Implements --repo flag to commands fetch, install, inspect, upgrade

d13b134f · Sushil Kumar · 0c91d412 · d13b134f · d13b134f · d13b134f
Commit d13b134f authored Apr 19, 2017 by Sushil Kumar
18 changed files
--- a/cmd/helm/fetch.go
+++ b/cmd/helm/fetch.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/helm/pkg/chartutil"
 	"k8s.io/helm/pkg/downloader"
 	"k8s.io/helm/pkg/getter"
+	"k8s.io/helm/pkg/repo"
 )

 const fetchDesc = `
@@ -50,11 +51,16 @@ type fetchCmd struct {
 	chartRef string
 	destdir  string
 	version  string
+	repoURL  string

 	verify      bool
 	verifyLater bool
 	keyring     string

+	certFile string
+	keyFile  string
+	caFile   string
+
 	out io.Writer
 }

@@ -87,6 +93,10 @@ func newFetchCmd(out io.Writer) *cobra.Command {
 	f.StringVar(&fch.version, "version", "", "specific version of a chart. Without this, the latest version is fetched")
 	f.StringVar(&fch.keyring, "keyring", defaultKeyring(), "keyring containing public keys")
 	f.StringVarP(&fch.destdir, "destination", "d", ".", "location to write the chart. If this and tardir are specified, tardir is appended to this")
+	f.StringVar(&fch.repoURL, "repo", "", "chart repository url where to locate the requested chart")
+	f.StringVar(&fch.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file")
+	f.StringVar(&fch.keyFile, "key-file", "", "identify HTTPS client using this SSL key file")
+	f.StringVar(&fch.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle")

 	return cmd
 }
@@ -118,6 +128,14 @@ func (f *fetchCmd) run() error {
 		defer os.RemoveAll(dest)
 	}

+	if f.repoURL != "" {
+		chartURL, err := repo.FindChartInRepoURL(f.repoURL, f.chartRef, f.version, f.certFile, f.keyFile, f.caFile, getter.All(settings))
+		if err != nil {
+			return err
+		}
+		f.chartRef = chartURL
+	}
+
 	saved, v, err := c.DownloadTo(f.chartRef, f.version, dest)
 	if err != nil {
 		return err

--- a/cmd/helm/inspect.go
+++ b/cmd/helm/inspect.go
@@ -50,6 +50,11 @@ type inspectCmd struct {
 	keyring   string
 	out       io.Writer
 	version   string
+	repoURL   string
+
+	certFile string
+	keyFile  string
+	caFile   string
 }

 const (
@@ -72,7 +77,8 @@ func newInspectCmd(out io.Writer) *cobra.Command {
 			if err := checkArgsLength(len(args), "chart name"); err != nil {
 				return err
 			}
-			cp, err := locateChartPath(args[0], insp.version, insp.verify, insp.keyring)
+			cp, err := locateChartPath(insp.repoURL, args[0], insp.version, insp.verify, insp.keyring,
+				insp.certFile, insp.keyFile, insp.caFile)
 			if err != nil {
 				return err
 			}
@@ -90,7 +96,8 @@ func newInspectCmd(out io.Writer) *cobra.Command {
 			if err := checkArgsLength(len(args), "chart name"); err != nil {
 				return err
 			}
-			cp, err := locateChartPath(args[0], insp.version, insp.verify, insp.keyring)
+			cp, err := locateChartPath(insp.repoURL, args[0], insp.version, insp.verify, insp.keyring,
+				insp.certFile, insp.keyFile, insp.caFile)
 			if err != nil {
 				return err
 			}
@@ -108,7 +115,8 @@ func newInspectCmd(out io.Writer) *cobra.Command {
 			if err := checkArgsLength(len(args), "chart name"); err != nil {
 				return err
 			}
-			cp, err := locateChartPath(args[0], insp.version, insp.verify, insp.keyring)
+			cp, err := locateChartPath(insp.repoURL, args[0], insp.version, insp.verify, insp.keyring,
+				insp.certFile, insp.keyFile, insp.caFile)
 			if err != nil {
 				return err
 			}
@@ -136,6 +144,30 @@ func newInspectCmd(out io.Writer) *cobra.Command {
 	valuesSubCmd.Flags().StringVar(&insp.version, verflag, "", verdesc)
 	chartSubCmd.Flags().StringVar(&insp.version, verflag, "", verdesc)

