helm/pkg/action/validate.go

/*
Copyright The Helm Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package action

import (
	"fmt"
	"maps"

	apierrors "k8s.io/apimachinery/pkg/api/errors"
	"k8s.io/apimachinery/pkg/api/meta"
	"k8s.io/apimachinery/pkg/runtime"
	"k8s.io/cli-runtime/pkg/resource"

	"helm.sh/helm/v4/pkg/kube"
)

var accessor = meta.NewAccessor()

const (
	appManagedByLabel              = "app.kubernetes.io/managed-by"
	appManagedByHelm               = "Helm"
	helmReleaseNameAnnotation      = "meta.helm.sh/release-name"
	helmReleaseNamespaceAnnotation = "meta.helm.sh/release-namespace"
)

// requireAdoption returns the subset of resources that already exist in the cluster.
func requireAdoption(resources kube.ResourceList) (kube.ResourceList, error) {
	var requireUpdate kube.ResourceList

	err := resources.Visit(func(info *resource.Info, err error) error {
		if err != nil {
			return err
		}

		helper := resource.NewHelper(info.Client, info.Mapping)
		_, err = helper.Get(info.Namespace, info.Name)
		if err != nil {
			if apierrors.IsNotFound(err) {
				return nil
			}
			return fmt.Errorf("could not get information about the resource %s: %w", resourceString(info), err)
		}

		requireUpdate.Append(info)
		return nil
	})

	return requireUpdate, err
}

func existingResourceConflict(resources kube.ResourceList, releaseName, releaseNamespace string) (kube.ResourceList, error) {
	var requireUpdate kube.ResourceList

	err := resources.Visit(func(info *resource.Info, err error) error {
		if err != nil {
			return err
		}

		helper := resource.NewHelper(info.Client, info.Mapping)
		existing, err := helper.Get(info.Namespace, info.Name)
		if err != nil {
			if apierrors.IsNotFound(err) {
				return nil
			}
			return fmt.Errorf("could not get information about the resource %s: %w", resourceString(info), err)
		}

		// Allow adoption of the resource if it is managed by Helm and is annotated with correct release name and namespace.
		if err := checkOwnership(existing, releaseName, releaseNamespace); err != nil {
			return fmt.Errorf("%s exists and cannot be imported into the current release: %s", resourceString(info), err)
		}

		requireUpdate.Append(info)
		return nil
	})

	return requireUpdate, err
}

func checkOwnership(obj runtime.Object, releaseName, releaseNamespace string) error {
	lbls, err := accessor.Labels(obj)
	if err != nil {
		return err
	}
	annos, err := accessor.Annotations(obj)
	if err != nil {
		return err
	}

	var errs []error
	if err := requireValue(lbls, appManagedByLabel, appManagedByHelm); err != nil {
		errs = append(errs, fmt.Errorf("label validation error: %s", err))
	}
	if err := requireValue(annos, helmReleaseNameAnnotation, releaseName); err != nil {
		errs = append(errs, fmt.Errorf("annotation validation error: %s", err))
	}
	if err := requireValue(annos, helmReleaseNamespaceAnnotation, releaseNamespace); err != nil {
		errs = append(errs, fmt.Errorf("annotation validation error: %s", err))
	}

	if len(errs) > 0 {
		return fmt.Errorf("invalid ownership metadata; %w", joinErrors(errs, "; "))
	}

	return nil
}

func requireValue(meta map[string]string, k, v string) error {
	actual, ok := meta[k]
	if !ok {
		return fmt.Errorf("missing key %q: must be set to %q", k, v)
	}
	if actual != v {
		return fmt.Errorf("key %q must equal %q: current value is %q", k, v, actual)
	}
	return nil
}

