redhat-certification · komish · Apr 23, 2024 · Mar 29, 2024 · Apr 19, 2024 · Apr 23, 2024
diff --git a/docs/helm-chart-checks.md b/docs/helm-chart-checks.md
@@ -52,21 +52,22 @@ The following table lists the set of checks for each profile version with detail
 
 #### Table 2: Helm chart default checks
 
-| Profile v1.2 | Profile v1.1 | Profile v1.0 | Description |
-|:-------------------------------:|:-------------------------------:|:-------------------------------:|---------------
-| [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | Checks that the given `uri` points to a Helm v3 chart.
-| [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | Checks that the Helm chart contains the `README.md` file.
-| [contains-test V1.0](helm-chart-troubleshooting.md#contains-test-v10) | [contains-test V1.0](helm-chart-troubleshooting.md#contains-test-v10) | [contains-test v1.0](helm-chart-troubleshooting.md#contains-test-v10) | Checks that the Helm chart contains at least one test file.
-| [has-kubeversion v1.1](helm-chart-troubleshooting.md#has-kubeversion-v11) | [has-kubeversion v1.1](helm-chart-troubleshooting.md#has-kubeversion-v11) | [has-kubeversion v1.0](helm-chart-troubleshooting.md#has-kubeversion-v10) | Checks that the `Chart.yaml` file of the Helm chart includes the `kubeVersion` field (v1.0) and is a valid semantic version (v1.1).
-| [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | Checks that the Helm chart contains a JSON schema file (`values.schema.json`) to validate the `values.yaml` file in the chart.
-| [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | Checks that the Helm chart does not include custom resource definitions (CRDs).
-| [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | Checks that the Helm chart does not include Container Storage Interface (CSI) objects.
-| [images-are-certified v1.1](helm-chart-troubleshooting.md#images-are-certified-v10) | [images-are-certified v1.0](helm-chart-troubleshooting.md#images-are-certified-v10) | [images-are-certified v1.0](helm-chart-troubleshooting.md#images-are-certified-v10) | Checks that the images referenced by the Helm chart are Red Hat-certified.
-| [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | Checks that the chart is well formed by running the `helm lint` command.
-| [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10)  | Installs the chart and verifies it on a Red Hat OpenShift Container Platform cluster.
-| [contains-values v1.0](helm-chart-troubleshooting.md#contains-values-v10) | [contains-values v1.0](helm-chart-troubleshooting.md#contains-values-v10)  | [contains-values  v1.0](helm-chart-troubleshooting.md#contains-values-v10) | Checks that the Helm chart contains the `values`[¹](https://github.com/redhat-certification/chart-verifier/blob/main/docs/helm-chart-checks.md#-for-more-information-on-the-values-file-see-values-and-best-practices-for-using-values) file.
-| [required-annotations-present v1.0](helm-chart-troubleshooting.md#required-annotations-present-v10) | [required-annotations-present v1.0](helm-chart-troubleshooting.md#required-annotations-present-v10) | - | Checks that the Helm chart contains the annotation: ```charts.openshift.io/name```.
-| [signature-is-valid v1.0](helm-chart-troubleshooting.md#signature-is-valid-v10) | - | - | Verifies a signed chart based on a provided public key |  
+| Profile v1.3 | Profile v1.2 | Profile v1.1 | Profile v1.0 | Description |
+|---|---|---|---|---|
+| [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | [is-helm-v3 v1.0](helm-chart-troubleshooting.md#is-helm-v3-v10) | Checks that the given `uri` points to a Helm v3 chart. |
+| [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | [has-readme v1.0](helm-chart-troubleshooting.md#has-readme-v10) | Checks that the Helm chart contains the `README.md` file. |
