Helm-drift fails when a yaml manifest is empty

[skylt]

Hello, given the following manifests:

---
# Source: external-dns/templates/networkpolicy.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: my-release-external-dns
  namespace: "default"
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
    app.kubernetes.io/component: controller
spec:
  podSelector:
    matchLabels:
      app.kubernetes.io/instance: my-release
      app.kubernetes.io/name: external-dns
  policyTypes:
    - Ingress
    - Egress
  egress:
    - {}
  ingress:
    - ports:
        - port: 7979
---
# Source: external-dns/templates/pdb.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
  name: my-release-external-dns
  namespace: "default"
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
spec:
  maxUnavailable: 1
  selector:
    matchLabels:
      app.kubernetes.io/instance: my-release
      app.kubernetes.io/name: external-dns
---
# Source: external-dns/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: my-release-external-dns
  namespace: "default"
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
automountServiceAccountToken: false
---
# Source: external-dns/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: my-release-external-dns-default
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
rules:
  - apiGroups:
      - ""
    resources:
      - services
      - pods
      - nodes
      - endpoints
      - namespaces
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - extensions
      - "networking.k8s.io"
      - getambassador.io
    resources:
      - ingresses
      - hosts
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - route.openshift.io
    resources:
      - routes
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - networking.istio.io
    resources:
      - gateways
      - virtualservices
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - zalando.org
    resources:
      - routegroups
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - zalando.org
    resources:
      - routegroups/status
    verbs:
      - patch
      - update
  - apiGroups:
      - projectcontour.io
    resources:
      - httpproxies
    verbs:
      - get
      - watch
      - list
  - apiGroups:
      - gloo.solo.io
      - gateway.solo.io
    resources:
      - proxies
      - virtualservices
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - configuration.konghq.com
    resources:
      - tcpingresses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - gateway.networking.k8s.io
    resources:
      - gateways
      - httproutes
      - tlsroutes
      - tcproutes
      - udproutes
      - grpcroutes
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - cis.f5.com
    resources:
      - virtualservers
    verbs:
      - get
      - watch
      - list
---
# Source: external-dns/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: my-release-external-dns-default
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: my-release-external-dns-default
subjects:
  - kind: ServiceAccount
    name: my-release-external-dns
    namespace: "default"
---
# Source: external-dns/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: my-release-external-dns
  namespace: "default"
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
spec:
  type: ClusterIP
  sessionAffinity: None
  ports:
    - name: http
      port: 7979
      protocol: TCP
      targetPort: http
  selector:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/name: external-dns
---
# Source: external-dns/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-release-external-dns
  namespace: "default"
  labels:
    app.kubernetes.io/instance: my-release
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: external-dns
    app.kubernetes.io/version: 0.15.0
    helm.sh/chart: external-dns-8.3.9
spec:
  revisionHistoryLimit: 10
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/instance: my-release
      app.kubernetes.io/name: external-dns
  template:
    metadata:
      labels:
        app.kubernetes.io/instance: my-release
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: external-dns
        app.kubernetes.io/version: 0.15.0
        helm.sh/chart: external-dns-8.3.9
    spec:
      
      securityContext:
        fsGroup: 1001
        fsGroupChangePolicy: Always
        supplementalGroups: []
        sysctls: []
      affinity:
        podAffinity:
          
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app.kubernetes.io/instance: my-release
                    app.kubernetes.io/name: external-dns
                topologyKey: kubernetes.io/hostname
              weight: 1
        nodeAffinity:
          
      automountServiceAccountToken: true
      serviceAccountName: my-release-external-dns
      containers:
        - name: external-dns
          image: docker.io/bitnami/external-dns:0.15.0-debian-12-r2
          imagePullPolicy: "IfNotPresent"
          args:
            # Generic arguments
            - --metrics-address=:7979
            - --log-level=info
            - --log-format=text
            - --policy=upsert-only
            - --provider=aws
            - --registry=txt
            - --interval=1m
            - --source=service
            - --source=ingress
            # AWS arguments
            - --aws-api-retries=3
            - --aws-zone-type=
            - --aws-batch-change-size=1000
          env:
            # AWS environment variables
            - name: AWS_DEFAULT_REGION
              value: us-east-1
          envFrom:
          ports:
            - name: http
              containerPort: 7979
          livenessProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: 10
            periodSeconds: 10
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 2
          readinessProbe:
            httpGet:
              path: /healthz
              port: http
            initialDelaySeconds: 5
            periodSeconds: 10
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 6
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
              - ALL
            privileged: false
            readOnlyRootFilesystem: true
            runAsGroup: 1001
            runAsNonRoot: true
            runAsUser: 1001
            seLinuxOptions: {}
            seccompProfile:
              type: RuntimeDefault
          resources:
            limits:
              cpu: 150m
              ephemeral-storage: 2Gi
              memory: 192Mi
            requests:
              cpu: 100m
              ephemeral-storage: 50Mi
              memory: 128Mi
          volumeMounts:
            - name: empty-dir
              mountPath: /tmp
              subPath: tmp-dir
      volumes:
        - name: empty-dir
          emptyDir: {}
---
# Source: external-dns/templates/crds/crd.yaml
# NOTE: Header with source was intentionally removed to avoid updates in the CRD. Ref: https:/bitnami/charts/issues/25967
# Conditional: .Values.crd.create

helm drift will fail as the last entry contains no kind:

$ helm drift run my-release --from-release 
ERRO[0000] getting manifest information from template errored with 'failed to get kind from the manifest, 'kind' is not type string' 
{"level":"fatal","msg":"failed to get kind from the manifest, 'kind' is not type string","time":"2024-10-15T09:45:43+02:00"}
Error: plugin "drift" exited with error

helm drift run all will also fail, but with a different error:

$ helm drift all
ERRO[0000] getting manifest information from template errored with 'failed to get kind from the manifest, 'kind' is not type string' 
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x19efc66]

goroutine 53 [running]:
github.com/nikhilsbhat/helm-drift/pkg.(*Drift).Diff(0x33a5500, 0x0)
        github.com/nikhilsbhat/helm-drift/pkg/diff.go:16 +0x46
github.com/nikhilsbhat/helm-drift/pkg.(*Drift).GetAllDrift.func3(0xc00047c000)
        github.com/nikhilsbhat/helm-drift/pkg/drift_all.go:65 +0x22c
created by github.com/nikhilsbhat/helm-drift/pkg.(*Drift).GetAllDrift in goroutine 1
        github.com/nikhilsbhat/helm-drift/pkg/drift_all.go:54 +0x485
Error: plugin "drift" exited with error

Steps to reproduce:

$ helm install  my-release oci://registry-1.docker.io/bitnamicharts/external-dns
$ helm drift run my-release --from-release

Please let me know if you want help on handling this issue.

[nikhilsbhat]

"@skylt, yes, this is a known issue in the current version and has been reported in this issue. It has been addressed in this commit, and the fix will be included in the upcoming release."