// setMetadataVisitor adds release tracking metadata to all resources. If forceOwnership is enabled, existing
// ownership metadata will be overwritten. Otherwise an error will be returned if any resource has an
// existing and conflicting value for the managed by label or Helm release/namespace annotations.
func setMetadataVisitor(releaseName, releaseNamespace string, forceOwnership bool) resource.VisitorFunc {
	return func(info *resource.Info, err error) error {
		if err != nil {
			return err
		}

		if !forceOwnership {
			if err := checkOwnership(info.Object, releaseName, releaseNamespace); err != nil {
				return fmt.Errorf("%s cannot be owned: %s", resourceString(info), err)
			}
		}

		if err := mergeLabels(info.Object, map[string]string{
			appManagedByLabel: appManagedByHelm,
		}); err != nil {
			return fmt.Errorf(
				"%s labels could not be updated: %s",
				resourceString(info), err,
			)
		}

		if err := mergeAnnotations(info.Object, map[string]string{
			helmReleaseNameAnnotation:      releaseName,
			helmReleaseNamespaceAnnotation: releaseNamespace,
		}); err != nil {
			return fmt.Errorf(
				"%s annotations could not be updated: %s",
				resourceString(info), err,
			)
		}

		return nil
	}
}

func resourceString(info *resource.Info) string {
	_, k := info.Mapping.GroupVersionKind.ToAPIVersionAndKind()
	return fmt.Sprintf(
		"%s %q in namespace %q",
		k, info.Name, info.Namespace,
	)
}

func mergeLabels(obj runtime.Object, labels map[string]string) error {
	current, err := accessor.Labels(obj)
	if err != nil {
		return err
	}
	return accessor.SetLabels(obj, mergeStrStrMaps(current, labels))
}

func mergeAnnotations(obj runtime.Object, annotations map[string]string) error {
	current, err := accessor.Annotations(obj)
	if err != nil {
		return err
	}
	return accessor.SetAnnotations(obj, mergeStrStrMaps(current, annotations))
}

// merge two maps, always taking the value on the right
func mergeStrStrMaps(current, desired map[string]string) map[string]string {
	result := make(map[string]string)
	maps.Copy(result, current)
	maps.Copy(result, desired)
	return result
}
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`/*`
			`Copyright The Helm Authors.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package action`

			`import (`
			`"fmt"`
refactor: use maps.Copy for cleaner map handling Signed-off-by: yetyear <flite@outlook.com> 2025-05-09 14:33:25 +08:00			`"maps"`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00
			`apierrors "k8s.io/apimachinery/pkg/api/errors"`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00			`"k8s.io/apimachinery/pkg/api/meta"`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`"k8s.io/apimachinery/pkg/runtime"`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`"k8s.io/cli-runtime/pkg/resource"`

Updating to helm.sh/helm/v4 Since Helm is going through breaking changes with Helm v4, the version path to Helm needs to be updated. Signed-off-by: Matt Farina <matt.farina@suse.com> 2024-12-27 05:33:51 +08:00			`"helm.sh/helm/v4/pkg/kube"`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`)`

Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`var accessor = meta.NewAccessor()`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`const (`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`appManagedByLabel = "app.kubernetes.io/managed-by"`
			`appManagedByHelm = "Helm"`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`helmReleaseNameAnnotation = "meta.helm.sh/release-name"`
			`helmReleaseNamespaceAnnotation = "meta.helm.sh/release-namespace"`
			`)`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00
Add ability to adopt unmanaged resources Allow the SDK actions to adopt existing resources. This allows install and update to overwrite resources. If TakeOwnership is not set, adoption is only possible if they existing resources have the right labels (managed-by) and annotations (release-name, ...). Signed-off-by: Mario Manno <mmanno@suse.com> 2024-03-13 21:09:23 +08:00			`// requireAdoption returns the subset of resources that already exist in the cluster.`
			`func requireAdoption(resources kube.ResourceList) (kube.ResourceList, error) {`
			`var requireUpdate kube.ResourceList`

			`err := resources.Visit(func(info *resource.Info, err error) error {`
			`if err != nil {`
			`return err`
			`}`

