updated the description

.github/CODEOWNERS

@@ -1 +1 @@
-* @Azure/cloud-native-github-action-owners
+* @Azure/aks-atlanta

.github/ISSUE_TEMPLATE/bugReportForm.yml

@@ -1,24 +1,17 @@
 name: Bug Report
-description: File a bug report specifying all inputs you provided for the action, we will respond to this thread with any questions.
+description: File a bug report, we will respond to this thread with any questions.
 title: 'Bug: '
 labels: ['bug', 'triage']
 assignees: '@Azure/aks-atlanta'
 body:
-   - type: textarea
+   - type: input
      id: What-happened
      attributes:
         label: What happened?
-        description: Tell us what happened and how is it different from the expected?
+        description: Tell us what happened and how is it different form the expected?
         placeholder: Tell us what you see!
      validations:
         required: true
-   - type: checkboxes
-     id: Version
-     attributes:
-        label: Version
-        options:
-           - label: I am using the latest version
-             required: true
    - type: input
      id: Runner
      attributes:
@@ -27,10 +20,9 @@ body:
         placeholder: Mention the runner info (self-hosted, operating system)
      validations:
         required: true
-   - type: textarea
+   - type: input
      id: Logs
      attributes:
         label: Relevant log output
         description: Run in debug mode for the most verbose logs. Please feel free to attach a screenshot of the logs
-     validations:
-        required: true
+        render: shell

.github/ISSUE_TEMPLATE/config.yml

@@ -1,6 +1,6 @@
 blank_issues_enabled: false
 contact_links:
-   - name: GitHub Action "setup-helm" Support
-     url: https://github.com/Azure/setup-helm
-     security: https://github.com/Azure/setup-helm/blob/main/SECURITY.md
+   - name: GitHub Action "aks-set-context" Support
+     url: https://github.com/Azure/aks-set-context
+     security: https://github.com/Azure/aks-set-context/blob/main/SECURITY.md
      about: Please ask and answer questions here.

.github/ISSUE_TEMPLATE/featureRequestForm.yml

@@ -4,8 +4,8 @@ title: 'Feature Request: '
 labels: ['Feature']
 assignees: '@Azure/aks-atlanta'
 body:
-   - type: textarea
-     id: Feature_request
+   - type: input
+     id: Feature request
      attributes:
         label: Feature request
         description: Provide example functionality and links to relevant docs

.github/dependabot.yml

@@ -1,18 +0,0 @@
-version: 2
-updates:
-   - package-ecosystem: npm
-     directory: /
-     schedule:
-        interval: weekly
-     groups:
-        actions:
-           patterns:
-              - '*'
-   - package-ecosystem: github-actions
-     directory: .github/workflows
-     schedule:
-        interval: weekly
-     groups:
-        actions:
-           patterns:
-              - '*'

.github/workflows/defaultLabels.yml

@@ -13,7 +13,7 @@ jobs:
 
       # Steps represent a sequence of tasks that will be executed as part of the job
       steps:
-         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
+         - uses: actions/stale@v3
            name: Setting issue as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
               operations-per-run: 100
               exempt-issue-labels: 'backlog'
 
-         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
+         - uses: actions/stale@v3
            name: Setting PR as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/integration-tests.yml