+| [contains-test V1.0](helm-chart-troubleshooting.md#contains-test-v10) | [contains-test V1.0](helm-chart-troubleshooting.md#contains-test-v10) | [contains-test V1.0](helm-chart-troubleshooting.md#contains-test-v10) | [contains-test v1.0](helm-chart-troubleshooting.md#contains-test-v10) | Checks that the Helm chart contains at least one test file. |
+| [has-kubeversion v1.1](helm-chart-troubleshooting.md#has-kubeversion-v11) | [has-kubeversion v1.1](helm-chart-troubleshooting.md#has-kubeversion-v11) | [has-kubeversion v1.1](helm-chart-troubleshooting.md#has-kubeversion-v11) | [has-kubeversion v1.0](helm-chart-troubleshooting.md#has-kubeversion-v10) | Checks that the `Chart.yaml` file of the Helm chart includes the `kubeVersion` field (v1.0) and is a valid semantic version (v1.1). |
+| [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | [contains-values-schema v1.0](helm-chart-troubleshooting.md#contains-values-schema-v10) | Checks that the Helm chart contains a JSON schema file (`values.schema.json`) to validate the `values.yaml` file in the chart. |
+| [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | [not-contains-crds v1.0](helm-chart-troubleshooting.md#not-contains-crds-v10) | Checks that the Helm chart does not include custom resource definitions (CRDs). |
+| [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | [not-contain-csi-objects v1.0](helm-chart-troubleshooting.md#not-contain-csi-objects-v10) | Checks that the Helm chart does not include Container Storage Interface (CSI) objects. |
+| [images-are-certified v1.1](helm-chart-troubleshooting.md#images-are-certified-v10) | [images-are-certified v1.1](helm-chart-troubleshooting.md#images-are-certified-v10) | [images-are-certified v1.0](helm-chart-troubleshooting.md#images-are-certified-v10) | [images-are-certified v1.0](helm-chart-troubleshooting.md#images-are-certified-v10) | Checks that the images referenced by the Helm chart are Red Hat-certified. |
+| [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | [helm-lint v1.0](helm-chart-troubleshooting.md#helm-lint-v10) | Checks that the chart is well formed by running the `helm lint` command. |
+| [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | [chart-testing v1.0](helm-chart-troubleshooting.md#chart-testing-v10) | Installs the chart and verifies it on a Red Hat OpenShift Container Platform cluster. |
+| [contains-values v1.0](helm-chart-troubleshooting.md#contains-values-v10) | [contains-values v1.0](helm-chart-troubleshooting.md#contains-values-v10) | [contains-values v1.0](helm-chart-troubleshooting.md#contains-values-v10) | [contains-values  v1.0](helm-chart-troubleshooting.md#contains-values-v10) | Checks that the Helm chart contains the `values`[¹](https://github.com/redhat-certification/chart-verifier/blob/main/docs/helm-chart-checks.md#-for-more-information-on-the-values-file-see-values-and-best-practices-for-using-values) file. |
+| [required-annotations-present v1.0](helm-chart-troubleshooting.md#required-annotations-present-v10) | [required-annotations-present v1.0](helm-chart-troubleshooting.md#required-annotations-present-v10) | [required-annotations-present v1.0](helm-chart-troubleshooting.md#required-annotations-present-v10) | - | Checks that the Helm chart contains the annotation: ```charts.openshift.io/name```. |
+| [signature-is-valid v1.0](helm-chart-troubleshooting.md#signature-is-valid-v10) | [signature-is-valid v1.0](helm-chart-troubleshooting.md#signature-is-valid-v10) | - | - | Verifies a signed chart based on a provided public key. |
+| [has-notes v1.0](helm-chart-troubleshooting.md#has-notes-v10) | - | - | - | Checks that the Helm chart contains the `NOTES.txt` file in the templates directory. |
 #
 ###### ¹ For more information on the `values` file, see [`values`](https://helm.sh/docs/chart_template_guide/values_files/) and [Best Practices for using values](https://helm.sh/docs/chart_best_practices/values/).
 
@@ -300,7 +301,15 @@ A profile defines a set of checks to run and an indication of whether each check
   - The default is the same as the partner profile and is used if a specific one is not specified.
   - All checks are mandatory.
 