			`helper := resource.NewHelper(info.Client, info.Mapping)`
			`_, err = helper.Get(info.Namespace, info.Name)`
			`if err != nil {`
			`if apierrors.IsNotFound(err) {`
			`return nil`
			`}`
fix: replace "github.com/pkg/errors" with stdlib "errors" package Signed-off-by: Justen Stall <39888103+justenstall@users.noreply.github.com> 2024-11-16 11:07:40 +08:00			`return fmt.Errorf("could not get information about the resource %s: %w", resourceString(info), err)`
Add ability to adopt unmanaged resources Allow the SDK actions to adopt existing resources. This allows install and update to overwrite resources. If TakeOwnership is not set, adoption is only possible if they existing resources have the right labels (managed-by) and annotations (release-name, ...). Signed-off-by: Mario Manno <mmanno@suse.com> 2024-03-13 21:09:23 +08:00			`}`

			`requireUpdate.Append(info)`
			`return nil`
			`})`

			`return requireUpdate, err`
			`}`

Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`func existingResourceConflict(resources kube.ResourceList, releaseName, releaseNamespace string) (kube.ResourceList, error) {`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`var requireUpdate kube.ResourceList`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`err := resources.Visit(func(info *resource.Info, err error) error {`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`if err != nil {`
			`return err`
			`}`

			`helper := resource.NewHelper(info.Client, info.Mapping)`
Adding support for k8s 1.19 Closes #8806 Signed-off-by: Matt Farina <matt@mattfarina.com> 2020-09-26 00:15:06 +08:00			`existing, err := helper.Get(info.Namespace, info.Name)`
print gvk information on existing resource conflict Signed-off-by: Marc Brugger <github@bakito.ch> 2019-11-07 23:30:01 +08:00			`if err != nil {`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`if apierrors.IsNotFound(err) {`
			`return nil`
			`}`
fix: replace "github.com/pkg/errors" with stdlib "errors" package Signed-off-by: Justen Stall <39888103+justenstall@users.noreply.github.com> 2024-11-16 11:07:40 +08:00			`return fmt.Errorf("could not get information about the resource %s: %w", resourceString(info), err)`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`}`

Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`// Allow adoption of the resource if it is managed by Helm and is annotated with correct release name and namespace.`
			`if err := checkOwnership(existing, releaseName, releaseNamespace); err != nil {`
			`return fmt.Errorf("%s exists and cannot be imported into the current release: %s", resourceString(info), err)`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00			`}`

Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`requireUpdate.Append(info)`
			`return nil`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`})`
Adopt resources into release with correct instance and managed-by labels Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 08:42:47 +08:00
			`return requireUpdate, err`
fix(action): Protects against current resource conflicts Currently, if using the --atomic flag or deleting a release that failed due to an already existing resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue by checking for pre-existing resources during install and upgrade. This is done as a validation step so the release will not even be started if resources currently exist. This PR is inspired by @xchapter7x's work in #3477. This also fixes a small bug in upgrade where deletes fail if the resource was already deletes Fixes #6407 Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com> 2019-10-01 06:05:41 +08:00			`}`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`func checkOwnership(obj runtime.Object, releaseName, releaseNamespace string) error {`
			`lbls, err := accessor.Labels(obj)`
			`if err != nil {`
			`return err`
			`}`
			`annos, err := accessor.Annotations(obj)`
			`if err != nil {`
			`return err`
			`}`

			`var errs []error`
			`if err := requireValue(lbls, appManagedByLabel, appManagedByHelm); err != nil {`
			`errs = append(errs, fmt.Errorf("label validation error: %s", err))`
			`}`
			`if err := requireValue(annos, helmReleaseNameAnnotation, releaseName); err != nil {`
			`errs = append(errs, fmt.Errorf("annotation validation error: %s", err))`
			`}`
			`if err := requireValue(annos, helmReleaseNamespaceAnnotation, releaseNamespace); err != nil {`
			`errs = append(errs, fmt.Errorf("annotation validation error: %s", err))`
			`}`

			`if len(errs) > 0 {`
more error wrapping uses - replace os.IsNotExist with errors.Is and fs.ErrNotExist - use %w directive Signed-off-by: Justen Stall <39888103+justenstall@users.noreply.github.com> 2024-11-19 01:54:09 +08:00			`return fmt.Errorf("invalid ownership metadata; %w", joinErrors(errs, "; "))`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`}`