@@ -7,23 +7,15 @@ on:
 jobs:
    trigger-integration-tests:
       name: Trigger Integration tests
-      strategy:
-         matrix:
-            os:
-               - ubuntu-latest
-               - ubuntu-24.04-arm
-               - macos-latest # arm
-               - macos-13 # x64
-         fail-fast: false
-      runs-on: ${{ matrix.os }}
+      runs-on: ubuntu-latest
       env:
-         HELM_3_18_4: 'v3.18.4'
-         HELM_3_18_0: 'v3.18.0'
-         HELM_NO_V: '3.18.4'
+         HELM_3_8_0: 'v3.8.0'
+         HELM_3_7_2: 'v3.7.2'
+         HELM_NO_V: '3.5.0'
          PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
       steps:
          - name: Check out repository
-           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+           uses: actions/checkout@v2
          - name: npm install and build
            id: action-npm-build
            run: |
@@ -35,62 +27,39 @@ jobs:
          - name: Setup helm
            uses: ./
            with:
-              version: ${{ env.HELM_3_18_4 }}
-         - name: Validate helm 3.18.4
+              version: ${{ env.HELM_3_8_0 }}
+         - name: Validate helm 3.8.0
            run: |
-              if [[ $(helm version) != *$HELM_3_18_4* ]]; then
-                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN v3.18.4"
+              if [[ $(helm version) != *$HELM_3_8_0* ]]; then
+                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN v3.8.0"
                 echo "HELM VERSION OUTPUT: $(helm version)"
                 exit 1
               else
-                echo "HELM VERSION $HELM_3_18_4 INSTALLED SUCCESSFULLY"
+                echo "HELM VERSION $HELM_3_8_0 INSTALLED SUCCESSFULLY"
               fi
-         - name: Setup helm 3.18.0
+         - name: Setup helm 3.7.2
            uses: ./
            with:
-              version: ${{ env.HELM_3_18_0 }}
-         - name: Validate 3.18.0
+              version: ${{ env.HELM_3_7_2 }}
+         - name: Validate 3.7.2
            run: |
-              if [[ $(helm version) != *$HELM_3_18_0* ]]; then
-                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN v3.18.0"
+              if [[ $(helm version) != *$HELM_3_7_2* ]]; then
+                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN v3.7.2"
                 echo "HELM VERSION OUTPUT: $(helm version)"
                 exit 1
               else
-                echo "HELM VERSION $HELM_3_18_0 INSTALLED SUCCESSFULLY"
+                echo "HELM VERSION $HELM_3_7_2 INSTALLED SUCCESSFULLY"
               fi
-         - name: Setup helm 3.18.4 with no v in version
+         - name: Setup helm 3.5.0 with no v in version
            uses: ./
            with:
               version: ${{ env.HELM_NO_V }}
-         - name: Validate 3.18.4 without v in version
+         - name: Validate 3.5.0 without v in version
            run: |
               if [[ $(helm version) != *$HELM_NO_V* ]]; then
-                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN 3.18.4"
+                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN v3.5.0"
                 echo "HELM VERSION OUTPUT: $(helm version)"
                 exit 1
               else
-                echo "HELM VERSION $HELM_NO_V INSTALLED SUCCESSFULLY"
-              fi
-         - name: Setup helm latest version
-           uses: ./
-           with:
-              version: latest
-              token: ${{ secrets.GITHUB_TOKEN }}
-         - name: Validate latest
-           env:
-              GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-           run: |
-              HELM_LATEST=$(gh release list \
-                --repo helm/helm \
-                --exclude-drafts \
-                --exclude-pre-releases \
-                --json name,isLatest \
-                --jq '.[] | select(.isLatest)|.name' | awk '{print $2}')
-
-              if [[ $(helm version) != *$HELM_LATEST* ]]; then
-                echo "HELM VERSION INCORRECT: HELM VERSION DOES NOT CONTAIN $HELM_LATEST"
-                echo "HELM VERSION OUTPUT: $(helm version)"
-                exit 1
-              else
-                echo "HELM VERSION $HELM_LATEST INSTALLED SUCCESSFULLY"
+                echo "HELM VERSION $HELM_3_5_0 INSTALLED SUCCESSFULLY"
               fi

.github/workflows/prettify-code.yml

@@ -10,7 +10,9 @@ jobs:
       runs-on: ubuntu-latest
       steps:
          - name: Checkout Repository
-           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+           uses: actions/checkout@v2
 
          - name: Enforce Prettier
-           run: npx prettier --check .
+           uses: actionsx/prettier@v2
+           with:
+              args: --check .

.github/workflows/release-pr.yml

@@ -1,18 +1,14 @@
-name: Release Project
+name: Create release PR
 
 on:
-   push:
-      branches:
-         - main
-      paths:
-         - CHANGELOG.md
    workflow_dispatch:
+      inputs:
+         release:
+            description: 'Define release version (ex: v1, v2, v3)'
+            required: true
 
 jobs:
-   release:
-      permissions:
-         actions: read
-         contents: write
-      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@3c677ba5ab58f5c5c1a6f0cfb176b333b1f27405 # v1.0.3
+   release-pr:
+      uses: OliverMKing/javascript-release-workflow/.github/workflows/release-pr.yml@main
       with:
-         changelogPath: ./CHANGELOG.md
+         release: ${{ github.event.inputs.release }}

.github/workflows/tag-and-draft.yml

@@ -7,4 +7,4 @@ on:
 
 jobs:
    tag-and-release:
-      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@c753e1545b144562237cd1177a95bab21a785cff # main
+      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@main

.github/workflows/unit-tests.yml

@@ -11,19 +11,9 @@ on: # rebuild any PRs and main branch changes
 
 jobs:
    build: # make sure build/ci works properly
-      strategy:
-         matrix:
-            os:
-               - ubuntu-latest
-               - ubuntu-24.04-arm
-               - windows-latest
-               - windows-11-arm
-               - macos-latest # arm
-               - macos-13 # x64
-         fail-fast: false
-      runs-on: ${{ matrix.os }}
+      runs-on: ubuntu-latest
       steps:
-         - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+         - uses: actions/checkout@v1
 
          - name: Run L0 tests.
            run: |

.gitignore

@@ -11,6 +11,8 @@ pids
 *.seed
 *.pid.lock
 
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
 
 # Coverage directory used by tools like istanbul
 coverage
@@ -62,3 +64,4 @@ node_modules
 coverage
 
 # Transpiled JS
+lib/

.husky/pre-commit

@@ -1,7 +0,0 @@
-npm test
-npm run format-check || {
-  echo ""
-  echo "❌ Formatting check failed."
-  echo "💡 Run 'npm run format' or 'prettier --write .' to fix formatting issues."
-  exit 1
-}