-Each profile also has a version and currently there are three profile versions: v1.0, v1.1 and v1.2. The `developer-console` just has one profile version v1.0.
+Each profile also has a version and currently there are four profile versions: v1.0, v1.1, v1.2, and v1.3. The `developer-console` just has one profile version v1.0.
+
+### Profile v1.3
+
+Compared to profile v1.2, adds a new check:
+
+| check | partner | RedHat | community | default |
+|-------|---------|--------|-----------|---------
+| [has-notes v1.0](helm-chart-troubleshooting.md#has-notes-v10) | optional | optional | optional | optional
 
 ### Profile v1.2
 
@@ -327,7 +336,7 @@ Annotations added to a v1.1 profile report are common to all profile types: part
 
 #### Checks
 
-This table shows which checks are preformed and whether or not they ar mnandatory or optional for each profile type.
+This table shows which checks are preformed and whether or not they are mandatory or optional for each profile type.
 
 | check | partner | RedHat | community | default |
 |-------|---------|--------|-----------|---------

diff --git a/docs/helm-chart-troubleshooting.md b/docs/helm-chart-troubleshooting.md
@@ -175,6 +175,10 @@ This check requires that the public key provided to the chart verifier is from a
 - pgp public key file does not have access to the signed chart.
     - ensure the public key matches the secret key used to sign the chart. 
 
+### `has-notes` v1.0
+
+Requires a "NOTES.txt" file to exist in the templates directory of the chart. Any other spelling or
+capitialisation of letters will result in the check failing.
 
 ## Report related submission failures
 

diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.without-notes.tgz b/internal/chartverifier/checks/chart-0.1.0-v3.without-notes.tgz
diff --git a/internal/chartverifier/checks/checks.go b/internal/chartverifier/checks/checks.go
@@ -39,6 +39,8 @@ const (
 	APIVersion2                  = "v2"
 	ReadmeExist                  = "Chart has a README"
 	ReadmeDoesNotExist           = "Chart does not have a README"
+	NotesExist                   = "Chart does contain NOTES.txt"
+	NotesDoesNotExist            = "Chart does not contain NOTES.txt"
 	NotHelm3Reason               = "API version is not V2, used in Helm 3"
 	Helm3Reason                  = "API version is V2, used in Helm 3"
 	TestTemplatePrefix           = "templates/tests/"
@@ -105,6 +107,24 @@ func HasReadme(opts *CheckOptions) (Result, error) {
 	for _, f := range c.Files {
 		if f.Name == "README.md" {
 			r.SetResult(true, ReadmeExist)
+			break
+		}
+	}
+
+	return r, nil
+}
+
+func HasNotes(opts *CheckOptions) (Result, error) {
+	c, _, err := LoadChartFromURI(opts)
+	if err != nil {
+		return Result{}, err
+	}
+
+	r := NewResult(false, NotesDoesNotExist)
+	for _, f := range c.Templates {
+		if f.Name == "templates/NOTES.txt" {
+			r.SetResult(true, NotesExist)
+			break
 		}
 	}
 

diff --git a/internal/chartverifier/checks/checks_test.go b/internal/chartverifier/checks/checks_test.go
@@ -105,6 +105,43 @@ func TestHasReadme(t *testing.T) {
 	}
 }
 
+func TestHasNotes(t *testing.T) {
+	type testCase struct {
+		description string
+		uri         string
+	}
+
+	positiveTestCases := []testCase{
+		{description: "chart with NOTES.txt", uri: "chart-0.1.0-v3.valid.tgz"},
+	}
+
+	for _, tc := range positiveTestCases {
+		t.Run(tc.description, func(t *testing.T) {
+			config := viper.New()
+			r, err := HasNotes(&CheckOptions{URI: tc.uri, ViperConfig: config, HelmEnvSettings: cli.New()})
+			require.NoError(t, err)
+			require.NotNil(t, r)
+			require.True(t, r.Ok)
+			require.Equal(t, NotesExist, r.Reason)
+		})
+	}
+
+	negativeTestCases := []testCase{
+		{description: "chart without NOTES.txt", uri: "chart-0.1.0-v3.without-notes.tgz"},
+	}
+
+	for _, tc := range negativeTestCases {
+		t.Run(tc.description, func(t *testing.T) {
+			config := viper.New()
+			r, err := HasNotes(&CheckOptions{URI: tc.uri, ViperConfig: config, HelmEnvSettings: cli.New()})
+			require.NoError(t, err)
+			require.NotNil(t, r)
+			require.False(t, r.Ok)
+			require.Equal(t, NotesDoesNotExist, r.Reason)
+		})
+	}
+}
+
 func TestContainsTest(t *testing.T) {
 	type testCase struct {
 		description string