+	repoURL := "repo"
+	repoURLdesc := "chart repository url where to locate the requested chart"
+	inspectCommand.Flags().StringVar(&insp.repoURL, repoURL, "", repoURLdesc)
+	valuesSubCmd.Flags().StringVar(&insp.repoURL, repoURL, "", repoURLdesc)
+	chartSubCmd.Flags().StringVar(&insp.repoURL, repoURL, "", repoURLdesc)
+
+	certFile := "cert-file"
+	certFiledesc := "verify certificates of HTTPS-enabled servers using this CA bundle"
+	inspectCommand.Flags().StringVar(&insp.certFile, certFile, "", certFiledesc)
+	valuesSubCmd.Flags().StringVar(&insp.certFile, certFile, "", certFiledesc)
+	chartSubCmd.Flags().StringVar(&insp.certFile, certFile, "", certFiledesc)
+
+	keyFile := "key-file"
+	keyFiledesc := "identify HTTPS client using this SSL key file"
+	inspectCommand.Flags().StringVar(&insp.keyFile, keyFile, "", keyFiledesc)
+	valuesSubCmd.Flags().StringVar(&insp.keyFile, keyFile, "", keyFiledesc)
+	chartSubCmd.Flags().StringVar(&insp.keyFile, keyFile, "", keyFiledesc)
+
+	caFile := "ca-file"
+	caFiledesc := "chart repository url where to locate the requested chart"
+	inspectCommand.Flags().StringVar(&insp.caFile, caFile, "", caFiledesc)
+	valuesSubCmd.Flags().StringVar(&insp.caFile, caFile, "", caFiledesc)
+	chartSubCmd.Flags().StringVar(&insp.caFile, caFile, "", caFiledesc)
+
 	inspectCommand.AddCommand(valuesSubCmd)
 	inspectCommand.AddCommand(chartSubCmd)


--- a/cmd/helm/install.go
+++ b/cmd/helm/install.go
@@ -39,6 +39,7 @@ import (
 	"k8s.io/helm/pkg/kube"
 	"k8s.io/helm/pkg/proto/hapi/chart"
 	"k8s.io/helm/pkg/proto/hapi/release"
+	"k8s.io/helm/pkg/repo"
 	"k8s.io/helm/pkg/strvals"
 )

@@ -115,6 +116,11 @@ type installCmd struct {
 	version      string
 	timeout      int64
 	wait         bool
+	repoURL      string
+
+	certFile string
+	keyFile  string
+	caFile   string
 }

 type valueFiles []string
@@ -149,7 +155,8 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command {
 			if err := checkArgsLength(len(args), "chart name"); err != nil {
 				return err
 			}
-			cp, err := locateChartPath(args[0], inst.version, inst.verify, inst.keyring)
+			cp, err := locateChartPath(inst.repoURL, args[0], inst.version, inst.verify, inst.keyring,
+				inst.certFile, inst.keyFile, inst.caFile)
 			if err != nil {
 				return err
 			}
@@ -173,6 +180,10 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command {
 	f.StringVar(&inst.version, "version", "", "specify the exact chart version to install. If this is not specified, the latest version is installed")
 	f.Int64Var(&inst.timeout, "timeout", 300, "time in seconds to wait for any individual kubernetes operation (like Jobs for hooks)")
 	f.BoolVar(&inst.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout")
+	f.StringVar(&inst.repoURL, "repo", "", "chart repository url where to locate the requested chart")
+	f.StringVar(&inst.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file")
+	f.StringVar(&inst.keyFile, "key-file", "", "identify HTTPS client using this SSL key file")
+	f.StringVar(&inst.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle")

 	return cmd
 }
@@ -331,7 +342,8 @@ func (i *installCmd) printRelease(rel *release.Release) {
 // - URL
 //
 // If 'verify' is true, this will attempt to also verify the chart.
-func locateChartPath(name, version string, verify bool, keyring string) (string, error) {
+func locateChartPath(repoURL, name, version string, verify bool, keyring,
+	certFile, keyFile, caFile string) (string, error) {
 	name = strings.TrimSpace(name)
 	version = strings.TrimSpace(version)
 	if fi, err := os.Stat(name); err == nil {
@@ -367,6 +379,14 @@ func locateChartPath(name, version string, verify bool, keyring string) (string,
 	if verify {
 		dl.Verify = downloader.VerifyAlways
 	}
+	if repoURL != "" {
+		chartURL, err := repo.FindChartInRepoURL(repoURL, name, version,
+			certFile, keyFile, caFile, getter.All(settings))
+		if err != nil {
+			return "", err
+		}
+		name = chartURL
+	}