CHANGELOG.md

@@ -1,34 +0,0 @@
-# Change Log
-
-## [4.3.1] - 2025-08-12
-
-### Changed
-
-- #167 [Pinning Action Dependencies for Security and Reliability](https://github.com/Azure/setup-helm/pull/167)
-- #181 [Fix types, and update node version.](https://github.com/Azure/setup-helm/pull/181)
-- #191 [chore(tests): Mock arch to make tests pass on arm host](https://github.com/Azure/setup-helm/pull/191)
-- #192 [chore: remove unnecessary prebuild script](https://github.com/Azure/setup-helm/pull/192)
-- #203 [Update helm version retrieval to use JSON output for latest version](https://github.com/Azure/setup-helm/pull/203)
-- #207 [ci(workflows): update helm version to v3.18.4 and add matrix for tests](https://github.com/Azure/setup-helm/pull/207)
-
-### Added
-
-- #197 [Add pre-commit hook](https://github.com/Azure/setup-helm/pull/197)
-
-## [4.3.0] - 2025-02-15
-
-- #152 feat: log when restoring from cache
-- #157 Dependencies Update
-- #137 Add dependabot
-
-## [4.2.0] - 2024-04-15
-
-- #124 Fix OS detection and download OS-native archive extension
-
-## [4.1.0] - 2024-03-01
-
-- #130 switches to use Helm published file to read latest version instead of using GitHub releases
-
-## [4.0.0] - 2024-02-12
-
-- #121 update to node20 as node16 is deprecated

CODE_OF_CONDUCT.md

@@ -4,6 +4,6 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 
 Resources:
 
-- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
-- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
-- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
+-  [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+-  [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+-  Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

README.md

@@ -4,17 +4,17 @@ Install a specific version of helm binary on the runner.
 
 ## Example
 
-Acceptable values are latest or any semantic version string like v3.5.0 Use this action in workflow to define which version of helm will be used. v2+ of this action only support Helm3.
+Acceptable values are latest or any semantic version string like v3.5.0 Use this action in workflow to define which version of helm will be used. v2 and v3 of this action only support Helm3.
 
 ```yaml
-- uses: azure/setup-helm@v4.3.0
+- uses: azure/setup-helm@v3
   with:
      version: '<version>' # default is latest (stable)
+     token: ${{ secrets.GITHUB_TOKEN }} # only needed if version is 'latest'
   id: install
 ```
 
-> [!NOTE]
-> If something goes wrong with fetching the latest version the action will use the hardcoded default version (currently v3.18.3). If you rely on a certain version higher than the default, you should explicitly use that version instead of latest.
+> Note: When using latest version you might hit the GitHub GraphQL API hourly rate limit of 5,000. The action will then return the hardcoded default stable version (currently v3.9.0). If you rely on a certain version higher than the default, you should use that version instead of latest.
 
 The cached helm binary path is prepended to the PATH environment variable as well as stored in the helm-path output variable.
 Refer to the action metadata file for details about all the inputs https://github.com/Azure/setup-helm/blob/master/action.yml
@@ -32,7 +32,3 @@ provided by the bot. You will only need to do this once across all repos using o
 This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
 For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
 contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
-
-## Support
-
-setup-helm is an open source project that is [**not** covered by the Microsoft Azure support policy](https://support.microsoft.com/en-us/help/2941892/support-for-linux-and-open-source-technology-in-azure). [Please search open issues here](https://github.com/Azure/setup-helm/issues), and if your issue isn't already represented please [open a new one](https://github.com/Azure/setup-helm/issues/new/choose). The project maintainers will respond to the best of their abilities.

SECURITY.md

@@ -18,13 +18,13 @@ You should receive a response within 24 hours. If for some reason you do not, pl
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
-- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-- Full paths of source file(s) related to the manifestation of the issue
-- The location of the affected source code (tag/branch/commit or direct URL)
-- Any special configuration required to reproduce the issue
-- Step-by-step instructions to reproduce the issue
-- Proof-of-concept or exploit code (if possible)
-- Impact of the issue, including how an attacker might exploit the issue
+-  Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+-  Full paths of source file(s) related to the manifestation of the issue
+-  The location of the affected source code (tag/branch/commit or direct URL)
+-  Any special configuration required to reproduce the issue
+-  Step-by-step instructions to reproduce the issue
+-  Proof-of-concept or exploit code (if possible)
+-  Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 

