,9 @@
 # Drone plugin for Helm 3
 
+[![Build Status](https://cloud.drone.io/api/badges/pelotech/drone-helm3/status.svg)](https://cloud.drone.io/pelotech/drone-helm3)
+[![Go Report](https://goreportcard.com/badge/github.com/pelotech/drone-helm3)](https://goreportcard.com/report/github.com/pelotech/drone-helm3)
+[![](https://images.microbadger.com/badges/image/pelotech/drone-helm3.svg)](https://microbadger.com/images/pelotech/drone-helm3 "Get your own image badge on microbadger.com")
+
 This plugin provides an interface between [Drone](https://drone.io/) and [Helm 3](https://github.com/kubernetes/helm):
 
 * Lint your charts
@@ -58,8 +62,10 @@ steps:
 
 drone-helm3 is largely backwards-compatible with drone-helm. There are some known differences:
 
-* `prefix` must be supplied via the `settings` block, not `environment`.
+* You'll need to migrate the deployments in the cluster [helm-v2-to-helm-v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/).
-* Several settings no longer have any effect:
+* EKS is not supported. See [#5](https://github.com/pelotech/drone-helm3/issues/5) for more information.
+* The `prefix` setting is no longer supported. If you were relying on the `prefix` setting with `secrets: [...]`, you'll need to switch to the `from_secret` syntax.
+* Several settings no longer have any effect. The plugin will produce warnings if any of these are present:
     * `purge` -- this is the default behavior in Helm 3
     * `recreate_pods`
     * `tiller_ns`
@@ -69,3 +75,11 @@ drone-helm3 is largely backwards-compatible with drone-helm. There are some know
     * `stable_repo_url`
 
 Since helm 3 does not require Tiller, we also recommend switching to a service account with less-expansive permissions.
+
+### [Contributing](docs/contributing.md)
+
+This repo is setup in a way that if you enable a personal drone server to build your fork it will
+ build and publish your image (makes it easier to test PRs and use the image till the contributions get merged)
+
+* Build local ```DRONE_REPO_OWNER=josmo DRONE_REPO_NAME=drone-ecs drone exec```
+* on your server (or cloud.drone.io) just make sure you have DOCKER_USERNAME, DOCKER_PASSWORD, and PLUGIN_REPO set as secrets

assets/kubeconfig.tpl

@@ -24,16 +24,4 @@ users:
   user:
 {{- if .Token }}
     token: {{ .Token }}
-{{- else if .EKSCluster }}
-    exec:
-      apiVersion: client.authentication.k8s.io/v1alpha1
-      command: aws-iam-authenticator
-      args:
-        - "token"
-        - "-i"
-        - "{{ .EKSCluster }}"
-    {{- if .EKSRoleARN }}
-        - "-r"
-        - "{{ .EKSRoleARN }}"
-    {{- end }}
 {{- end }}

cmd/drone-helm/main.go

@@ -27,7 +27,7 @@ func main() {
 
 	// Expect the plan to go off the rails
 	if err != nil {
-		fmt.Fprintf(os.Stderr, err.Error())
+		fmt.Fprintf(os.Stderr, "%s\n", err.Error())
 		// Throw away the plan
 		os.Exit(1)
 	}

docs/parameter_reference.md

@@ -4,10 +4,9 @@
 | Param name          | Type            | Purpose |
 |---------------------|-----------------|---------|
 | helm_command        | string          | Indicates the operation to perform. Recommended, but not required. Valid options are `upgrade`, `uninstall`, `lint`, and `help`. |
-| update_dependencies | boolean         | Calls `helm dependency update` before running the main command. **Not currently implemented**; see [#25](https://github.com/pelotech/drone-helm3/issues/25).|
+| update_dependencies | boolean         | Calls `helm dependency update` before running the main command.|
-| helm_repos          | list\<string\>  | Calls `helm repo add $repo` before running the main command. Each string should be formatted as `repo_name=https://repo.url/`. **Not currently implemented**; see [#26](https://github.com/pelotech/drone-helm3/issues/26). |
+| helm_repos          | list\<string\>  | Calls `helm repo add $repo` before running the main command. Each string should be formatted as `repo_name=https://repo.url/`. |
 | namespace           | string          | Kubernetes namespace to use for this operation. |
-| prefix              | string          | Expect environment variables to be prefixed with the given string. For more details, see "Using the prefix setting" below. **Not currently implemented**; see [#19](https://github.com/pelotech/drone-helm3/issues/19). |
 | debug               | boolean         | Generate debug output within drone-helm3 and pass `--debug` to all helm commands. Use with care, since the debug output may include secrets. |
 
 ## Linting
@@ -30,9 +29,7 @@ Installations are triggered when the `helm_command` setting is "upgrade." They c
 | chart                  | string         | yes      | The chart to use for this installation. |
 | release                | string         | yes      | The release name for helm to use. |
 | api_server             | string         | yes      | API endpoint for the Kubernetes cluster. |
-| kubernetes_token       | string         | yes, unless using EKS | Token for authenticating to Kubernetes. |
+| kubernetes_token       | string         | yes      | Token for authenticating to Kubernetes. |
-| eks_cluster            | string         |          | AWS EKS cluster ID. |
-| eks_role_arn           | string         |          | AWS IAM role ARN for EKS authentication. |
 | service_account        | string         |          | Service account for authenticating to Kubernetes. Default is `helm`. |
 | kubernetes_certificate | string         |          | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. |
 | chart_version          | string         |          | Specific chart version to install. |
@@ -54,23 +51,23 @@ Uninstallations are triggered when the `helm_command` setting is "uninstall" or
 |------------------------|----------|----------|---------|
 | release                | string   | yes      | The release name for helm to use. |
 | api_server             | string   | yes      | API endpoint for the Kubernetes cluster. |
-| kubernetes_token       | string   | yes, unless using EKS | Token for authenticating to Kubernetes. |
+| kubernetes_token       | string   | yes      | Token for authenticating to Kubernetes. |
-| eks_cluster            | string   |          | AWS EKS cluster ID. |
-| eks_role_arn           | string   |          | AWS IAM role ARN for EKS authentication. |
 | service_account        | string   |          | Service account for authenticating to Kubernetes. Default is `helm`. |
 | kubernetes_certificate | string   |          | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. |
 | dry_run                | boolean  |          | Pass `--dry-run` to `helm uninstall`. |
 | timeout                | duration |          | Timeout for any *individual* Kubernetes operation. The uninstallation's full runtime may exceed this duration. |
 | skip_tls_verify        | boolean  |          | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. |
+| chart                  | string   |          | Required when the global `update_dependencies` parameter is true. No effect otherwise. |
 
 ### Where to put settings
 
-Any setting (with the exception of `prefix`; [see below](#user-content-using-the-prefix-setting)), can go in either the `settings` or `environment` section.
+Any setting can go in either the `settings` or `environment` section.
 