 	filename, _, err := dl.DownloadTo(name, version, ".")
 	if err == nil {

--- a/cmd/helm/upgrade.go
+++ b/cmd/helm/upgrade.go
@@ -74,6 +74,11 @@ type upgradeCmd struct {
 	resetValues  bool
 	reuseValues  bool
 	wait         bool
+	repoURL      string
+
+	certFile string
+	keyFile  string
+	caFile   string
 }

 func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command {
@@ -117,6 +122,10 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command {
 	f.BoolVar(&upgrade.resetValues, "reset-values", false, "when upgrading, reset the values to the ones built into the chart")
 	f.BoolVar(&upgrade.reuseValues, "reuse-values", false, "when upgrading, reuse the last release's values, and merge in any new values. If '--reset-values' is specified, this is ignored.")
 	f.BoolVar(&upgrade.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout")
+	f.StringVar(&upgrade.repoURL, "repo", "", "chart repository url where to locate the requested chart")
+	f.StringVar(&upgrade.certFile, "cert-file", "", "identify HTTPS client using this SSL certificate file")
+	f.StringVar(&upgrade.keyFile, "key-file", "", "identify HTTPS client using this SSL key file")
+	f.StringVar(&upgrade.caFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle")

 	f.MarkDeprecated("disable-hooks", "use --no-hooks instead")

@@ -124,7 +133,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command {
 }

 func (u *upgradeCmd) run() error {
-	chartPath, err := locateChartPath(u.chart, u.version, u.verify, u.keyring)
+	chartPath, err := locateChartPath(u.repoURL, u.chart, u.version, u.verify, u.keyring, u.certFile, u.keyFile, u.caFile)
 	if err != nil {
 		return err
 	}

--- a/docs/helm/helm_fetch.md
+++ b/docs/helm/helm_fetch.md
@@ -27,9 +27,13 @@ helm fetch [flags] [chart URL | repo/chartname] [...]
 ### Options

 ```
+      --ca-file string       verify certificates of HTTPS-enabled servers using this CA bundle
+      --cert-file string     identify HTTPS client using this SSL certificate file
  -d, --destination string   location to write the chart. If this and tardir are specified, tardir is appended to this (default ".")
+      --key-file string      identify HTTPS client using this SSL key file
      --keyring string       keyring containing public keys (default "~/.gnupg/pubring.gpg")
      --prov                 fetch the provenance file, but don't perform verification
+      --repo string          chart repository url where to locate the requested chart
      --untar                if set to true, will untar the chart after downloading it
      --untardir string      if untar is specified, this flag specifies the name of the directory into which the chart is expanded (default ".")
      --verify               verify the package against its signature
@@ -49,4 +53,4 @@ helm fetch [flags] [chart URL | repo/chartname] [...]
 ### SEE ALSO
 * [helm](helm.md)	 - The Helm package manager for Kubernetes.

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/helm/helm_inspect.md
+++ b/docs/helm/helm_inspect.md
@@ -19,9 +19,13 @@ helm inspect [CHART]
 ### Options

 ```
-      --keyring string   path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
-      --verify           verify the provenance data for this chart
-      --version string   version of the chart. By default, the newest chart is shown
+      --ca-file string     chart repository url where to locate the requested chart
+      --cert-file string   verify certificates of HTTPS-enabled servers using this CA bundle
+      --key-file string    identify HTTPS client using this SSL key file
+      --keyring string     path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
+      --repo string        chart repository url where to locate the requested chart
+      --verify             verify the provenance data for this chart
+      --version string     version of the chart. By default, the newest chart is shown
 ```

 ### Options inherited from parent commands
@@ -39,4 +43,4 @@ helm inspect [CHART]
 * [helm inspect chart](helm_inspect_chart.md)	 - shows inspect chart
 * [helm inspect values](helm_inspect_values.md)	 - shows inspect values

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/helm/helm_inspect_chart.md
+++ b/docs/helm/helm_inspect_chart.md
@@ -17,9 +17,13 @@ helm inspect chart [CHART]
 ### Options