action.yml

@@ -6,19 +6,13 @@ inputs:
       required: true
       default: 'latest'
    token:
-      description: GitHub token. Used to be required to fetch the latest version
+      description: GitHub token. Required only if 'version' == 'latest'
       required: false
-      deprecationMessage: 'GitHub token is no longer required'
-      default: '${{ github.token }}'
-   downloadBaseURL:
-      description: 'Set the download base URL'
-      required: false
-      default: 'https://get.helm.sh'
 outputs:
    helm-path:
       description: 'Path to the cached helm binary'
 branding:
    color: 'blue'
 runs:
-   using: 'node20'
+   using: 'node16'
    main: 'lib/index.js'

package.json

@@ -1,35 +1,33 @@
 {
    "name": "setuphelm",
-   "version": "4.3.1",
+   "version": "0.0.0",
    "private": true,
    "description": "Setup helm",
    "author": "Anumita Shenoy",
    "license": "MIT",
    "dependencies": {
-      "@actions/core": "^1.11.1",
-      "@actions/exec": "^1.1.1",
-      "@actions/io": "^1.1.2",
-      "@actions/tool-cache": "2.0.2",
-      "@octokit/action": "^8.0.2",
-      "semver": "^7.7.2"
+      "@actions/core": "^1.2.6",
+      "@actions/exec": "^1.0.0",
+      "@actions/io": "^1.0.0",
+      "@actions/tool-cache": "1.1.2",
+      "@octokit/auth-action": "^2.0.0",
+      "@octokit/graphql": "^4.6.1",
+      "semver": "^6.1.0"
    },
    "main": "lib/index.js",
    "scripts": {
-      "build": "ncc build src/index.ts -o lib",
+      "build": "ncc build src/run.ts -o lib",
       "test": "jest",
       "test-coverage": "jest --coverage",
       "format": "prettier --write .",
-      "format-check": "prettier --check .",
-      "prepare": "husky"
+      "format-check": "prettier --check ."
    },
    "devDependencies": {
-      "@types/jest": "^30.0.0",
-      "@types/node": "^24.2.1",
-      "@vercel/ncc": "^0.38.3",
-      "husky": "^9.1.7",
-      "jest": "^30.0.5",
-      "prettier": "^3.6.2",
-      "ts-jest": "^29.4.1",
-      "typescript": "^5.9.2"
+      "@types/jest": "^26.0.0",
+      "@types/node": "^12.0.10",
+      "@vercel/ncc": "^0.34.0",
+      "jest": "^26.0.1",
+      "ts-jest": "^26.0.0",
+      "typescript": "^3.5.2"
    }
 }

src/index.ts

@@ -1,4 +0,0 @@
-import {run} from './run'
-import * as core from '@actions/core'
-
-run().catch(core.setFailed)

src/run.test.ts

@@ -6,124 +6,97 @@ import * as path from 'path'
 import * as core from '@actions/core'
 
 describe('run.ts', () => {
-   const downloadBaseURL = 'https://test.tld'
-
-   // Cleanup mocks after each test to ensure that subsequent tests are not affected by the mocks.
-   afterEach(() => {
-      jest.restoreAllMocks()
-   })
-
    test('getExecutableExtension() - return .exe when os is Windows', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
 
       expect(run.getExecutableExtension()).toBe('.exe')
-      expect(os.platform).toHaveBeenCalled()
+      expect(os.type).toBeCalled()
    })
 
    test('getExecutableExtension() - return empty string for non-windows OS', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('darwin')
+      jest.spyOn(os, 'type').mockReturnValue('Darwin')
 
       expect(run.getExecutableExtension()).toBe('')
-      expect(os.platform).toHaveBeenCalled()
+      expect(os.type).toBeCalled()
    })
 
-   test('getHelmDownloadURL() - return the URL to download helm for Linux amd64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('linux')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
-      const expected = 'https://test.tld/helm-v3.8.0-linux-amd64.tar.gz'
+   test('getHelmDownloadURL() - return the URL to download helm for Linux', () => {
+      jest.spyOn(os, 'type').mockReturnValue('Linux')
+      jest.spyOn(os, 'arch').mockReturnValueOnce('unknown')
+      const kubectlLinuxUrl = 'https://get.helm.sh/helm-v3.8.0-linux-amd64.zip'
 
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-      expect(os.arch).toHaveBeenCalled()
+      expect(run.getHelmDownloadURL('v3.8.0')).toBe(kubectlLinuxUrl)
+      expect(os.type).toBeCalled()
+      expect(os.arch).toBeCalled()
+
+      // arm64
+      jest.spyOn(os, 'type').mockReturnValue('Linux')
+      jest.spyOn(os, 'arch').mockReturnValueOnce('arm64')
+      const kubectlLinuxArm64Url =
+         'https://get.helm.sh/helm-v3.8.0-linux-arm64.zip'
+
+      expect(run.getHelmDownloadURL('v3.8.0')).toBe(kubectlLinuxArm64Url)
+      expect(os.type).toBeCalled()
+      expect(os.arch).toBeCalled()
    })
 