 ### Formatting non-string values
 
 * Booleans can be yaml's `true` and `false` literals or the strings `"true"` and `"false"`.
 * Durations are strings formatted with the syntax accepted by [golang's ParseDuration function](https://golang.org/pkg/time/#ParseDuration) (e.g. 5m30s)
+  * For backward-compatibility with drone-helm, a duration can also be an integer, in which case it will be interpreted to mean seconds.
 * List\<string\>s can be a yaml sequence or a comma-separated string.
 
 All of the following are equivalent:
@@ -89,45 +86,3 @@ Note that **list members must not contain commas**. Both of the following are eq
 values_files: [ "./over_9,000.yml" ]
 values_files: [ "./over_9", "000.yml" ]
 ```
-
-### Using the `prefix` setting
-
-Because the prefix setting is meta-configuration, it has some inherent edge-cases. Here is what it does in the cases we've thought of:
-
-Unlike the other settings, it must be declared in the `settings` block, not `environment`:
-
-```yaml
-settings:
-  prefix: helm # drone-helm3 will look for environment variables called HELM_VARNAME
-environment:
-  prefix: armet # no effect
-```
-
-It does not apply to configuration in the `settings` block, only in `environment`:
-
-```yaml
-settings:
-  prefix: helm
-  helm_timeout: 5m # no effect
-environment:
-  helm_timeout: 2m # timeout will be 2 minutes
-```
-
-If the environment contains a variable in non-prefixed form, it will still be applied:
-
-```yaml
-settings:
-  prefix: helm
-environment:
-  timeout: 2m # timeout will be 2 minutes
-```
-
-If the environment contains both the prefixed and non-prefixed forms, drone-helm3 will use the prefixed form:
-
-```yaml
-settings:
-  prefix: helm
-environment:
-  timeout: 5m # overridden
-  helm_timeout: 2m # timeout will be 2 minutes
-```

internal/helm/config.go

@@ -4,27 +4,32 @@ import (
 	"fmt"
 	"github.com/kelseyhightower/envconfig"
 	"io"
+	"os"
+	"regexp"
+	"strings"
+)
+
+var (
+	justNumbers    = regexp.MustCompile(`^\d+$`)
+	deprecatedVars = []string{"PURGE", "RECREATE_PODS", "TILLER_NS", "UPGRADE", "CANARY_IMAGE", "CLIENT_ONLY", "STABLE_REPO_URL"}
 )
 
 // The Config struct captures the `settings` and `environment` blocks in the application's drone
 // config. Configuration in drone's `settings` block arrives as uppercase env vars matching the
 // config key, prefixed with `PLUGIN_`. Config from the `environment` block is uppercased, but does
-// not have the `PLUGIN_` prefix. It may, however, be prefixed with the value in `$PLUGIN_PREFIX`.
+// not have the `PLUGIN_` prefix.
 type Config struct {
 	// Configuration for drone-helm itself
 	Command            string   `envconfig:"HELM_COMMAND"`           // Helm command to run
 	DroneEvent         string   `envconfig:"DRONE_BUILD_EVENT"`      // Drone event that invoked this plugin.
 	UpdateDependencies bool     `split_words:"true"`                 // Call `helm dependency update` before the main command
-	Repos              []string `envconfig:"HELM_REPOS"`             // Call `helm repo add` before the main command
+	AddRepos           []string `envconfig:"HELM_REPOS"`             // Call `helm repo add` before the main command
-	Prefix             string   ``                                   // Prefix to use when looking up secret env vars
 	Debug              bool     ``                                   // Generate debug output and pass --debug to all helm commands
 	Values             string   ``                                   // Argument to pass to --set in applicable helm commands
 	StringValues       string   `split_words:"true"`                 // Argument to pass to --set-string in applicable helm commands
 	ValuesFiles        []string `split_words:"true"`                 // Arguments to pass to --values in applicable helm commands
 	Namespace          string   ``                                   // Kubernetes namespace for all helm commands
 	KubeToken          string   `envconfig:"KUBERNETES_TOKEN"`       // Kubernetes authentication token to put in .kube/config
-	EKSCluster         string   `envconfig:"EKS_CLUSTER"`            // AWS EKS Cluster ID to put in .kube/config
-	EKSRoleARN         string   `envconfig:"EKS_ROLE_ARN"`           // AWS IAM role resource name to put in .kube/config
 	SkipTLSVerify      bool     `envconfig:"SKIP_TLS_VERIFY"`        // Put insecure-skip-tls-verify in .kube/config
 	Certificate        string   `envconfig:"KUBERNETES_CERTIFICATE"` // The Kubernetes cluster CA's self-signed certificate (must be base64-encoded)
 	APIServer          string   `envconfig:"API_SERVER"`             // The Kubernetes cluster's API endpoint
@@ -52,22 +57,20 @@ func NewConfig(stdout, stderr io.Writer) (*Config, error) {
 		return nil, err
 	}
 
-	prefix := cfg.Prefix
-
 	if err := envconfig.Process("", &cfg); err != nil {
