From c9cdce4e9439ef8c625c65b99376b64df108cca5 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 9 May 2023 15:18:52 -0500 Subject: [PATCH] Add the ability to specify registry overrides on package create (#1683) ## Description Allows registries to be overridden with registry mirrors on Zarf package create. ## Related Issue Fixes #1577 - [x] Fix the faq for large local images - this can fix that use case. https://github.com/defenseunicorns/zarf/pull/1679#discussion_r1187988591 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [X] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [X] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Co-authored-by: Jonathan Perry --- .../100-cli-commands/zarf_package_create.md | 23 ++++---- docs/3-create-a-zarf-package/4-zarf-schema.md | 40 ++++++++++++++ .../0-creating-a-zarf-package.md | 2 +- .../8-custom-init-packages.md | 13 +++++ docs/8-faq.md | 10 ++-- examples/helm-git-chart/zarf.yaml | 2 +- packages/distros/k3s/zarf.yaml | 2 +- src/cmd/package.go | 1 + src/cmd/viper.go | 1 + src/config/lang/english.go | 1 + src/internal/packager/git/clone.go | 4 +- src/internal/packager/images/common.go | 2 + src/internal/packager/images/pull.go | 18 ++++++- src/pkg/packager/create.go | 9 ++-- src/pkg/packager/yaml.go | 2 + src/test/e2e/25_helm_test.go | 53 ++++++++++++++----- src/types/package.go | 15 +++--- src/types/runtime.go | 1 + src/ui/lib/api-types.ts | 10 ++++ zarf.schema.json | 12 ++++- 20 files changed, 172 insertions(+), 49 deletions(-) diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_package_create.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_package_create.md index f9a0b07096..e62180a4be 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_package_create.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_package_create.md @@ -16,17 +16,18 @@ zarf package create [DIRECTORY] [flags] ## Options ``` - --confirm Confirm package creation without prompting - --differential string Build a package that only contains the differential changes from local resources and differing remote resources from the specified previously built package - -h, --help help for create - -k, --key string Path to private key file for signing packages - --key-pass string Password to the private key file used for signing packages - -m, --max-package-size int Specify the maximum size of the package in megabytes, packages larger than this will be split into multiple parts. Use 0 to disable splitting. - -o, --output-directory string Specify the output directory for the created Zarf package - -s, --sbom View SBOM contents after creating the package - --sbom-out string Specify an output directory for the SBOMs from the created Zarf package - --set stringToString Specify package variables to set on the command line (KEY=value) (default []) - --skip-sbom Skip generating SBOM for this package + --confirm Confirm package creation without prompting + --differential string Build a package that only contains the differential changes from local resources and differing remote resources from the specified previously built package + -h, --help help for create + -k, --key string Path to private key file for signing packages + --key-pass string Password to the private key file used for signing packages + -m, --max-package-size int Specify the maximum size of the package in megabytes, packages larger than this will be split into multiple parts. Use 0 to disable splitting. + -o, --output-directory string Specify the output directory for the created Zarf package + --registry-override stringToString Specify a map of domains to override on package create when pulling images (e.g. --registry-override docker.io=dockerio-reg.enterprise.intranet) (default []) + -s, --sbom View SBOM contents after creating the package + --sbom-out string Specify an output directory for the SBOMs from the created Zarf package + --set stringToString Specify package variables to set on the command line (KEY=value) (default []) + --skip-sbom Skip generating SBOM for this package ``` ## Options inherited from parent commands diff --git a/docs/3-create-a-zarf-package/4-zarf-schema.md b/docs/3-create-a-zarf-package/4-zarf-schema.md index 6b8051c38b..076cbc0f50 100644 --- a/docs/3-create-a-zarf-package/4-zarf-schema.md +++ b/docs/3-create-a-zarf-package/4-zarf-schema.md @@ -424,6 +424,46 @@ Must be one of: +