			`return nil`
			`}`

			`func requireValue(meta map[string]string, k, v string) error {`
			`actual, ok := meta[k]`
			`if !ok {`
			`return fmt.Errorf("missing key %q: must be set to %q", k, v)`
			`}`
			`if actual != v {`
			`return fmt.Errorf("key %q must equal %q: current value is %q", k, v, actual)`
			`}`
			`return nil`
			`}`

Rename 'force' to 'force-replace' Signed-off-by: George Jenkins <gvjenkins@gmail.com> 2025-06-16 02:31:48 +08:00			`// setMetadataVisitor adds release tracking metadata to all resources. If forceOwnership is enabled, existing`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`// ownership metadata will be overwritten. Otherwise an error will be returned if any resource has an`
			`// existing and conflicting value for the managed by label or Helm release/namespace annotations.`
Rename 'force' to 'force-replace' Signed-off-by: George Jenkins <gvjenkins@gmail.com> 2025-06-16 02:31:48 +08:00			`func setMetadataVisitor(releaseName, releaseNamespace string, forceOwnership bool) resource.VisitorFunc {`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`return func(info *resource.Info, err error) error {`
			`if err != nil {`
			`return err`
			`}`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00
Rename 'force' to 'force-replace' Signed-off-by: George Jenkins <gvjenkins@gmail.com> 2025-06-16 02:31:48 +08:00			`if !forceOwnership {`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`if err := checkOwnership(info.Object, releaseName, releaseNamespace); err != nil {`
			`return fmt.Errorf("%s cannot be owned: %s", resourceString(info), err)`
			`}`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`}`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00
			`if err := mergeLabels(info.Object, map[string]string{`
			`appManagedByLabel: appManagedByHelm,`
			`}); err != nil {`
			`return fmt.Errorf(`
			`"%s labels could not be updated: %s",`
			`resourceString(info), err,`
			`)`
			`}`

			`if err := mergeAnnotations(info.Object, map[string]string{`
			`helmReleaseNameAnnotation: releaseName,`
			`helmReleaseNamespaceAnnotation: releaseNamespace,`
			`}); err != nil {`
			`return fmt.Errorf(`
			`"%s annotations could not be updated: %s",`
			`resourceString(info), err,`
			`)`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`}`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00
			`return nil`
			`}`
			`}`

			`func resourceString(info *resource.Info) string {`
			`_, k := info.Mapping.GroupVersionKind.ToAPIVersionAndKind()`
			`return fmt.Sprintf(`
			`"%s %q in namespace %q",`
			`k, info.Name, info.Namespace,`
			`)`
			`}`

			`func mergeLabels(obj runtime.Object, labels map[string]string) error {`
			`current, err := accessor.Labels(obj)`
			`if err != nil {`
			`return err`
			`}`
			`return accessor.SetLabels(obj, mergeStrStrMaps(current, labels))`
			`}`

			`func mergeAnnotations(obj runtime.Object, annotations map[string]string) error {`
			`current, err := accessor.Annotations(obj)`
			`if err != nil {`
			`return err`
			`}`
			`return accessor.SetAnnotations(obj, mergeStrStrMaps(current, annotations))`
			`}`

			`// merge two maps, always taking the value on the right`
			`func mergeStrStrMaps(current, desired map[string]string) map[string]string {`
			`result := make(map[string]string)`
refactor: use maps.Copy for cleaner map handling Signed-off-by: yetyear <flite@outlook.com> 2025-05-09 14:33:25 +08:00			`maps.Copy(result, current)`
			`maps.Copy(result, desired)`
Add more detail to error messages and support a non-force mode in metadata visitor Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-03-11 10:22:15 +08:00			`return result`
Alternative: annotation-only solution Signed-off-by: Jacob LeGrone <git@jacob.work> 2020-02-21 09:53:27 +08:00			`}`