 ```
-      --keyring string   path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
-      --verify           verify the provenance data for this chart
-      --version string   version of the chart. By default, the newest chart is shown
+      --ca-file string     chart repository url where to locate the requested chart
+      --cert-file string   verify certificates of HTTPS-enabled servers using this CA bundle
+      --key-file string    identify HTTPS client using this SSL key file
+      --keyring string     path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
+      --repo string        chart repository url where to locate the requested chart
+      --verify             verify the provenance data for this chart
+      --version string     version of the chart. By default, the newest chart is shown
 ```

 ### Options inherited from parent commands
@@ -35,4 +39,4 @@ helm inspect chart [CHART]
 ### SEE ALSO
 * [helm inspect](helm_inspect.md)	 - inspect a chart

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/helm/helm_inspect_values.md
+++ b/docs/helm/helm_inspect_values.md
@@ -17,9 +17,13 @@ helm inspect values [CHART]
 ### Options

 ```
-      --keyring string   path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
-      --verify           verify the provenance data for this chart
-      --version string   version of the chart. By default, the newest chart is shown
+      --ca-file string     chart repository url where to locate the requested chart
+      --cert-file string   verify certificates of HTTPS-enabled servers using this CA bundle
+      --key-file string    identify HTTPS client using this SSL key file
+      --keyring string     path to the keyring containing public verification keys (default "~/.gnupg/pubring.gpg")
+      --repo string        chart repository url where to locate the requested chart
+      --verify             verify the provenance data for this chart
+      --version string     version of the chart. By default, the newest chart is shown
 ```

 ### Options inherited from parent commands
@@ -35,4 +39,4 @@ helm inspect values [CHART]
 ### SEE ALSO
 * [helm inspect](helm_inspect.md)	 - inspect a chart

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/helm/helm_install.md
+++ b/docs/helm/helm_install.md
@@ -68,13 +68,17 @@ helm install [CHART]
 ### Options

 ```
+      --ca-file string         verify certificates of HTTPS-enabled servers using this CA bundle
+      --cert-file string       identify HTTPS client using this SSL certificate file
      --dry-run                simulate an install
+      --key-file string        identify HTTPS client using this SSL key file
      --keyring string         location of public keys used for verification (default "~/.gnupg/pubring.gpg")
  -n, --name string            release name. If unspecified, it will autogenerate one for you
      --name-template string   specify template used to name the release
      --namespace string       namespace to install the release into
      --no-hooks               prevent hooks from running during install
      --replace                re-use the given name, even if that name is already used. This is unsafe in production
+      --repo string            chart repository url where to locate the requested chart
      --set stringArray        set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
      --timeout int            time in seconds to wait for any individual kubernetes operation (like Jobs for hooks) (default 300)
      --tls                    enable TLS for request
@@ -101,4 +105,4 @@ helm install [CHART]
 ### SEE ALSO
 * [helm](helm.md)	 - The Helm package manager for Kubernetes.