+ + registryOverrides * + +  +
+ + ## build > registryOverrides +![Required](https://img.shields.io/badge/Required-red) + +**Description:** Any registry domains that were overridden on package create when pulling images + +| | | +| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| **Type** | `object` | +| **Additional properties** | [![Any type: allowed](https://img.shields.io/badge/Any%20type-allowed-green)](# "Additional Properties of any type are allowed.") | + +
+ + Pattern Property .* + +  +
+ +:::note +All properties whose name matches the regular expression +```.*``` ([Test](https://regex101.com/?regex=.%2A)) +must respect the following conditions +::: + +| | | +| -------- | -------- | +| **Type** | `string` | + +
+
+ +
+
+ diff --git a/docs/6-zarf-tutorials/0-creating-a-zarf-package.md b/docs/6-zarf-tutorials/0-creating-a-zarf-package.md index 063a9bdb77..9268180917 100644 --- a/docs/6-zarf-tutorials/0-creating-a-zarf-package.md +++ b/docs/6-zarf-tutorials/0-creating-a-zarf-package.md @@ -254,7 +254,7 @@ This will create a zarf package in the current directory with a package name tha :::tip -You can learn more about what is going on behind the scenes of this process on the [package create lifecycle page](../3-create-a-zarf-package/5-package-create-lifecycle.md). +You can learn more about what is going on behind the scenes of this process on the [package create lifecycle page](../3-create-a-zarf-package/5-package-create-lifecycle.md), and can view other useful command flags like `--differential` and `--registry-override` on the [package create command flags page](../2-the-zarf-cli/100-cli-commands/zarf_package_create.md). ::: diff --git a/docs/6-zarf-tutorials/8-custom-init-packages.md b/docs/6-zarf-tutorials/8-custom-init-packages.md index 7b1a184783..6d9c485127 100644 --- a/docs/6-zarf-tutorials/8-custom-init-packages.md +++ b/docs/6-zarf-tutorials/8-custom-init-packages.md @@ -74,6 +74,19 @@ As of v0.26.0 you can swap the `registry` and `agent` images by specifying diffe For other components, or older versions of Zarf, you can modify the manifests of the components you want to change in their individual packages under the `packages` folder of the Zarf repo. +:::tip + +If your enterprise uses pull-through mirrors to host vetted images you can run the following command to create a Zarf 'init' package from those mirrors (where `.enterprise.corp` are your enterprise mirror(s)): + +``` +$ zarf package create . --set AGENT_IMAGE_TAG=vX.X.X \ + --registry-override docker.io=dockerio.enterprise.corp \ + --registry-override ghcr.io=ghcr.enterprise.corp \ + --registry-override quay.io=quay.enterprise.corp +``` + +::: + ### Removing Components You may not need or want all of the components in your 'init' package and may choose to slim down your package by removing them. Because the [Zarf Package is composed](../3-create-a-zarf-package/2-zarf-components.md#composing-package-components) all you need to do is remove the component that imports the component you wish to exclude. diff --git a/docs/8-faq.md b/docs/8-faq.md index 4cf4aa003d..b6031785b1 100644 --- a/docs/8-faq.md +++ b/docs/8-faq.md @@ -46,14 +46,16 @@ Additionally, when adopting resources, you should ensure that the namespaces you ## How can I improve the speed of loading large images from Docker on `zarf package create`? -Due to some limitations with how Docker provides access to local image layers, `zarf package create` has to rely on `docker save` under the hood which is [very slow overall](https://github.com/defenseunicorns/zarf/issues/1214) and also takes a long time to report progress. We experimented with many ways to improve this, but for now recommend leveraging a local