 		return nil, err
 	}
 
-	if prefix != "" {
+	if justNumbers.MatchString(cfg.Timeout) {
-		if err := envconfig.Process(cfg.Prefix, &cfg); err != nil {
+		cfg.Timeout = fmt.Sprintf("%ss", cfg.Timeout)
-			return nil, err
-		}
 	}
 
 	if cfg.Debug && cfg.Stderr != nil {
 		cfg.logDebug()
 	}
 
+	cfg.deprecationWarn()
+
 	return &cfg, nil
 }
 
@@ -77,3 +80,13 @@ func (cfg Config) logDebug() {
 	}
 	fmt.Fprintf(cfg.Stderr, "Generated config: %+v\n", cfg)
 }
+
+func (cfg *Config) deprecationWarn() {
+	for _, varname := range deprecatedVars {
+		_, barePresent := os.LookupEnv(varname)
+		_, prefixedPresent := os.LookupEnv("PLUGIN_" + varname)
+		if barePresent || prefixedPresent {
+			fmt.Fprintf(cfg.Stderr, "Warning: ignoring deprecated '%s' setting\n", strings.ToLower(varname))
+		}
+	}
+}

internal/helm/config_test.go

@@ -1,6 +1,7 @@
 package helm
 
 import (
+	"fmt"
 	"github.com/stretchr/testify/suite"
 	"os"
 	"strings"
@@ -19,7 +20,6 @@ func TestConfigTestSuite(t *testing.T) {
 }
 
 func (suite *ConfigTestSuite) TestNewConfigWithPluginPrefix() {
-	suite.unsetenv("PLUGIN_PREFIX")
 	suite.unsetenv("HELM_COMMAND")
 	suite.unsetenv("UPDATE_DEPENDENCIES")
 	suite.unsetenv("DEBUG")
@@ -37,7 +37,6 @@ func (suite *ConfigTestSuite) TestNewConfigWithPluginPrefix() {
 }
 
 func (suite *ConfigTestSuite) TestNewConfigWithNoPrefix() {
-	suite.unsetenv("PLUGIN_PREFIX")
 	suite.unsetenv("PLUGIN_HELM_COMMAND")
 	suite.unsetenv("PLUGIN_UPDATE_DEPENDENCIES")
 	suite.unsetenv("PLUGIN_DEBUG")
@@ -54,56 +53,21 @@ func (suite *ConfigTestSuite) TestNewConfigWithNoPrefix() {
 	suite.True(cfg.Debug)
 }
 
-func (suite *ConfigTestSuite) TestNewConfigWithConfigurablePrefix() {
-	suite.unsetenv("API_SERVER")
-	suite.unsetenv("PLUGIN_API_SERVER")
-
-	suite.setenv("PLUGIN_PREFIX", "prix_fixe")
-	suite.setenv("PRIX_FIXE_API_SERVER", "your waiter this evening")
-
-	cfg, err := NewConfig(&strings.Builder{}, &strings.Builder{})
-	suite.Require().NoError(err)
-
-	suite.Equal("prix_fixe", cfg.Prefix)
-	suite.Equal("your waiter this evening", cfg.APIServer)
-}
-
-func (suite *ConfigTestSuite) TestPrefixSettingDoesNotAffectPluginPrefix() {
-	suite.setenv("PLUGIN_PREFIX", "IXFREP")
-	suite.setenv("PLUGIN_HELM_COMMAND", "wake me up")
-	suite.setenv("IXFREP_PLUGIN_HELM_COMMAND", "send me to sleep inside")
-
-	cfg, err := NewConfig(&strings.Builder{}, &strings.Builder{})
-	suite.Require().NoError(err)
-
-	suite.Equal("wake me up", cfg.Command)
-}
-
-func (suite *ConfigTestSuite) TestPrefixSettingMustHavePluginPrefix() {
-	suite.unsetenv("PLUGIN_PREFIX")
-	suite.setenv("PREFIX", "refpix")
-	suite.setenv("HELM_COMMAND", "gimme more")
-	suite.setenv("REFPIX_HELM_COMMAND", "gimme less")
-
-	cfg, err := NewConfig(&strings.Builder{}, &strings.Builder{})
-	suite.Require().NoError(err)
-
-	suite.Equal("gimme more", cfg.Command)
-}
-
 func (suite *ConfigTestSuite) TestNewConfigWithConflictingVariables() {
 	suite.setenv("PLUGIN_HELM_COMMAND", "execute order 66")
 	suite.setenv("HELM_COMMAND", "defend the jedi") // values from the `environment` block override those from `settings`
 
-	suite.setenv("PLUGIN_PREFIX", "prod")
-	suite.setenv("TIMEOUT", "5m0s")
-	suite.setenv("PROD_TIMEOUT", "2m30s") // values from prefixed env vars override those from non-prefixed ones
-
 	cfg, err := NewConfig(&strings.Builder{}, &strings.Builder{})
 	suite.Require().NoError(err)
 
 	suite.Equal("defend the jedi", cfg.Command)
-	suite.Equal("2m30s", cfg.Timeout)
+}
+
+func (suite *ConfigTestSuite) TestNewConfigInfersNumbersAreSeconds() {
+	suite.setenv("PLUGIN_TIMEOUT", "42")
+	cfg, err := NewConfig(&strings.Builder{}, &strings.Builder{})
+	suite.Require().NoError(err)
+	suite.Equal("42s", cfg.Timeout)
 }
 
 func (suite *ConfigTestSuite) TestNewConfigSetsWriters() {
@@ -116,6 +80,24 @@ func (suite *ConfigTestSuite) TestNewConfigSetsWriters() {
 	suite.Equal(stderr, cfg.Stderr)
 }
 
+func (suite *ConfigTestSuite) TestDeprecatedSettingWarnings() {
+	for _, varname := range deprecatedVars {
+		suite.setenv(varname, "deprecoat") // environment-block entries should cause warnings
+	}
+
+	suite.unsetenv("PURGE")
+	suite.setenv("PLUGIN_PURGE", "true") // settings-block entries should cause warnings
+	suite.setenv("UPGRADE", "")          // entries should cause warnings even when set to empty string
+
+	stderr := &strings.Builder{}
+	_, err := NewConfig(&strings.Builder{}, stderr)
+	suite.NoError(err)
+
+	for _, varname := range deprecatedVars {
+		suite.Contains(stderr.String(), fmt.Sprintf("Warning: ignoring deprecated '%s' setting\n", strings.ToLower(varname)))
+	}
+}
+
 func (suite *ConfigTestSuite) TestLogDebug() {
 	suite.setenv("DEBUG", "true")
 	suite.setenv("HELM_COMMAND", "upgrade")

internal/helm/plan.go

@@ -74,7 +74,7 @@ func determineSteps(cfg Config) *func(Config) []Step {