-   test('getHelmDownloadURL() - return the URL to download helm for Linux arm64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('linux')
-      jest.spyOn(os, 'arch').mockReturnValue('arm64')
-      const expected = 'https://test.tld/helm-v3.8.0-linux-arm64.tar.gz'
+   test('getHelmDownloadURL() - return the URL to download helm for Darwin', () => {
+      jest.spyOn(os, 'type').mockReturnValue('Darwin')
+      jest.spyOn(os, 'arch').mockReturnValueOnce('unknown')
+      const kubectlDarwinUrl =
+         'https://get.helm.sh/helm-v3.8.0-darwin-amd64.zip'
 
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-      expect(os.arch).toHaveBeenCalled()
-   })
+      expect(run.getHelmDownloadURL('v3.8.0')).toBe(kubectlDarwinUrl)
+      expect(os.type).toBeCalled()
+      expect(os.arch).toBeCalled()
 
-   test('getHelmDownloadURL() - return the URL to download helm for Darwin x64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('darwin')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
-      const expected = 'https://test.tld/helm-v3.8.0-darwin-amd64.tar.gz'
+      // arm64
+      jest.spyOn(os, 'type').mockReturnValue('Darwin')
+      jest.spyOn(os, 'arch').mockReturnValueOnce('arm64')
+      const kubectlDarwinArm64Url =
+         'https://get.helm.sh/helm-v3.8.0-darwin-arm64.zip'
 
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-      expect(os.arch).toHaveBeenCalled()
-   })
-
-   test('getHelmDownloadURL() - return the URL to download helm for Darwin arm64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('darwin')
-      jest.spyOn(os, 'arch').mockReturnValue('arm64')
-      const expected = 'https://test.tld/helm-v3.8.0-darwin-arm64.tar.gz'
-
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-      expect(os.arch).toHaveBeenCalled()
-   })
-
-   test('getHelmDownloadURL() - return the URL to download helm for Windows x64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
-
-      const expected = 'https://test.tld/helm-v3.8.0-windows-amd64.zip'
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-   })
-
-   test('getHelmDownloadURL() - return the URL to download helm for Windows arm64', () => {
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('arm64')
-
-      const expected = 'https://test.tld/helm-v3.8.0-windows-arm64.zip'
-      expect(run.getHelmDownloadURL(downloadBaseURL, 'v3.8.0')).toBe(expected)
-      expect(os.platform).toHaveBeenCalled()
-   })
-
-   test('getLatestHelmVersion() - return the latest version of HELM', async () => {
-      const res = {
-         status: 200,
-         text: async () => 'v9.99.999'
-      } as Response
-      global.fetch = jest.fn().mockReturnValue(res)
-      expect(await run.getLatestHelmVersion()).toBe('v9.99.999')
-   })
-
-   test('getLatestHelmVersion() - return the stable version of HELM when simulating a network error', async () => {
-      const errorMessage: string = 'Network Error'
-      global.fetch = jest.fn().mockRejectedValueOnce(new Error(errorMessage))
-      expect(await run.getLatestHelmVersion()).toBe(run.stableHelmVersion)
+      expect(run.getHelmDownloadURL('v3.8.0')).toBe(kubectlDarwinArm64Url)
+      expect(os.type).toBeCalled()
+      expect(os.arch).toBeCalled()
    })
 
    test('getValidVersion() - return version with v prepended', () => {
       expect(run.getValidVersion('3.8.0')).toBe('v3.8.0')
    })
 
+   test('getHelmDownloadURL() - return the URL to download helm for Windows', () => {
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
+
+      const kubectlWindowsUrl =
+         'https://get.helm.sh/helm-v3.8.0-windows-amd64.zip'
+      expect(run.getHelmDownloadURL('v3.8.0')).toBe(kubectlWindowsUrl)
+      expect(os.type).toBeCalled()
+   })
+
+   test('getLatestHelmVersion() - return the stable version of HELM since its not authenticated', async () => {
+      expect(await run.getLatestHelmVersion()).toBe('v3.9.0')
+   })
+
    test('walkSync() - return path to the all files matching fileToFind in dir', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file1' as unknown as fs.Dirent,
+               'file2' as unknown as fs.Dirent,
+               'folder1' as unknown as fs.Dirent,
+               'folder2' as unknown as fs.Dirent
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file11' as unknown as fs.Dirent,
+               'file12' as unknown as fs.Dirent
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file21' as unknown as fs.Dirent,
+               'file22' as unknown as fs.Dirent
             ]
-         return []
       })
       jest.spyOn(core, 'debug').mockImplementation()
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
@@ -135,30 +108,29 @@ describe('run.ts', () => {
       expect(run.walkSync('mainFolder', null, 'file21')).toEqual([
          path.join('mainFolder', 'folder2', 'file21')
       ])
-      expect(fs.readdirSync).toHaveBeenCalledTimes(3)
-      expect(fs.statSync).toHaveBeenCalledTimes(8)
+      expect(fs.readdirSync).toBeCalledTimes(3)
+      expect(fs.statSync).toBeCalledTimes(8)
    })
 