docker registry to speed up the process. This can be done by running a local registry and pushing the images to it before running `zarf package create`. This will allow `zarf package create` to pull the images from the local registry instead of Docker. This can also be combined with [component actions](3-create-a-zarf-package/6-component-actions.md) to make the process automatic. Given an example image of `my-giant-image:###ZARF_PKG_TMPL_IMG###` you could do something like this: +Due to some limitations with how Docker provides access to local image layers, `zarf package create` has to rely on `docker save` under the hood which is [very slow overall](https://github.com/defenseunicorns/zarf/issues/1214) and also takes a long time to report progress. We experimented with many ways to improve this, but for now recommend leveraging a local docker registry to speed up the process. + +This can be done by running a local registry and pushing the images to it before running `zarf package create`. This will allow `zarf package create` to pull the images from the local registry instead of Docker. This can also be combined with [component actions](3-create-a-zarf-package/6-component-actions.md) and [`--registry-override`](./2-the-zarf-cli/100-cli-commands/zarf_package_create.md) to make the process automatic. Given an example image of `registry.enterprise.corp/my-giant-image:v2` you could do something like this: ```sh # Create a local registry docker run -d -p 5000:5000 --restart=always --name registry registry:2 # Run the package create with a tag variable -zarf package create --set IMG=my-giant-image:v2 +zarf package create --registry-override registry.enterprise.corp=localhost:5000 --set IMG=my-giant-image:v2 ``` ```yaml @@ -68,11 +70,11 @@ components: onCreate: # runs before the component is created before: - - cmd: 'docker tag ###ZARF_PKG_TMPL_IMG### localhost:5000/###ZARF_PKG_TMPL_IMG###' + - cmd: 'docker tag registry.enterprise.corp/###ZARF_PKG_TMPL_IMG### localhost:5000/###ZARF_PKG_TMPL_IMG###' - cmd: 'docker push localhost:5000/###ZARF_PKG_TMPL_IMG###' images: - - 'localhost:5000/###ZARF_PKG_TMPL_IMG###' + - 'registry.enterprise.corp/###ZARF_PKG_TMPL_IMG###' ``` ## Can I pull in more than http(s) git repos on `zarf package create`? diff --git a/examples/helm-git-chart/zarf.yaml b/examples/helm-git-chart/zarf.yaml index 60333f025f..27091f4dea 100644 --- a/examples/helm-git-chart/zarf.yaml +++ b/examples/helm-git-chart/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfPackageConfig metadata: - name: test-helm-git-chart + name: helm-git-chart description: "Deploys a helm chart from git" components: - name: demo-helm-git-chart diff --git a/packages/distros/k3s/zarf.yaml b/packages/distros/k3s/zarf.yaml index 4cfb478d7b..12f6f7d840 100644 --- a/packages/distros/k3s/zarf.yaml +++ b/packages/distros/k3s/zarf.yaml @@ -62,4 +62,4 @@ components: before: - cmd: if [ "$(arch)" != "arm64" ]; then echo "this package architecture is arm64, but the target system has a different architecture. These architectures must be the same" && exit 1; fi description: Check that the host architecture matches the package architecture - maxRetries: 0 \ No newline at end of file + maxRetries: 0 diff --git a/src/cmd/package.go b/src/cmd/package.go index 3a71f1fb64..c77be0a6e0 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -315,6 +315,7 @@ func bindCreateFlags() { createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) } func bindDeployFlags() { diff --git a/src/cmd/viper.go b/src/cmd/viper.go index fd29449aa0..9772020afc 100644 --- a/src/cmd/viper.go +++ b/src/cmd/viper.go @@ -59,6 +59,7 @@ const ( V_PKG_CREATE_SIGNING_KEY = "package.create.signing_key" V_PKG_CREATE_SIGNING_KEY_PASSWORD = "package.create.signing_key_password" V_PKG_CREATE_DIFFERENTIAL = "package.create.differential" + V_PKG_CREATE_REGISTRY_OVERRIDE = "package.create.registry_override" // Package deploy config keys V_PKG_DEPLOY_SET = "package.deploy.set" diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 