Merge branch 'main' into 1715-update-secrets-across-namespaces

.gitignore

@@ -1,5 +1,4 @@
 !.env.example
-./dist/
 .DS_Store
 .env
 .env.*
@@ -23,8 +22,6 @@
 *.zim
 assets/
 build
-bundle/
-clidocs/
 data/
 dist/
 node_modules

Makefile

@@ -68,23 +68,25 @@ build-ui: ## Build the Zarf UI
 	npm --prefix src/ui ci
 	npm --prefix src/ui run build
 
+# Note: the path to the main.go file is not used due to https://github.com/golang/go/issues/51831#issuecomment-1074188363
+
 build-cli-linux-amd: check-ui ## Build the Zarf CLI for Linux on AMD64
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf main.go
+	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf .
 
 build-cli-linux-arm: check-ui ## Build the Zarf CLI for Linux on ARM
-	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm main.go
+	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm .
 
 build-cli-mac-intel: check-ui ## Build the Zarf CLI for macOS on AMD64
-	GOOS=darwin GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-intel main.go
+	GOOS=darwin GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-intel .
 
 build-cli-mac-apple: check-ui ## Build the Zarf CLI for macOS on ARM
-	GOOS=darwin GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-apple main.go
+	GOOS=darwin GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-apple .
 
 build-cli-windows-amd: check-ui ## Build the Zarf CLI for Windows on AMD64
-	GOOS=windows GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf.exe main.go ## Build the Zarf CLI for Windows on AMD64
+	GOOS=windows GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf.exe . ## Build the Zarf CLI for Windows on AMD64
 
 build-cli-windows-arm: check-ui ## Build the Zarf CLI for Windows on ARM
-	GOOS=windows GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm.exe main.go ## Build the Zarf CLI for Windows on ARM
+	GOOS=windows GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm.exe . ## Build the Zarf CLI for Windows on ARM
 
 build-cli-linux: build-cli-linux-amd build-cli-linux-arm ## Build the Zarf CLI for Linux on AMD64 and ARM
 

docs/3-create-a-zarf-package/4-zarf-schema.md

@@ -384,13 +384,11 @@ Must be one of:
 
 <details>
 <summary>
-<strong> <a name="build_migrations"></a>migrations *</strong>
+<strong> <a name="build_migrations"></a>migrations</strong>
 </summary>
 &nbsp;
 <blockquote>
 
-![Required](https://img.shields.io/badge/Required-red)
-
 **Description:** Any migrations that have been run on this package
 
 |          |                   |
@@ -413,13 +411,11 @@ Must be one of:
 
 <details>
 <summary>
-<strong> <a name="build_differential"></a>differential *</strong>
+<strong> <a name="build_differential"></a>differential</strong>
 </summary>
 &nbsp;
 <blockquote>
 
-![Required](https://img.shields.io/badge/Required-red)
-
 **Description:** Whether this package was created with differential components
 
 |          |           |
@@ -431,13 +427,12 @@ Must be one of:
 
 <details open>
 <summary>
-<strong> <a name="build_registryOverrides"></a>registryOverrides *</strong>
+<strong> <a name="build_registryOverrides"></a>registryOverrides</strong>
 </summary>
 &nbsp;
 <blockquote>
 
   ## build > registryOverrides
-![Required](https://img.shields.io/badge/Required-red)
 
 **Description:** Any registry domains that were overridden on package create when pulling images
 

go.mod

@@ -38,6 +38,7 @@ require (
 	github.com/spf13/viper v1.16.0
 	github.com/stretchr/testify v1.8.4
 	golang.org/x/crypto v0.12.0
+	golang.org/x/sync v0.3.0
 	helm.sh/helm/v3 v3.12.2
 	k8s.io/api v0.27.4
 	k8s.io/apimachinery v0.27.4
@@ -387,7 +388,6 @@ require (
 	golang.org/x/mod v0.12.0 // indirect
 	golang.org/x/net v0.12.0 // indirect
 	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sync v0.3.0 // indirect
 	golang.org/x/sys v0.11.0 // indirect
 	golang.org/x/term v0.11.0 // indirect
 	golang.org/x/text v0.12.0 // indirect

src/cmd/initialize.go

@@ -41,20 +41,20 @@ var initCmd = &cobra.Command{
 
 		// Continue running package deploy for all components like any other package
 		initPackageName := packager.GetInitPackageName("")
-		pkgConfig.DeployOpts.PackagePath = initPackageName
+		pkgConfig.PkgOpts.PackagePath = initPackageName
 