 		case "delete":
 			return &uninstall
 		default:
-			panic("not implemented")
+			return &help
 		}
 	}
 }
@@ -96,7 +96,10 @@ func (p *Plan) Execute() error {
 
 var upgrade = func(cfg Config) []Step {
 	steps := initKube(cfg)
-
+	steps = append(steps, addRepos(cfg)...)
+	if cfg.UpdateDependencies {
+		steps = append(steps, depUpdate(cfg)...)
+	}
 	steps = append(steps, &run.Upgrade{
 		Chart:        cfg.Chart,
 		Release:      cfg.Release,
@@ -113,6 +116,9 @@ var upgrade = func(cfg Config) []Step {
 
 var uninstall = func(cfg Config) []Step {
 	steps := initKube(cfg)
+	if cfg.UpdateDependencies {
+		steps = append(steps, depUpdate(cfg)...)
+	}
 	steps = append(steps, &run.Uninstall{
 		Release: cfg.Release,
 		DryRun:  cfg.DryRun,
@@ -122,15 +128,21 @@ var uninstall = func(cfg Config) []Step {
 }
 
 var lint = func(cfg Config) []Step {
-	lint := &run.Lint{
+	steps := addRepos(cfg)
-		Chart: cfg.Chart,
+	if cfg.UpdateDependencies {
+		steps = append(steps, depUpdate(cfg)...)
 	}
+	steps = append(steps, &run.Lint{
+		Chart: cfg.Chart,
+	})
 
-	return []Step{lint}
+	return steps
 }
 
 var help = func(cfg Config) []Step {
-	help := &run.Help{}
+	help := &run.Help{
+		HelmCommand: cfg.Command,
+	}
 	return []Step{help}
 }
 
@@ -142,10 +154,27 @@ func initKube(cfg Config) []Step {
 			APIServer:      cfg.APIServer,
 			ServiceAccount: cfg.ServiceAccount,
 			Token:          cfg.KubeToken,
-			EKSCluster:     cfg.EKSCluster,
-			EKSRoleARN:     cfg.EKSRoleARN,
 			TemplateFile:   kubeConfigTemplate,
 			ConfigFile:     kubeConfigFile,
 		},
 	}
 }
+
+func addRepos(cfg Config) []Step {
+	steps := make([]Step, 0)
+	for _, repo := range cfg.AddRepos {
+		steps = append(steps, &run.AddRepo{
+			Repo: repo,
+		})
+	}
+
+	return steps
+}
+
+func depUpdate(cfg Config) []Step {
+	return []Step{
+		&run.DepUpdate{
+			Chart: cfg.Chart,
+		},
+	}
+}

internal/helm/plan_test.go

@@ -167,7 +167,28 @@ func (suite *PlanTestSuite) TestUpgrade() {
 	suite.Equal(expected, upgrade)
 }
 
-func (suite *PlanTestSuite) TestDel() {
+func (suite *PlanTestSuite) TestUpgradeWithUpdateDependencies() {
+	cfg := Config{
+		UpdateDependencies: true,
+	}
+	steps := upgrade(cfg)
+	suite.Require().Equal(3, len(steps), "upgrade should have a third step when DepUpdate is true")
+	suite.IsType(&run.InitKube{}, steps[0])
+	suite.IsType(&run.DepUpdate{}, steps[1])
+}
+
+func (suite *PlanTestSuite) TestUpgradeWithAddRepos() {
+	cfg := Config{
+		AddRepos: []string{
+			"machine=https://github.com/harold_finch/themachine",
+		},
+	}
+	steps := upgrade(cfg)
+	suite.Require().True(len(steps) > 1, "upgrade should generate at least two steps")
+	suite.IsType(&run.AddRepo{}, steps[1])
+}
+
+func (suite *PlanTestSuite) TestUninstall() {
 	cfg := Config{
 		KubeToken:      "b2YgbXkgYWZmZWN0aW9u",
 		SkipTLSVerify:  true,
@@ -205,6 +226,16 @@ func (suite *PlanTestSuite) TestDel() {
 	suite.Equal(expected, actual)
 }
 
+func (suite *PlanTestSuite) TestUninstallWithUpdateDependencies() {
+	cfg := Config{
+		UpdateDependencies: true,
+	}
+	steps := uninstall(cfg)
+	suite.Require().Equal(3, len(steps), "uninstall should have a third step when DepUpdate is true")
+	suite.IsType(&run.InitKube{}, steps[0])
+	suite.IsType(&run.DepUpdate{}, steps[1])
+}
+
 func (suite *PlanTestSuite) TestInitKube() {
 	cfg := Config{
 		KubeToken:      "cXVlZXIgY2hhcmFjdGVyCg==",
@@ -212,8 +243,6 @@ func (suite *PlanTestSuite) TestInitKube() {
 		Certificate:    "b2Ygd29rZW5lc3MK",
 		APIServer:      "123.456.78.9",
 		ServiceAccount: "helmet",
-		EKSCluster:     "eks_reader",
-		EKSRoleARN:     "arn:aws:iam::9631085:role/eksSpangleRole",
 	}
 
 	steps := initKube(cfg)
@@ -227,14 +256,47 @@ func (suite *PlanTestSuite) TestInitKube() {
 		APIServer:      "123.456.78.9",
 		ServiceAccount: "helmet",
 		Token:          "cXVlZXIgY2hhcmFjdGVyCg==",
-		EKSCluster:     "eks_reader",
-		EKSRoleARN:     "arn:aws:iam::9631085:role/eksSpangleRole",
 		TemplateFile:   kubeConfigTemplate,
 		ConfigFile:     kubeConfigFile,
 	}
 	suite.Equal(expected, init)
 }
 
+func (suite *PlanTestSuite) TestDepUpdate() {
+	cfg := Config{
+		UpdateDependencies: true,
+		Chart:              "scatterplot",
+	}
+
+	steps := depUpdate(cfg)
+	suite.Require().Equal(1, len(steps), "depUpdate should return one step")
+	suite.Require().IsType(&run.DepUpdate{}, steps[0])
+	update, _ := steps[0].(*run.DepUpdate)
+
+	expected := &run.DepUpdate{
+		Chart: "scatterplot",
+	}
+	suite.Equal(expected, update)
+}
+
+func (suite *PlanTestSuite) TestAddRepos() {
+	cfg := Config{
+		AddRepos: []string{
+			"first=https://add.repos/one",
+			"second=https://add.repos/two",
+		},
+	}
+	steps := addRepos(cfg)
+	suite.Require().Equal(2, len(steps), "addRepos should add one step per repo")
+	suite.Require().IsType(&run.AddRepo{}, steps[0])