diff --git a/internal/chartverifier/profiles/default.go b/internal/chartverifier/profiles/default.go
@@ -10,7 +10,7 @@ const (
 	CheckVersion10        = "v1.0"
 	CheckVersion11        = "v1.1"
 	DefaultProfile        = "partner"
-	DefaultProfileVersion = "v1.2"
+	DefaultProfileVersion = "v1.3"
 )
 
 func getDefaultProfile(msg string) *Profile {
@@ -43,6 +43,7 @@ func getDefaultProfile(msg string) *Profile {
 		{Name: fmt.Sprintf("%s/%s", CheckVersion10, apiChecks.ChartTesting), Type: apiChecks.MandatoryCheckType},
 		{Name: fmt.Sprintf("%s/%s", CheckVersion10, apiChecks.RequiredAnnotationsPresent), Type: apiChecks.MandatoryCheckType},
 		{Name: fmt.Sprintf("%s/%s", CheckVersion10, apiChecks.SignatureIsValid), Type: apiChecks.MandatoryCheckType},
+		{Name: fmt.Sprintf("%s/%s", CheckVersion10, apiChecks.HasNotes), Type: apiChecks.OptionalCheckType},
 	}
 
 	return &profile

diff --git a/internal/chartverifier/profiles/profile_test.go b/internal/chartverifier/profiles/profile_test.go
@@ -23,6 +23,7 @@ const (
 	configVersion10     string     = "v1.0"
 	configVersion11     string     = "v1.1"
 	configVersion12     string     = "v1.2"
+	configVersion13     string     = "v1.3"
 	checkVersion10      string     = CheckVersion10
 	checkVersion11      string     = "v1.1"
 	NoVendorType        VendorType = ""
@@ -33,7 +34,7 @@ const (
 
 func TestProfile(t *testing.T) {
 	testProfile := getDefaultProfile("test")
-	testProfile.Name = "profile-partner-1.2"
+	testProfile.Name = "profile-partner-1.3"
 	config := make(map[string]interface{})
 	config[VendorTypeConfigName] = PartnerVendorType
 
@@ -77,14 +78,14 @@ func TestGetProfiles(t *testing.T) {
 	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, configVersion11, configVersion11)
 	getAndCheckProfile(t, CommunityVendorType, CommunityVendorType, configVersion11, configVersion11)
 	getAndCheckProfile(t, NoVendorType, PartnerVendorType, configVersion11, configVersion11)
-	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, NoVersion, configVersion12)
-	getAndCheckProfile(t, NoVendorType, PartnerVendorType, NoVersion, configVersion12)
-	getAndCheckProfile(t, PartnerVendorType, PartnerVendorType, configVersion12, configVersion12)
-	getAndCheckProfile(t, PartnerVendorType, PartnerVendorType, configVersion00, configVersion12)
-	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, configVersion12, configVersion12)
-	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, configVersion00, configVersion12)
-	getAndCheckProfile(t, CommunityVendorType, CommunityVendorType, configVersion00, configVersion12)
-	getAndCheckProfile(t, CommunityVendorType, CommunityVendorType, configVersion12, configVersion12)
+	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, NoVersion, configVersion13)
+	getAndCheckProfile(t, NoVendorType, PartnerVendorType, NoVersion, configVersion13)
+	getAndCheckProfile(t, PartnerVendorType, PartnerVendorType, configVersion13, configVersion13)
+	getAndCheckProfile(t, PartnerVendorType, PartnerVendorType, configVersion00, configVersion13)
+	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, configVersion13, configVersion13)
+	getAndCheckProfile(t, RedhatVendorType, RedhatVendorType, configVersion00, configVersion13)
+	getAndCheckProfile(t, CommunityVendorType, CommunityVendorType, configVersion00, configVersion13)
+	getAndCheckProfile(t, CommunityVendorType, CommunityVendorType, configVersion13, configVersion13)
 }
 