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/helm/helm_upgrade.md
+++ b/docs/helm/helm_upgrade.md
@@ -36,12 +36,16 @@ helm upgrade [RELEASE] [CHART]
 ### Options

 ```
+      --ca-file string       verify certificates of HTTPS-enabled servers using this CA bundle
+      --cert-file string     identify HTTPS client using this SSL certificate file
      --dry-run              simulate an upgrade
  -i, --install              if a release by this name doesn't already exist, run an install
+      --key-file string      identify HTTPS client using this SSL key file
      --keyring string       path to the keyring that contains public signing keys (default "~/.gnupg/pubring.gpg")
      --namespace string     namespace to install the release into (only used if --install is set) (default "default")
      --no-hooks             disable pre/post upgrade hooks
      --recreate-pods        performs pods restart for the resource if applicable
+      --repo string          chart repository url where to locate the requested chart
      --reset-values         when upgrading, reset the values to the ones built into the chart
      --reuse-values         when upgrading, reuse the last release's values, and merge in any new values. If '--reset-values' is specified, this is ignored.
      --set stringArray      set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
@@ -70,4 +74,4 @@ helm upgrade [RELEASE] [CHART]
 ### SEE ALSO
 * [helm](helm.md)	 - The Helm package manager for Kubernetes.

-###### Auto generated by spf13/cobra on 16-Apr-2017
+###### Auto generated by spf13/cobra on 24-Apr-2017
--- a/docs/man/man1/helm_fetch.1
+++ b/docs/man/man1/helm_fetch.1
@@ -33,10 +33,22 @@ result in an error, and the chart will not be saved locally.


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-cert\-file\fP=""
+    identify HTTPS client using this SSL certificate file
+
 .PP
 \fB\-d\fP, \fB\-\-destination\fP="."
    location to write the chart. If this and tardir are specified, tardir is appended to this

+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    keyring containing public keys
@@ -45,6 +57,10 @@ result in an error, and the chart will not be saved locally.
 \fB\-\-prov\fP[=false]
    fetch the provenance file, but don't perform verification

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-untar\fP[=false]
    if set to true, will untar the chart after downloading it
@@ -91,4 +107,4 @@ result in an error, and the chart will not be saved locally.

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/docs/man/man1/helm_inspect.1
+++ b/docs/man/man1/helm_inspect.1
@@ -23,10 +23,26 @@ Inspect prints the contents of the Chart.yaml file and the values.yaml file.


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    chart repository url where to locate the requested chart
+
+.PP
+\fB\-\-cert\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    path to the keyring containing public verification keys

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-verify\fP[=false]
    verify the provenance data for this chart
@@ -65,4 +81,4 @@ Inspect prints the contents of the Chart.yaml file and the values.yaml file.

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/docs/man/man1/helm_inspect_chart.1
+++ b/docs/man/man1/helm_inspect_chart.1
@@ -20,10 +20,26 @@ of the Charts.yaml file


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    chart repository url where to locate the requested chart
+
+.PP
+\fB\-\-cert\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    path to the keyring containing public verification keys

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-verify\fP[=false]
    verify the provenance data for this chart
@@ -62,4 +78,4 @@ of the Charts.yaml file

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/docs/man/man1/helm_inspect_values.1
+++ b/docs/man/man1/helm_inspect_values.1
@@ -20,10 +20,26 @@ of the values.yaml file


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    chart repository url where to locate the requested chart
+
+.PP
+\fB\-\-cert\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    path to the keyring containing public verification keys

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-verify\fP[=false]
    verify the provenance data for this chart
@@ -62,4 +78,4 @@ of the values.yaml file

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/docs/man/man1/helm_install.1
+++ b/docs/man/man1/helm_install.1
@@ -114,10 +114,22 @@ charts in a repository, use 'helm search'.


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-cert\-file\fP=""
+    identify HTTPS client using this SSL certificate file
+
 .PP
 \fB\-\-dry\-run\fP[=false]
    simulate an install

+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    location of public keys used for verification
@@ -142,6 +154,10 @@ charts in a repository, use 'helm search'.
 \fB\-\-replace\fP[=false]
    re\-use the given name, even if that name is already used. This is unsafe in production

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-set\fP=[]
    set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
@@ -216,4 +232,4 @@ charts in a repository, use 'helm search'.

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/docs/man/man1/helm_upgrade.1
+++ b/docs/man/man1/helm_upgrade.1
@@ -57,6 +57,14 @@ $ helm upgrade \-\-set foo=bar \-\-set foo=newbar redis ./redis


 .SH OPTIONS
