I am trying to understand the usage of Requirements.lock file . For using a dependent chart , we can make use of Requirements.yaml . Based on documentation
Requirements.lock : rebuild the charts/ directory based on the requirements.lock file
Requirements.yaml : update charts/ based on the contents of requirements.yaml
Can someone explain the difference and usage of lock file and do we need to checking requirements.lock file in the repo too ?
This article says it well:
Much like a runtime language dependency file (such as Python’s requirements.txt), the requirements.yaml file allows you to manage your chart’s dependencies and their versions. When updating dependencies, a lockfile is generated so that subsequent fetching of dependencies use a known, working version.
The requirements.yaml file lists only the immediate dependencies that your chart needs. This makes it easier for you to focus on your chart.
The requirements.lock file lists the exact versions of immediate dependencies and their dependencies and their dependencies and so forth. This allows helm to precisely track the entire dependency tree and recreate it exactly as it last worked--even if some of the dependencies (or their dependencies) are updated later.
Here's roughly how it works:
helm install and helm creates the requirements.lock file as it builds the dependency tree.helm install, helm will ensure that it uses the same versions identified in the requirements.lock file.helm install (or helm upgrade) and helm will notice your changes and update the requirements.lock file to reflect them.