 		// Try to use an init-package in the executable directory if none exist in current working directory
 		var err error
-		if pkgConfig.DeployOpts.PackagePath, err = findInitPackage(initPackageName); err != nil {
+		if pkgConfig.PkgOpts.PackagePath, err = findInitPackage(initPackageName); err != nil {
 			message.Fatal(err, err.Error())
 		}
 
-		pkgConfig.PkgSourcePath = pkgConfig.DeployOpts.PackagePath
+		pkgConfig.PkgSource = pkgConfig.PkgOpts.PackagePath
 
 		// Ensure uppercase keys from viper
 		v := common.GetViper()
-		pkgConfig.DeployOpts.SetVariables = helpers.TransformAndMergeMap(
-			v.GetStringMapString(common.VPkgDeploySet), pkgConfig.DeployOpts.SetVariables, strings.ToUpper)
+		pkgConfig.PkgOpts.SetVariables = helpers.TransformAndMergeMap(
+			v.GetStringMapString(common.VPkgDeploySet), pkgConfig.PkgOpts.SetVariables, strings.ToUpper)
 
 		// Configure the packager
 		pkgClient := packager.NewOrDie(&pkgConfig)
@@ -173,11 +173,11 @@ func init() {
 	v.SetDefault(common.VInitRegistryPushUser, config.ZarfRegistryPushUser)
 
 	// Init package set variable flags
-	initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdInitFlagSet)
+	initCmd.Flags().StringToStringVar(&pkgConfig.PkgOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdInitFlagSet)
 
 	// Continue to require --confirm flag for init command to avoid accidental deployments
 	initCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdInitFlagConfirm)
-	initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VInitComponents), lang.CmdInitFlagComponents)
+	initCmd.Flags().StringVar(&pkgConfig.PkgOpts.OptionalComponents, "components", v.GetString(common.VInitComponents), lang.CmdInitFlagComponents)
 	initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(common.VInitStorageClass), lang.CmdInitFlagStorageClass)
 
 	// Flags for using an external Git server

src/cmd/package.go

@@ -80,16 +80,16 @@ var packageDeployCmd = &cobra.Command{
 	Long:    lang.CmdPackageDeployLong,
 	Args:    cobra.MaximumNArgs(1),
 	Run: func(cmd *cobra.Command, args []string) {
-		pkgConfig.DeployOpts.PackagePath = choosePackage(args)
+		pkgConfig.PkgOpts.PackagePath = choosePackage(args)
 
 		// Ensure uppercase keys from viper and CLI --set
 		v := common.GetViper()
 
 		// Merge the viper config file variables and provided CLI flag variables (CLI takes precedence))
-		pkgConfig.DeployOpts.SetVariables = helpers.TransformAndMergeMap(
-			v.GetStringMapString(common.VPkgDeploySet), pkgConfig.DeployOpts.SetVariables, strings.ToUpper)
+		pkgConfig.PkgOpts.SetVariables = helpers.TransformAndMergeMap(
+			v.GetStringMapString(common.VPkgDeploySet), pkgConfig.PkgOpts.SetVariables, strings.ToUpper)
 
-		pkgConfig.PkgSourcePath = pkgConfig.DeployOpts.PackagePath
+		pkgConfig.PkgSource = pkgConfig.PkgOpts.PackagePath
 
 		// Configure the packager
 		pkgClient := packager.NewOrDie(&pkgConfig)
@@ -109,7 +109,7 @@ var packageInspectCmd = &cobra.Command{
 	Long:    lang.CmdPackageInspectLong,
 	Args:    cobra.MaximumNArgs(1),
 	Run: func(cmd *cobra.Command, args []string) {
-		pkgConfig.DeployOpts.PackagePath = choosePackage(args)
+		pkgConfig.PkgOpts.PackagePath = choosePackage(args)
 
 		// Configure the packager
 		pkgClient := packager.NewOrDie(&pkgConfig)
@@ -168,13 +168,13 @@ var packageRemoveCmd = &cobra.Command{
 	Args:    cobra.ExactArgs(1),
 	Short:   lang.CmdPackageRemoveShort,
 	Run: func(cmd *cobra.Command, args []string) {
-		pkgName := args[0]
+		pkgConfig.PkgOpts.PackagePath = args[0]
 
 		// Configure the packager
 		pkgClient := packager.NewOrDie(&pkgConfig)
 		defer pkgClient.ClearTempPaths()
 