+	suite.Require().IsType(&run.AddRepo{}, steps[1])
+	first := steps[0].(*run.AddRepo)
+	second := steps[1].(*run.AddRepo)
+
+	suite.Equal(first.Repo, "first=https://add.repos/one")
+	suite.Equal(second.Repo, "second=https://add.repos/two")
+}
+
 func (suite *PlanTestSuite) TestLint() {
 	cfg := Config{
 		Chart: "./flow",
@@ -249,6 +311,24 @@ func (suite *PlanTestSuite) TestLint() {
 	suite.Equal(want, steps[0])
 }
 
+func (suite *PlanTestSuite) TestLintWithUpdateDependencies() {
+	cfg := Config{
+		UpdateDependencies: true,
+	}
+	steps := lint(cfg)
+	suite.Require().Equal(2, len(steps), "lint should have a second step when DepUpdate is true")
+	suite.IsType(&run.DepUpdate{}, steps[0])
+}
+
+func (suite *PlanTestSuite) TestLintWithAddRepos() {
+	cfg := Config{
+		AddRepos: []string{"friendczar=https://github.com/logan_pierce/friendczar"},
+	}
+	steps := lint(cfg)
+	suite.Require().True(len(steps) > 0, "lint should return at least one step")
+	suite.IsType(&run.AddRepo{}, steps[0])
+}
+
 func (suite *PlanTestSuite) TestDeterminePlanUpgradeCommand() {
 	cfg := Config{
 		Command: "upgrade",

internal/run/addrepo.go

@@ -0,0 +1,52 @@
+package run
+
+import (
+	"fmt"
+	"strings"
+)
+
+// AddRepo is an execution step that calls `helm repo add` when executed.
+type AddRepo struct {
+	Repo string
+	cmd  cmd
+}
+
+// Execute executes the `helm repo add` command.
+func (a *AddRepo) Execute(_ Config) error {
+	return a.cmd.Run()
+}
+
+// Prepare gets the AddRepo ready to execute.
+func (a *AddRepo) Prepare(cfg Config) error {
+	if a.Repo == "" {
+		return fmt.Errorf("repo is required")
+	}
+	split := strings.SplitN(a.Repo, "=", 2)
+	if len(split) != 2 {
+		return fmt.Errorf("bad repo spec '%s'", a.Repo)
+	}
+
+	name := split[0]
+	url := split[1]
+
+	args := make([]string, 0)
+
+	if cfg.Namespace != "" {
+		args = append(args, "--namespace", cfg.Namespace)
+	}
+	if cfg.Debug {
+		args = append(args, "--debug")
+	}
+
+	args = append(args, "repo", "add", name, url)
+
+	a.cmd = command(helmBin, args...)
+	a.cmd.Stdout(cfg.Stdout)
+	a.cmd.Stderr(cfg.Stderr)
+
+	if cfg.Debug {
+		fmt.Fprintf(cfg.Stderr, "Generated command: '%s'\n", a.cmd.String())
+	}
+
+	return nil
+}

internal/run/addrepo_test.go

@@ -0,0 +1,141 @@
+package run
+
+import (
+	"fmt"
+	"github.com/golang/mock/gomock"
+	"github.com/stretchr/testify/suite"
+	"strings"
+	"testing"
+)
+
+type AddRepoTestSuite struct {
+	suite.Suite
+	ctrl            *gomock.Controller
+	mockCmd         *Mockcmd
+	originalCommand func(string, ...string) cmd
+	commandPath     string
+	commandArgs     []string
+}
+
+func (suite *AddRepoTestSuite) BeforeTest(_, _ string) {
+	suite.ctrl = gomock.NewController(suite.T())
+	suite.mockCmd = NewMockcmd(suite.ctrl)
+
+	suite.originalCommand = command
+	command = func(path string, args ...string) cmd {
+		suite.commandPath = path
+		suite.commandArgs = args
+		return suite.mockCmd
+	}
+}
+
+func (suite *AddRepoTestSuite) AfterTest(_, _ string) {
+	suite.ctrl.Finish()
+	command = suite.originalCommand
+}
+
+func TestAddRepoTestSuite(t *testing.T) {
+	suite.Run(t, new(AddRepoTestSuite))
+}
+
+func (suite *AddRepoTestSuite) TestPrepareAndExecute() {
+	stdout := strings.Builder{}
+	stderr := strings.Builder{}
+	cfg := Config{
+		Stdout: &stdout,
+		Stderr: &stderr,
+	}
+	a := AddRepo{
+		Repo: "edeath=https://github.com/n_marks/e-death",
+	}
+
+	suite.mockCmd.EXPECT().
+		Stdout(&stdout).
+		Times(1)
+	suite.mockCmd.EXPECT().
+		Stderr(&stderr).
+		Times(1)
+
+	suite.Require().NoError(a.Prepare(cfg))
+	suite.Equal(helmBin, suite.commandPath)
+	suite.Equal([]string{"repo", "add", "edeath", "https://github.com/n_marks/e-death"}, suite.commandArgs)
+
+	suite.mockCmd.EXPECT().
+		Run().
+		Times(1)
+
+	suite.Require().NoError(a.Execute(cfg))
+
+}
+
+func (suite *AddRepoTestSuite) TestPrepareRepoIsRequired() {
+	// These aren't really expected, but allowing them gives clearer test-failure messages
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+	cfg := Config{}
+	a := AddRepo{}
+
+	err := a.Prepare(cfg)
+	suite.EqualError(err, "repo is required")
+}
+
+func (suite *AddRepoTestSuite) TestPrepareMalformedRepo() {
+	a := AddRepo{
+		Repo: "dwim",
+	}
+	err := a.Prepare(Config{})
+	suite.EqualError(err, "bad repo spec 'dwim'")
+}
+
+func (suite *AddRepoTestSuite) TestPrepareWithEqualSignInURL() {
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+	a := AddRepo{
+		Repo: "samaritan=https://github.com/arthur_claypool/samaritan?version=2.1",
+	}
+	suite.NoError(a.Prepare(Config{}))
+	suite.Contains(suite.commandArgs, "https://github.com/arthur_claypool/samaritan?version=2.1")
+}
+
+func (suite *AddRepoTestSuite) TestNamespaceFlag() {
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+	cfg := Config{
+		Namespace: "alliteration",
+	}
+	a := AddRepo{