    test('walkSync() - return empty array if no file with name fileToFind exists', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file1' as unknown as fs.Dirent,
+               'file2' as unknown as fs.Dirent,
+               'folder1' as unknown as fs.Dirent,
+               'folder2' as unknown as fs.Dirent
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file11' as unknown as fs.Dirent,
+               'file12' as unknown as fs.Dirent
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
-               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+               'file21' as unknown as fs.Dirent,
+               'file22' as unknown as fs.Dirent
             ]
-         return []
       })
       jest.spyOn(core, 'debug').mockImplementation()
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
@@ -168,23 +140,21 @@ describe('run.ts', () => {
       })
 
       expect(run.walkSync('mainFolder', null, 'helm.exe')).toEqual([])
-      expect(fs.readdirSync).toHaveBeenCalledTimes(3)
-      expect(fs.statSync).toHaveBeenCalledTimes(8)
+      expect(fs.readdirSync).toBeCalledTimes(3)
+      expect(fs.statSync).toBeCalledTimes(8)
    })
 
    test('findHelm() - change access permissions and find the helm in given directory', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
-         if (file == 'mainFolder')
-            return ['helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>]
-         return []
+         if (file == 'mainFolder') return ['helm.exe' as unknown as fs.Dirent]
       })
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true
          return {isDirectory: () => isDirectory} as fs.Stats
       })
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
 
       expect(run.findHelm('mainFolder')).toBe(
          path.join('mainFolder', 'helm.exe')
@@ -195,13 +165,11 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder') return []
-         return []
       })
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          return {isDirectory: () => true} as fs.Stats
       })
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
       expect(() => run.findHelm('mainFolder')).toThrow(
          'Helm executable not found in path mainFolder'
       )
@@ -212,32 +180,31 @@ describe('run.ts', () => {
       jest.spyOn(toolCache, 'downloadTool').mockResolvedValue('pathToTool')
       const response = JSON.stringify([{tag_name: 'v4.0.0'}])
       jest.spyOn(fs, 'readFileSync').mockReturnValue(response)
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
-      jest.spyOn(toolCache, 'extractZip').mockResolvedValue('extractedPath')
+      jest
+         .spyOn(toolCache, 'extractZip')
+         .mockResolvedValue('pathToUnzippedHelm')
       jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
       jest
          .spyOn(fs, 'readdirSync')
-         .mockImplementation((file, _) => [
-            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
-         ])
+         .mockImplementation((file, _) => ['helm.exe' as unknown as fs.Dirent])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true
          return {isDirectory: () => isDirectory} as fs.Stats
       })
 
-      expect(await run.downloadHelm(downloadBaseURL, 'v4.0.0')).toBe(
+      expect(await run.downloadHelm('v4.0.0')).toBe(
          path.join('pathToCachedDir', 'helm.exe')
       )
-      expect(toolCache.find).toHaveBeenCalledWith('helm', 'v4.0.0')
-      expect(toolCache.downloadTool).toHaveBeenCalledWith(
-         'https://test.tld/helm-v4.0.0-windows-amd64.zip'
+      expect(toolCache.find).toBeCalledWith('helm', 'v4.0.0')
+      expect(toolCache.downloadTool).toBeCalledWith(
+         'https://get.helm.sh/helm-v4.0.0-windows-amd64.zip'
       )
-      expect(fs.chmodSync).toHaveBeenCalledWith('pathToTool', '777')
-      expect(toolCache.extractZip).toHaveBeenCalledWith('pathToTool')
-      expect(fs.chmodSync).toHaveBeenCalledWith(
+      expect(fs.chmodSync).toBeCalledWith('pathToTool', '777')
+      expect(toolCache.extractZip).toBeCalledWith('pathToTool')
+      expect(fs.chmodSync).toBeCalledWith(
          path.join('pathToCachedDir', 'helm.exe'),
          '777'
       )
@@ -248,41 +215,26 @@ describe('run.ts', () => {
       jest.spyOn(toolCache, 'downloadTool').mockImplementation(async () => {
          throw 'Unable to download'
       })
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
 
-      const downloadUrl = 'https://test.tld/helm-v3.2.1-windows-amd64.zip'
-      await expect(run.downloadHelm(downloadBaseURL, 'v3.2.1')).rejects.toThrow(
-         `Failed to download Helm from location ${downloadUrl}`
+      await expect(run.downloadHelm('v3.2.1')).rejects.toThrow(
+         'Failed to download Helm from location https://get.helm.sh/helm-v3.2.1-windows-amd64.zip'
+      )
+      expect(toolCache.find).toBeCalledWith('helm', 'v3.2.1')
+      expect(toolCache.downloadTool).toBeCalledWith(
+         'https://get.helm.sh/helm-v3.2.1-windows-amd64.zip'
       )
-      expect(toolCache.find).toHaveBeenCalledWith('helm', 'v3.2.1')
-      expect(toolCache.downloadTool).toHaveBeenCalledWith(`${downloadUrl}`)
    })
 