+.PP
+\fB\-\-ca\-file\fP=""
+    verify certificates of HTTPS\-enabled servers using this CA bundle
+
+.PP
+\fB\-\-cert\-file\fP=""
+    identify HTTPS client using this SSL certificate file
+
 .PP
 \fB\-\-dry\-run\fP[=false]
    simulate an upgrade
@@ -65,6 +73,10 @@ $ helm upgrade \-\-set foo=bar \-\-set foo=newbar redis ./redis
 \fB\-i\fP, \fB\-\-install\fP[=false]
    if a release by this name doesn't already exist, run an install

+.PP
+\fB\-\-key\-file\fP=""
+    identify HTTPS client using this SSL key file
+
 .PP
 \fB\-\-keyring\fP="~/.gnupg/pubring.gpg"
    path to the keyring that contains public signing keys
@@ -81,6 +93,10 @@ $ helm upgrade \-\-set foo=bar \-\-set foo=newbar redis ./redis
 \fB\-\-recreate\-pods\fP[=false]
    performs pods restart for the resource if applicable

+.PP
+\fB\-\-repo\fP=""
+    chart repository url where to locate the requested chart
+
 .PP
 \fB\-\-reset\-values\fP[=false]
    when upgrading, reset the values to the ones built into the chart
@@ -163,4 +179,4 @@ $ helm upgrade \-\-set foo=bar \-\-set foo=newbar redis ./redis

 .SH HISTORY
 .PP
-16\-Apr\-2017 Auto generated by spf13/cobra
+24\-Apr\-2017 Auto generated by spf13/cobra
--- a/pkg/repo/chartrepo.go
+++ b/pkg/repo/chartrepo.go
@@ -177,3 +177,52 @@ func (r *ChartRepository) generateIndex() error {
 	r.IndexFile.SortEntries()
 	return nil
 }
+
+// FindChartInRepoURL finds chart in chart repository pointed by repoURL
+// without adding repo to repostiories
+func FindChartInRepoURL(repoURL, chartName, chartVersion, certFile, keyFile, caFile string, getters getter.Providers) (string, error) {
+
+	// Download and write the index file to a temporary location
+	tempIndexFile, err := ioutil.TempFile("", "tmp-repo-file")
+	if err != nil {
+		return "", fmt.Errorf("cannot write index file for repository requested")
+	}
+	defer func() {
+		os.Remove(tempIndexFile.Name())
+	}()
+
+	c := Entry{
+		URL:      repoURL,
+		CertFile: certFile,
+		KeyFile:  keyFile,
+		CAFile:   caFile,
+	}
+	r, err := NewChartRepository(&c, getters)
+	if err != nil {
+		return "", err
+	}
+	if err := r.DownloadIndexFile(tempIndexFile.Name()); err != nil {
+		return "", fmt.Errorf("Looks like %q is not a valid chart repository or cannot be reached: %s", repoURL, err)
+	}
+
+	// Read the index file for the repository to get chart information and return chart URL
+	repoIndex, err := LoadIndexFile(tempIndexFile.Name())
+	if err != nil {
+		return "", err
+	}
+
+	errMsg := fmt.Sprintf("chart %q", chartName)
+	if chartVersion != "" {
+		errMsg = fmt.Sprintf("%s version %q", errMsg, chartVersion)
+	}
+	cv, err := repoIndex.Get(chartName, chartVersion)
+	if err != nil {
+		return "", fmt.Errorf("%s not found in %s repository", errMsg, repoURL)
+	}
+
+	if len(cv.URLs) == 0 {
+		return "", fmt.Errorf("%s has no downloadable URLs", errMsg)
+	}
+
+	return cv.URLs[0], nil
+}
--- a/scripts/completions.bash
+++ b/scripts/completions.bash
@@ -424,13 +424,21 @@ _helm_fetch()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
    flags+=("--destination=")
    two_word_flags+=("-d")
    local_nonpersistent_flags+=("--destination=")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
    flags+=("--prov")
    local_nonpersistent_flags+=("--prov")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--untar")
    local_nonpersistent_flags+=("--untar")
    flags+=("--untardir=")
@@ -683,8 +691,16 @@ _helm_inspect_chart()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--verify")
    local_nonpersistent_flags+=("--verify")
    flags+=("--version=")
@@ -711,8 +727,16 @@ _helm_inspect_values()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--verify")
    local_nonpersistent_flags+=("--verify")
    flags+=("--version=")
@@ -741,8 +765,16 @@ _helm_inspect()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--verify")
    local_nonpersistent_flags+=("--verify")
    flags+=("--version=")
@@ -769,8 +801,14 @@ _helm_install()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
    flags+=("--dry-run")
    local_nonpersistent_flags+=("--dry-run")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
    flags+=("--name=")
@@ -784,6 +822,8 @@ _helm_install()
    local_nonpersistent_flags+=("--no-hooks")
    flags+=("--replace")
    local_nonpersistent_flags+=("--replace")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--set=")
    local_nonpersistent_flags+=("--set=")
    flags+=("--timeout=")
@@ -1396,6 +1436,10 @@ _helm_upgrade()
    flags_with_completion=()
    flags_completion=()

+    flags+=("--ca-file=")
+    local_nonpersistent_flags+=("--ca-file=")
+    flags+=("--cert-file=")
+    local_nonpersistent_flags+=("--cert-file=")
    flags+=("--disable-hooks")
    local_nonpersistent_flags+=("--disable-hooks")
    flags+=("--dry-run")
@@ -1403,6 +1447,8 @@ _helm_upgrade()
    flags+=("--install")
    flags+=("-i")
    local_nonpersistent_flags+=("--install")
+    flags+=("--key-file=")
+    local_nonpersistent_flags+=("--key-file=")
    flags+=("--keyring=")
    local_nonpersistent_flags+=("--keyring=")
    flags+=("--namespace=")
@@ -1411,6 +1457,8 @@ _helm_upgrade()
    local_nonpersistent_flags+=("--no-hooks")
    flags+=("--recreate-pods")
    local_nonpersistent_flags+=("--recreate-pods")
+    flags+=("--repo=")
+    local_nonpersistent_flags+=("--repo=")
    flags+=("--reset-values")
    local_nonpersistent_flags+=("--reset-values")
    flags+=("--reuse-values")