+		Repo: "edeath=https://github.com/theater_guy/e-death",
+	}
+
+	suite.NoError(a.Prepare(cfg))
+	suite.Equal(suite.commandPath, helmBin)
+	suite.Equal(suite.commandArgs, []string{"--namespace", "alliteration",
+		"repo", "add", "edeath", "https://github.com/theater_guy/e-death"})
+}
+
+func (suite *AddRepoTestSuite) TestDebugFlag() {
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+
+	stderr := strings.Builder{}
+
+	command = func(path string, args ...string) cmd {
+		suite.mockCmd.EXPECT().
+			String().
+			Return(fmt.Sprintf("%s %s", path, strings.Join(args, " ")))
+
+		return suite.mockCmd
+	}
+
+	cfg := Config{
+		Debug:  true,
+		Stderr: &stderr,
+	}
+	a := AddRepo{
+		Repo: "edeath=https://github.com/the_bug/e-death",
+	}
+
+	suite.Require().NoError(a.Prepare(cfg))
+	suite.Equal(fmt.Sprintf("Generated command: '%s --debug "+
+		"repo add edeath https://github.com/the_bug/e-death'\n", helmBin), stderr.String())
+}

internal/run/depupdate.go

@@ -0,0 +1,44 @@
+package run
+
+import (
+	"fmt"
+)
+
+// DepUpdate is an execution step that calls `helm dependency update` when executed.
+type DepUpdate struct {
+	Chart string
+	cmd   cmd
+}
+
+// Execute executes the `helm upgrade` command.
+func (d *DepUpdate) Execute(_ Config) error {
+	return d.cmd.Run()
+}
+
+// Prepare gets the DepUpdate ready to execute.
+func (d *DepUpdate) Prepare(cfg Config) error {
+	if d.Chart == "" {
+		return fmt.Errorf("chart is required")
+	}
+
+	args := make([]string, 0)
+
+	if cfg.Namespace != "" {
+		args = append(args, "--namespace", cfg.Namespace)
+	}
+	if cfg.Debug {
+		args = append(args, "--debug")
+	}
+
+	args = append(args, "dependency", "update", d.Chart)
+
+	d.cmd = command(helmBin, args...)
+	d.cmd.Stdout(cfg.Stdout)
+	d.cmd.Stderr(cfg.Stderr)
+
+	if cfg.Debug {
+		fmt.Fprintf(cfg.Stderr, "Generated command: '%s'\n", d.cmd.String())
+	}
+
+	return nil
+}

internal/run/depupdate_test.go

@@ -0,0 +1,128 @@
+package run
+
+import (
+	"fmt"
+	"github.com/golang/mock/gomock"
+	"github.com/stretchr/testify/suite"
+	"strings"
+	"testing"
+)
+
+type DepUpdateTestSuite struct {
+	suite.Suite
+	ctrl            *gomock.Controller
+	mockCmd         *Mockcmd
+	originalCommand func(string, ...string) cmd
+}
+
+func (suite *DepUpdateTestSuite) BeforeTest(_, _ string) {
+	suite.ctrl = gomock.NewController(suite.T())
+	suite.mockCmd = NewMockcmd(suite.ctrl)
+
+	suite.originalCommand = command
+	command = func(path string, args ...string) cmd { return suite.mockCmd }
+}
+
+func (suite *DepUpdateTestSuite) AfterTest(_, _ string) {
+	command = suite.originalCommand
+}
+
+func TestDepUpdateTestSuite(t *testing.T) {
+	suite.Run(t, new(DepUpdateTestSuite))
+}
+
+func (suite *DepUpdateTestSuite) TestPrepareAndExecute() {
+	defer suite.ctrl.Finish()
+
+	stdout := strings.Builder{}
+	stderr := strings.Builder{}
+	cfg := Config{
+		Stdout: &stdout,
+		Stderr: &stderr,
+	}
+
+	command = func(path string, args ...string) cmd {
+		suite.Equal(helmBin, path)
+		suite.Equal([]string{"dependency", "update", "your_top_songs_2019"}, args)
+
+		return suite.mockCmd
+	}
+	suite.mockCmd.EXPECT().
+		Stdout(&stdout)
+	suite.mockCmd.EXPECT().
+		Stderr(&stderr)
+	suite.mockCmd.EXPECT().
+		Run().
+		Times(1)
+
+	d := DepUpdate{
+		Chart: "your_top_songs_2019",
+	}
+
+	suite.Require().NoError(d.Prepare(cfg))
+	suite.NoError(d.Execute(cfg))
+}
+
+func (suite *DepUpdateTestSuite) TestPrepareNamespaceFlag() {
+	defer suite.ctrl.Finish()
+
+	cfg := Config{
+		Namespace: "spotify",
+	}
+
+	command = func(path string, args ...string) cmd {
+		suite.Equal([]string{"--namespace", "spotify", "dependency", "update", "your_top_songs_2019"}, args)
+
+		return suite.mockCmd
+	}
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+
+	d := DepUpdate{
+		Chart: "your_top_songs_2019",
+	}
+
+	suite.Require().NoError(d.Prepare(cfg))
+}
+
+func (suite *DepUpdateTestSuite) TestPrepareDebugFlag() {
+	defer suite.ctrl.Finish()
+
+	stdout := strings.Builder{}
+	stderr := strings.Builder{}
+	cfg := Config{
+		Debug:  true,
+		Stdout: &stdout,
+		Stderr: &stderr,
+	}
+
+	command = func(path string, args ...string) cmd {
+		suite.mockCmd.EXPECT().
+			String().
+			Return(fmt.Sprintf("%s %s", path, strings.Join(args, " ")))
+
+		return suite.mockCmd
+	}
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+
+	d := DepUpdate{
+		Chart: "your_top_songs_2019",
+	}
+
+	suite.Require().NoError(d.Prepare(cfg))
+
+	want := fmt.Sprintf("Generated command: '%s --debug dependency update your_top_songs_2019'\n", helmBin)
+	suite.Equal(want, stderr.String())
+	suite.Equal("", stdout.String())
+}
+
+func (suite *DepUpdateTestSuite) TestPrepareChartRequired() {
+	d := DepUpdate{}
+
+	suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
+	suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
+