    test('downloadHelm() - return path to helm tool with same version from toolCache', async () => {
       jest.spyOn(toolCache, 'find').mockReturnValue('pathToCachedDir')
-      jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
-      jest.spyOn(toolCache, 'downloadTool').mockResolvedValue('pathToTool')
-      jest.spyOn(toolCache, 'extractZip').mockResolvedValue('extractedPath')
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
-      jest
-         .spyOn(fs, 'readdirSync')
-         .mockReturnValue([
-            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
-         ])
-      jest.spyOn(fs, 'statSync').mockImplementation((file) => {
-         const isDirectory =
-            (file as string).indexOf('folder') == -1 ? false : true
-         return {isDirectory: () => isDirectory} as fs.Stats
-      })
 
-      expect(await run.downloadHelm(downloadBaseURL, 'v3.2.1')).toBe(
+      expect(await run.downloadHelm('v3.2.1')).toBe(
          path.join('pathToCachedDir', 'helm.exe')
       )
-      expect(toolCache.find).toHaveBeenCalledWith('helm', 'v3.2.1')
-      expect(fs.chmodSync).toHaveBeenCalledWith(
+      expect(toolCache.find).toBeCalledWith('helm', 'v3.2.1')
+      expect(fs.chmodSync).toBeCalledWith(
          path.join('pathToCachedDir', 'helm.exe'),
          '777'
       )
@@ -291,12 +243,12 @@ describe('run.ts', () => {
    test('downloadHelm() - throw error is helm is not found in path', async () => {
       jest.spyOn(toolCache, 'find').mockReturnValue('')
       jest.spyOn(toolCache, 'downloadTool').mockResolvedValue('pathToTool')
-      jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
-      jest.spyOn(toolCache, 'downloadTool').mockResolvedValue('pathToTool')
-      jest.spyOn(toolCache, 'extractZip').mockResolvedValue('extractedPath')
-      jest.spyOn(os, 'platform').mockReturnValue('win32')
-      jest.spyOn(os, 'arch').mockReturnValue('x64')
+      jest.spyOn(os, 'type').mockReturnValue('Windows_NT')
       jest.spyOn(fs, 'chmodSync').mockImplementation()
+      jest
+         .spyOn(toolCache, 'extractZip')
+         .mockResolvedValue('pathToUnzippedHelm')
+      jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => [])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
@@ -304,14 +256,14 @@ describe('run.ts', () => {
          return {isDirectory: () => isDirectory} as fs.Stats
       })
 
-      await expect(run.downloadHelm(downloadBaseURL, 'v3.2.1')).rejects.toThrow(
+      await expect(run.downloadHelm('v3.2.1')).rejects.toThrow(
          'Helm executable not found in path pathToCachedDir'
       )
-      expect(toolCache.find).toHaveBeenCalledWith('helm', 'v3.2.1')
-      expect(toolCache.downloadTool).toHaveBeenCalledWith(
-         'https://test.tld/helm-v3.2.1-windows-amd64.zip'
+      expect(toolCache.find).toBeCalledWith('helm', 'v3.2.1')
+      expect(toolCache.downloadTool).toBeCalledWith(
+         'https://get.helm.sh/helm-v3.2.1-windows-amd64.zip'
       )
-      expect(fs.chmodSync).toHaveBeenCalledWith('pathToTool', '777')
-      expect(toolCache.extractZip).toHaveBeenCalledWith('pathToTool')
+      expect(fs.chmodSync).toBeCalledWith('pathToTool', '777')
+      expect(toolCache.extractZip).toBeCalledWith('pathToTool')
    })
 })

src/run.ts

@@ -1,4 +1,5 @@
 // Copyright (c) Microsoft Corporation.
+// Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
 
 import * as os from 'os'
@@ -8,9 +9,12 @@ import * as fs from 'fs'
 
 import * as toolCache from '@actions/tool-cache'
 import * as core from '@actions/core'
+import {graphql} from '@octokit/graphql'
+import {createActionAuth} from '@octokit/auth-action'
+import {create} from 'domain'
 
 const helmToolName = 'helm'
-export const stableHelmVersion = 'v3.18.4'
+const stableHelmVersion = 'v3.9.0'
 
 export async function run() {
    let version = core.getInput('version', {required: true})
@@ -23,10 +27,8 @@ export async function run() {
       version = await getLatestHelmVersion()
    }
 