-		if err := pkgClient.Remove(pkgName); err != nil {
+		if err := pkgClient.Remove(); err != nil {
 			message.Fatalf(err, lang.CmdPackageRemoveErr, err.Error())
 		}
 	},
@@ -325,11 +325,11 @@ func bindDeployFlags(v *viper.Viper) {
 	// Always require adopt-existing-resources flag (no viper)
 	deployFlags.BoolVar(&pkgConfig.DeployOpts.AdoptExistingResources, "adopt-existing-resources", false, lang.CmdPackageDeployFlagAdoptExistingResources)
 
-	deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdPackageDeployFlagSet)
-	deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageDeployFlagComponents)
-	deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(common.VPkgDeployShasum), lang.CmdPackageDeployFlagShasum)
-	deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(common.VPkgDeploySget), lang.CmdPackageDeployFlagSget)
-	deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageDeployFlagPublicKey)
+	deployFlags.StringToStringVar(&pkgConfig.PkgOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdPackageDeployFlagSet)
+	deployFlags.StringVar(&pkgConfig.PkgOpts.OptionalComponents, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageDeployFlagComponents)
+	deployFlags.StringVar(&pkgConfig.PkgOpts.Shasum, "shasum", v.GetString(common.VPkgDeployShasum), lang.CmdPackageDeployFlagShasum)
+	deployFlags.StringVar(&pkgConfig.PkgOpts.SGetKeyPath, "sget", v.GetString(common.VPkgDeploySget), lang.CmdPackageDeployFlagSget)
+	deployFlags.StringVarP(&pkgConfig.PkgOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageDeployFlagPublicKey)
 
 	deployFlags.MarkHidden("sget")
 }
@@ -344,7 +344,8 @@ func bindInspectFlags(v *viper.Viper) {
 func bindRemoveFlags(v *viper.Viper) {
 	removeFlags := packageRemoveCmd.Flags()
 	removeFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageRemoveFlagConfirm)
-	removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageRemoveFlagComponents)
+	removeFlags.StringVar(&pkgConfig.PkgOpts.OptionalComponents, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageRemoveFlagComponents)
+
 	_ = packageRemoveCmd.MarkFlagRequired("confirm")
 }
 

src/cmd/root.go

@@ -19,7 +19,7 @@ import (
 )
 
 var (
-	// Default global config for the CLI
+	// Default global config for the packager
 	pkgConfig = types.PackagerConfig{}
 )
 

src/cmd/version.go

@@ -50,12 +50,8 @@ var versionCmd = &cobra.Command{
 		buildMap := make(map[string]interface{})
 		buildMap["platform"] = runtime.GOOS + "/" + runtime.GOARCH
 		buildMap["goVersion"] = runtime.Version()
-		ver, err := semver.NewVersion(config.CLIVersion)
-		if err != nil {
-			buildMap["minor"] = ""
-			buildMap["patch"] = ""
-			buildMap["prerelease"] = ""
-		} else {
+		ver, _ := semver.NewVersion(config.CLIVersion)
+		if ver != nil {
 			buildMap["major"] = ver.Major()
 			buildMap["minor"] = ver.Minor()
 			buildMap["patch"] = ver.Patch()

src/config/config.go

@@ -16,7 +16,6 @@ import (
 	"time"
 
 	"github.com/defenseunicorns/zarf/src/types"
-
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/crane"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
@@ -25,17 +24,9 @@ import (
 // Zarf Global Configuration Constants.
 const (
 	GithubProject = "defenseunicorns/zarf"
-	IPV4Localhost = "127.0.0.1"
 
 	// ZarfMaxChartNameLength limits helm chart name size to account for K8s/helm limits and zarf prefix
 	ZarfMaxChartNameLength   = 40
-	ZarfGitPushUser          = "zarf-git-user"
-	ZarfGitReadUser          = "zarf-git-read-user"
-	ZarfArtifactTokenName    = "zarf-artifact-registry-token"
-	ZarfRegistryPushUser     = "zarf-push"
-	ZarfRegistryPullUser     = "zarf-pull"
-	ZarfImagePullSecretName  = "private-registry"
-	ZarfGitServerSecretName  = "private-git-server"
 	ZarfGeneratedPasswordLen = 24
 	ZarfGeneratedSecretLen   = 48
 
@@ -59,13 +50,28 @@ const (
 
 	ZarfComponentsDir = "components"
 