+	err := d.Prepare(Config{})
+	suite.EqualError(err, "chart is required")
+}

internal/run/help.go

@@ -6,12 +6,20 @@ import (
 
 // Help is a step in a helm Plan that calls `helm help`.
 type Help struct {
-	cmd cmd
+	HelmCommand string
+	cmd         cmd
 }
 
 // Execute executes the `helm help` command.
-func (h *Help) Execute(_ Config) error {
+func (h *Help) Execute(cfg Config) error {
-	return h.cmd.Run()
+	if err := h.cmd.Run(); err != nil {
+		return fmt.Errorf("while running '%s': %w", h.cmd.String(), err)
+	}
+
+	if h.HelmCommand == "help" {
+		return nil
+	}
+	return fmt.Errorf("unknown command '%s'", h.HelmCommand)
 }
 
 // Prepare gets the Help ready to execute.

internal/run/help_test.go

@@ -38,9 +38,6 @@ func (suite *HelpTestSuite) TestPrepare() {
 		Stdout(&stdout)
 	mCmd.EXPECT().
 		Stderr(&stderr)
-	mCmd.EXPECT().
-		Run().
-		Times(1)
 
 	cfg := Config{
 		Stdout: &stdout,
@@ -49,8 +46,32 @@ func (suite *HelpTestSuite) TestPrepare() {
 
 	h := Help{}
 	err := h.Prepare(cfg)
-	suite.Require().Nil(err)
+	suite.NoError(err)
-	h.Execute(cfg)
+}
+
+func (suite *HelpTestSuite) TestExecute() {
+	ctrl := gomock.NewController(suite.T())
+	defer ctrl.Finish()
+	mCmd := NewMockcmd(ctrl)
+	originalCommand := command
+	command = func(_ string, _ ...string) cmd {
+		return mCmd
+	}
+	defer func() { command = originalCommand }()
+
+	mCmd.EXPECT().
+		Run().
+		Times(2)
+
+	cfg := Config{}
+	help := Help{
+		HelmCommand: "help",
+		cmd:         mCmd,
+	}
+	suite.NoError(help.Execute(cfg))
+
+	help.HelmCommand = "get down on friday"
+	suite.EqualError(help.Execute(cfg), "unknown command 'get down on friday'")
 }
 
 func (suite *HelpTestSuite) TestPrepareDebugFlag() {

internal/run/initkube.go

@@ -15,8 +15,6 @@ type InitKube struct {
 	APIServer      string
 	ServiceAccount string
 	Token          string
-	EKSCluster     string
-	EKSRoleARN     string
 	TemplateFile   string
 	ConfigFile     string
 
@@ -32,8 +30,6 @@ type kubeValues struct {
 	Namespace      string
 	ServiceAccount string
 	Token          string
-	EKSCluster     string
-	EKSRoleARN     string
 }
 
 // Execute generates a kubernetes config file from drone-helm3's template.
@@ -52,12 +48,9 @@ func (i *InitKube) Prepare(cfg Config) error {
 	if i.APIServer == "" {
 		return errors.New("an API Server is needed to deploy")
 	}
-	if i.Token == "" && i.EKSCluster == "" {
+	if i.Token == "" {
 		return errors.New("token is needed to deploy")
 	}
-	if i.Token != "" && i.EKSCluster != "" {
-		return errors.New("token cannot be used simultaneously with eksCluster")
-	}
 
 	if i.ServiceAccount == "" {
 		i.ServiceAccount = "helm"
@@ -77,8 +70,6 @@ func (i *InitKube) Prepare(cfg Config) error {
 		APIServer:      i.APIServer,
 		ServiceAccount: i.ServiceAccount,
 		Token:          i.Token,
-		EKSCluster:     i.EKSCluster,
-		EKSRoleARN:     i.EKSRoleARN,
 		Namespace:      cfg.Namespace,
 	}
 

internal/run/initkube_test.go

@@ -2,6 +2,7 @@ package run
 
 import (
 	"github.com/stretchr/testify/suite"
+	yaml "gopkg.in/yaml.v2"
 	"io/ioutil"
 	"os"
 	"testing"
@@ -57,6 +58,59 @@ namespace: Cisco
 	suite.Equal(want, string(conf))
 }
 
+func (suite *InitKubeTestSuite) TestExecuteGeneratesConfig() {
+	configFile, err := tempfile("kubeconfig********.yml", "")
+	defer os.Remove(configFile.Name())
+	suite.Require().NoError(err)
+
+	cfg := Config{
+		Namespace: "marshmallow",
+	}
+	init := InitKube{
+		ConfigFile:     configFile.Name(),
+		TemplateFile:   "../../assets/kubeconfig.tpl", // the actual kubeconfig template
+		APIServer:      "https://kube.cluster/peanut",
+		ServiceAccount: "chef",
+		Token:          "eWVhaCB3ZSB0b2tpbic=",
+		Certificate:    "d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE",
+	}
+	suite.Require().NoError(init.Prepare(cfg))
+	suite.Require().NoError(init.Execute(cfg))
+
+	contents, err := ioutil.ReadFile(configFile.Name())
+	suite.Require().NoError(err)
+
+	// each setting should be reflected in the generated file
+	expectations := []string{
+		"namespace: marshmallow",
+		"server: https://kube.cluster/peanut",
+		"user: chef",
+		"name: chef",
+		"token: eWVhaCB3ZSB0b2tpbic",
+		"certificate-authority-data: d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE",
+	}
+	for _, expected := range expectations {
+		suite.Contains(string(contents), expected)
+	}
+
+	// the generated config should be valid yaml, with no repeated keys
+	conf := map[string]interface{}{}
+	suite.NoError(yaml.UnmarshalStrict(contents, &conf))
+
+	// test the other branch of the certificate/SkipTLSVerify conditional
+	init.SkipTLSVerify = true
+	init.Certificate = ""
+
+	suite.Require().NoError(init.Prepare(cfg))
+	suite.Require().NoError(init.Execute(cfg))
+	contents, err = ioutil.ReadFile(configFile.Name())
+	suite.Require().NoError(err)