-   const downloadBaseURL = core.getInput('downloadBaseURL', {required: false})
-
-   core.startGroup(`Installing ${version}`)
-   const cachedPath = await downloadHelm(downloadBaseURL, version)
+   core.startGroup(`Downloading ${version}`)
+   const cachedPath = await downloadHelm(version)
    core.endGroup()
 
    try {
@@ -49,70 +51,113 @@ export function getValidVersion(version: string): string {
 // Gets the latest helm version or returns a default stable if getting latest fails
 export async function getLatestHelmVersion(): Promise<string> {
    try {
-      const response = await fetch('https://get.helm.sh/helm-latest-version')
-      const release = (await response.text()).trim()
-      return release
+      const auth = createActionAuth()
+      const graphqlAuthenticated = graphql.defaults({
+         request: {hook: auth.hook}
+      })
+      const {repository} = await graphqlAuthenticated(
+         `
+            {
+               repository(name: "helm", owner: "helm") {
+                  releases(last: 100) {
+                     nodes {
+                        tagName
+                     }
+                  }
+               }
+            }
+         `
+      )
+      const releases: string[] = repository.releases.nodes
+         .reverse()
+         .map((node: {tagName: string}) => node.tagName)
+      const latestValidRelease = releases.find((tag) => isValidVersion(tag))
+      if (latestValidRelease) return latestValidRelease
    } catch (err) {
       core.warning(
          `Error while fetching latest Helm release: ${err.toString()}. Using default version ${stableHelmVersion}`
       )
       return stableHelmVersion
    }
+
+   core.warning(
+      `Could not find valid release. Using default version ${stableHelmVersion}`
+   )
+   return stableHelmVersion
 }
 
-export function getArch(): string {
-   return os.arch() === 'x64' ? 'amd64' : os.arch()
-}
-
-export function getPlatform(): string {
-   return os.platform() === 'win32' ? 'windows' : os.platform()
-}
-
-export function getArchiveExtension(): string {
-   return os.platform() === 'win32' ? 'zip' : 'tar.gz'
+// isValidVersion checks if verison is a stable release
+function isValidVersion(version: string): boolean {
+   return version.indexOf('rc') == -1
 }
 
 export function getExecutableExtension(): string {
-   return os.platform() === 'win32' ? '.exe' : ''
+   if (os.type().match(/^Win/)) {
+      return '.exe'
+   }
+   return ''
 }
 
-export function getHelmDownloadURL(baseURL: string, version: string): string {
-   const urlPath = `helm-${version}-${getPlatform()}-${getArch()}.${getArchiveExtension()}`
-   const url = new URL(urlPath, baseURL)
-   return url.toString()
+const LINUX = 'Linux'
+const MAC_OS = 'Darwin'
+const WINDOWS = 'Windows_NT'
+const ARM64 = 'arm64'
+export function getHelmDownloadURL(version: string): string {
+   const arch = os.arch()
+   const operatingSystem = os.type()
+
+   switch (true) {
+      case operatingSystem == LINUX && arch == ARM64:
+         return util.format(
+            'https://get.helm.sh/helm-%s-linux-arm64.zip',
+            version
+         )
+      case operatingSystem == LINUX:
+         return util.format(
+            'https://get.helm.sh/helm-%s-linux-amd64.zip',
+            version
+         )
+
+      case operatingSystem == MAC_OS && arch == ARM64:
+         return util.format(
+            'https://get.helm.sh/helm-%s-darwin-arm64.zip',
+            version
+         )
+      case operatingSystem == MAC_OS:
+         return util.format(
+            'https://get.helm.sh/helm-%s-darwin-amd64.zip',
+            version
+         )
+
+      case operatingSystem == WINDOWS:
+      default:
+         return util.format(
+            'https://get.helm.sh/helm-%s-windows-amd64.zip',
+            version
+         )
+   }
 }
 
-export async function downloadHelm(
-   baseURL: string,
-   version: string
-): Promise<string> {
+export async function downloadHelm(version: string): Promise<string> {
    let cachedToolpath = toolCache.find(helmToolName, version)
-   if (cachedToolpath) {
-      core.info(`Restoring '${version}' from cache`)
-   } else {
-      core.info(`Downloading '${version}' from '${baseURL}'`)
+   if (!cachedToolpath) {
       let helmDownloadPath
       try {
          helmDownloadPath = await toolCache.downloadTool(
-            getHelmDownloadURL(baseURL, version)
+            getHelmDownloadURL(version)
          )
       } catch (exception) {
          throw new Error(
             `Failed to download Helm from location ${getHelmDownloadURL(
-               baseURL,
                version
             )}`
          )
       }
 
       fs.chmodSync(helmDownloadPath, '777')
-      const extractedPath =
-         getPlatform() === 'windows'
-            ? await toolCache.extractZip(helmDownloadPath)
-            : await toolCache.extractTar(helmDownloadPath)
-
+      const unzipedHelmPath = await toolCache.extractZip(helmDownloadPath)
       cachedToolpath = await toolCache.cacheDir(
-         extractedPath,
+         unzipedHelmPath,
          helmToolName,
          version
       )
@@ -157,3 +202,5 @@ export var walkSync = function (dir, filelist, fileToFind) {
    })
    return filelist
 }
+
+run().catch(core.setFailed)