+	ZarfDeployStage = "Deploy"
+	ZarfCreateStage = "Create"
+)
+
+// Zarf Constants for In-Cluster Services.
+const (
+	IPV4Localhost = "127.0.0.1"
+
+	ZarfArtifactTokenName = "zarf-artifact-registry-token"
+
+	ZarfImagePullSecretName = "private-registry"
+	ZarfGitServerSecretName = "private-git-server"
+
+	ZarfRegistryPushUser                   = "zarf-push"
+	ZarfRegistryPullUser                   = "zarf-pull"
 	ZarfInClusterContainerRegistryNodePort = 31999
 
+	ZarfGitPushUser = "zarf-git-user"
+	ZarfGitReadUser = "zarf-git-read-user"
+
 	ZarfInClusterGitServiceURL      = "http://zarf-gitea-http.zarf.svc.cluster.local:3000"
 	ZarfInClusterArtifactServiceURL = ZarfInClusterGitServiceURL + "/api/packages/" + ZarfGitPushUser
-
-	ZarfDeployStage = "Deploy"
-	ZarfCreateStage = "Create"
 )
 
 // Zarf Global Configuration Variables.

src/extensions/bigbang/bigbang.go

@@ -96,9 +96,6 @@ func Run(YOLO bool, tmpPaths types.ComponentPaths, c types.ZarfComponent) (types
 			ValuesFiles: cfg.ValuesFiles,
 			GitPath:     "./chart",
 		},
-		Cfg: &types.PackagerConfig{
-			State: types.ZarfState{},
-		},
 		BasePath: tmpPaths.Temp,
 	}
 
@@ -503,9 +500,6 @@ func findImagesforBBChartRepo(repo string, values chartutil.Values) (images []st
 
 	helmCfg := helm.Helm{
 		Chart: chart,
-		Cfg: &types.PackagerConfig{
-			State: types.ZarfState{},
-		},
 	}
 
 	gitPath, err := helmCfg.DownloadChartFromGitToTemp(spinner)

src/extensions/bigbang/test/package/disable-all-bb2.yaml

@@ -53,6 +53,9 @@ monitoring:
 twistlock:
   enabled: false
 
+grafana:
+  enabled: false
+
 addons:
   metricsServer:
     enabled: false

src/internal/agent/hooks/argocd-application.go

@@ -32,7 +32,7 @@ type ArgoApplication struct {
 }
 
 var (
-	zarfState types.ZarfState
+	zarfState *types.ZarfState
 	patches   []operations.PatchOperation
 	isPatched bool
 	isCreate  bool

src/internal/agent/hooks/argocd-repository.go

@@ -8,6 +8,7 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+
 	"github.com/defenseunicorns/zarf/src/config"
 	"github.com/defenseunicorns/zarf/src/config/lang"
 	"github.com/defenseunicorns/zarf/src/internal/agent/operations"
@@ -39,7 +40,7 @@ func NewRepositoryMutationHook() operations.Hook {
 func mutateRepository(r *v1.AdmissionRequest) (result *operations.Result, err error) {
 
 	var (
-		zarfState types.ZarfState
+		zarfState *types.ZarfState
 		patches   []operations.PatchOperation
 		isPatched bool
 

src/internal/agent/hooks/flux.go

@@ -45,7 +45,7 @@ func NewGitRepositoryMutationHook() operations.Hook {
 func mutateGitRepo(r *v1.AdmissionRequest) (result *operations.Result, err error) {
 
 	var (
-		zarfState types.ZarfState
+		zarfState *types.ZarfState
 		patches   []operations.PatchOperation
 		isPatched bool
 

src/internal/agent/state/state.go

@@ -14,15 +14,13 @@ import (
 const zarfStatePath = "/etc/zarf-state/state"
 
 // GetZarfStateFromAgentPod reads the state json file that was mounted into the agent pods.
-func GetZarfStateFromAgentPod() (types.ZarfState, error) {
-	zarfState := types.ZarfState{}
-
+func GetZarfStateFromAgentPod() (state *types.ZarfState, err error) {
 	// Read the state file
 	stateFile, err := os.ReadFile(zarfStatePath)
 	if err != nil {
-		return zarfState, err
+		return nil, err
 	}
 
 	// Unmarshal the json file into a Go struct
-	return zarfState, json.Unmarshal(stateFile, &zarfState)
+	return state, json.Unmarshal(stateFile, &state)
 }