+	suite.Contains(string(contents), "insecure-skip-tls-verify: true")
+
+	conf = map[string]interface{}{}
+	suite.NoError(yaml.UnmarshalStrict(contents, &conf))
+}
+
 func (suite *InitKubeTestSuite) TestPrepareParseError() {
 	templateFile, err := tempfile("kubeconfig********.yml.tpl", `{{ NonexistentFunction }}`)
 	defer os.Remove(templateFile.Name())
@@ -133,33 +187,6 @@ func (suite *InitKubeTestSuite) TestPrepareRequiredConfig() {
 	suite.Error(init.Prepare(cfg), "Token should be required.")
 }
 
-func (suite *InitKubeTestSuite) TestPrepareEKSConfig() {
-	templateFile, err := tempfile("kubeconfig********.yml.tpl", "hurgity burgity")
-	defer os.Remove(templateFile.Name())
-	suite.Require().Nil(err)
-
-	configFile, err := tempfile("kubeconfig********.yml", "")
-	defer os.Remove(configFile.Name())
-	suite.Require().Nil(err)
-
-	init := InitKube{
-		TemplateFile: templateFile.Name(),
-		ConfigFile:   configFile.Name(),
-		APIServer:    "eks.aws.amazonaws.com",
-		EKSCluster:   "it-is-an-eks-parrot",
-		EKSRoleARN:   "arn:aws:iam::19691207:role/mrPraline",
-	}
-
-	cfg := Config{}
-
-	suite.NoError(init.Prepare(cfg))
-	suite.Equal(init.values.EKSCluster, "it-is-an-eks-parrot")
-	suite.Equal(init.values.EKSRoleARN, "arn:aws:iam::19691207:role/mrPraline")
-
-	init.Token = "cGluaW5nIGZvciB0aGUgZmrDtnJkcw=="
-	suite.EqualError(init.Prepare(cfg), "token cannot be used simultaneously with eksCluster")
-}
-
 func (suite *InitKubeTestSuite) TestPrepareDefaultsServiceAccount() {
 	templateFile, err := tempfile("kubeconfig********.yml.tpl", "hurgity burgity")
 	defer os.Remove(templateFile.Name())

internal/run/kubeconfig_test.go

@@ -1,109 +0,0 @@
-package run
-
-import (
-	"github.com/stretchr/testify/suite"
-	yaml "gopkg.in/yaml.v2"
-	"io/ioutil"
-	"os"
-	"testing"
-)
-
-type KubeconfigTestSuite struct {
-	suite.Suite
-	configFile *os.File
-	initKube   InitKube
-}
-
-func (suite *KubeconfigTestSuite) BeforeTest(_, _ string) {
-	file, err := ioutil.TempFile("", "kubeconfig********.yml")
-	suite.Require().NoError(err)
-	file.Close()
-	suite.configFile = file
-
-	// set up an InitKube with the bare minimum configuration
-	suite.initKube = InitKube{
-		ConfigFile:   file.Name(),
-		TemplateFile: "../../assets/kubeconfig.tpl", // the actual kubeconfig template
-		APIServer:    "a",
-		Token:        "b",
-	}
-}
-
-func (suite *KubeconfigTestSuite) AfterTest(_, _ string) {
-	if suite.configFile != nil {
-		os.Remove(suite.configFile.Name())
-	}
-}
-
-func TestKubeconfigTestSuite(t *testing.T) {
-	suite.Run(t, new(KubeconfigTestSuite))
-}
-
-func (suite *KubeconfigTestSuite) TestSetsNamespace() {
-	cfg := Config{
-		Namespace: "marshmallow",
-	}
-	contents := suite.generateKubeconfig(cfg)
-	suite.Contains(contents, "namespace: marshmallow")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsAPIServer() {
-	suite.initKube.APIServer = "https://kube.cluster/peanut"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "server: https://kube.cluster/peanut")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsServiceAccount() {
-	suite.initKube.ServiceAccount = "chef"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "user: chef")
-	suite.Contains(contents, "name: chef")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsToken() {
-	suite.initKube.Token = "eWVhaCB3ZSB0b2tpbic"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "token: eWVhaCB3ZSB0b2tpbic")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsCertificate() {
-	suite.initKube.Certificate = "d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "certificate-authority-data: d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsSkipTLSVerify() {
-	suite.initKube.SkipTLSVerify = true
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "insecure-skip-tls-verify: true")
-}
-
-func (suite *KubeconfigTestSuite) TestSetsEKSCluster() {
-	suite.initKube.Token = ""
-	suite.initKube.EKSCluster = "it-is-an-eks-parrot"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, "command: aws-iam-authenticator")
-	suite.Contains(contents, `- "it-is-an-eks-parrot"`)
-}
-
-func (suite *KubeconfigTestSuite) TestSetsEKSRoleARN() {
-	suite.initKube.Token = ""
-	suite.initKube.EKSCluster = "it-is-an-eks-parrot"
-	suite.initKube.EKSRoleARN = "arn:aws:iam::19691207:role/mrPraline"
-	contents := suite.generateKubeconfig(Config{})
-	suite.Contains(contents, `- "-r"`)
-	suite.Contains(contents, `- "arn:aws:iam::19691207:role/mrPraline"`)
-}
-
-func (suite *KubeconfigTestSuite) generateKubeconfig(cfg Config) string {
-	suite.Require().NoError(suite.initKube.Prepare(cfg))
-	suite.Require().NoError(suite.initKube.Execute(cfg))
-
-	contents, err := ioutil.ReadFile(suite.configFile.Name())
-	suite.Require().NoError(err)
-
-	conf := map[string]interface{}{}
-	suite.NoError(yaml.UnmarshalStrict(contents, &conf))
-
-	return string(contents)
-}