 func getAndCheckProfile(t *testing.T, configVendorType, expectVendorType VendorType, configVersion, expectVersion string) {

diff --git a/internal/chartverifier/verifierbuilder.go b/internal/chartverifier/verifierbuilder.go
@@ -50,6 +50,7 @@ func init() {
 	defaultRegistry.Add(apiChecks.ChartTesting, "v1.0", checks.ChartTesting)
 	defaultRegistry.Add(apiChecks.RequiredAnnotationsPresent, "v1.0", checks.RequiredAnnotationsPresent)
 	defaultRegistry.Add(apiChecks.SignatureIsValid, "v1.0", checks.SignatureIsValid)
+	defaultRegistry.Add(apiChecks.HasNotes, "v1.0", checks.HasNotes)
 }
 
 func DefaultRegistry() checks.Registry {

diff --git a/internal/profileconfig/profiles/profile-community-1.3.yaml b/internal/profileconfig/profiles/profile-community-1.3.yaml
@@ -0,0 +1,38 @@
+apiversion: v1
+kind: verifier-profile
+vendorType: community
+version: v1.3
+annotations:
+  - "Digest"
+  - "TestedOpenShiftVersion"
+  - "LastCertifiedTimestamp"
+  - "SupportedOpenShiftVersions"
+checks:
+    - name: v1.0/has-readme
+      type: Optional
+    - name: v1.0/is-helm-v3
+      type: Optional
+    - name: v1.0/contains-test
+      type: Optional
+    - name: v1.0/contains-values
+      type: Optional
+    - name: v1.0/contains-values-schema
+      type: Optional
+    - name: v1.1/has-kubeversion
+      type: Optional
+    - name: v1.0/not-contains-crds
+      type: Optional
+    - name: v1.0/helm-lint
+      type: Mandatory
+    - name: v1.0/not-contain-csi-objects
+      type: Optional
+    - name: v1.1/images-are-certified
+      type: Optional
+    - name: v1.0/chart-testing
+      type: Optional
+    - name: v1.0/required-annotations-present
+      type: Optional
+    - name: v1.0/signature-is-valid
+      type: Optional
+    - name: v1.0/has-notes
+      type: Optional
diff --git a/internal/profileconfig/profiles/profile-partner-1.3.yaml b/internal/profileconfig/profiles/profile-partner-1.3.yaml
@@ -0,0 +1,39 @@
+apiversion: v1
+kind: verifier-profile
+vendorType: partner
+version: v1.3
+annotations:
+  - "Digest"
+  - "TestedOpenShiftVersion"
+  - "LastCertifiedTimestamp"
+  - "SupportedOpenShiftVersions"
+checks:
+    - name: v1.0/has-readme
+      type: Mandatory
+    - name: v1.0/is-helm-v3
+      type: Mandatory
+    - name: v1.0/contains-test
+      type: Mandatory
+    - name: v1.0/contains-values
+      type: Mandatory
+    - name: v1.0/contains-values-schema
+      type: Mandatory
+    - name: v1.1/has-kubeversion
+      type: Mandatory
+    - name: v1.0/not-contains-crds
+      type: Mandatory
+    - name: v1.0/helm-lint
+      type: Mandatory
+    - name: v1.0/not-contain-csi-objects
+      type: Mandatory
+    - name: v1.1/images-are-certified
+      type: Mandatory
+    - name: v1.0/chart-testing
+      type: Mandatory
+    - name: v1.0/required-annotations-present
+      type: Mandatory
+    - name: v1.0/signature-is-valid
+      type: Mandatory
+    - name: v1.0/has-notes
+      type: Optional
+