24ec7f5c2c..8cb320646a 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -217,6 +217,7 @@ zarf init --git-push-password={PASSWORD} --git-push-username={USERNAME} --git-ur CmdPackageCreateFlagSigningKey = "Path to private key file for signing packages" CmdPackageCreateFlagSigningKeyPassword = "Password to the private key file used for signing packages" CmdPackageCreateFlagDifferential = "Build a package that only contains the differential changes from local resources and differing remote resources from the specified previously built package" + CmdPackageCreateFlagRegistryOverride = "Specify a map of domains to override on package create when pulling images (e.g. --registry-override docker.io=dockerio-reg.enterprise.intranet)" CmdPackageDeployFlagConfirm = "Confirms package deployment without prompting. ONLY use with packages you trust. Skips prompts to review SBOM, configure variables, select optional components and review potential breaking changes." CmdPackageDeployFlagAdoptExistingResources = "Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover." diff --git a/src/internal/packager/git/clone.go b/src/internal/packager/git/clone.go index 6ef4301350..d08214d0a7 100644 --- a/src/internal/packager/git/clone.go +++ b/src/internal/packager/git/clone.go @@ -44,7 +44,7 @@ func (g *Git) clone(gitURL string, ref plumbing.ReferenceName) error { // Clone the given repo. repo, err := git.PlainClone(g.GitPath, false, cloneOptions) if err != nil { - message.Debugf("Failed to clone repo %s: %s", gitURL, err.Error()) + message.Warnf("Falling back to host 'git', failed to clone the repo with Zarf - %s: %s", gitURL, err.Error()) return g.gitCloneFallback(gitURL, ref) } @@ -66,8 +66,6 @@ func (g *Git) clone(gitURL string, ref plumbing.ReferenceName) error { // gitCloneFallback is a fallback if go-git fails to clone a repo. func (g *Git) gitCloneFallback(gitURL string, ref plumbing.ReferenceName) error { - g.Spinner.Updatef("Falling back to host git for %s", gitURL) - // If we can't clone with go-git, fallback to the host clone // Only support "all tags" due to the azure clone url format including a username cmdArgs := []string{"clone", "--origin", onlineRemoteName, gitURL, g.GitPath} diff --git a/src/internal/packager/images/common.go b/src/internal/packager/images/common.go index 3a9a1a1824..d6e9663fb9 100644 --- a/src/internal/packager/images/common.go +++ b/src/internal/packager/images/common.go @@ -28,6 +28,8 @@ type ImgConfig struct { Insecure bool Architectures []string + + RegistryOverrides map[string]string } // GetLegacyImgTarballPath returns the ImagesPath as if it were a path to a tarball instead of a directory. diff --git a/src/internal/packager/images/pull.go b/src/internal/packager/images/pull.go index 49f3b6bfab..9f8cff6c9f 100644 --- a/src/internal/packager/images/pull.go +++ b/src/internal/packager/images/pull.go @@ -17,6 +17,7 @@ import ( "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/pkg/message" + "github.com/defenseunicorns/zarf/src/pkg/transform" "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/google/go-containerregistry/pkg/crane" "github.com/google/go-containerregistry/pkg/logs" @@ -55,9 +56,22 @@ func (i *ImgConfig) PullAll() error { for idx, src := range i.ImgList { spinner.Updatef("Fetching image metadata (%d of %d): %s", idx+1, imgCount, src) - img, err := i.PullImage(src, spinner) + srcParsed, err := transform.ParseImageRef(src) if err != nil { - return fmt.Errorf("failed to pull image %s: %w", src, err) + return fmt.Errorf("failed to parse image ref %s: %w", src, err) + } + + actualSrc := src + if overrideHost, present := i.RegistryOverrides[srcParsed.Host]; present { + actualSrc, err = transform.ImageTransformHostWithoutChecksum(overrideHost, src) + if err != nil { + return fmt.Errorf("failed to swap override host %s for %s: %w", overrideHost, src, err) + } + } + + img, err := i.PullImage(actualSrc, spinner) + if err != nil { + return fmt.Errorf("failed to pull image %s: %w", actualSrc, err) } imageMap[src] = img } diff --git a/src/pkg/packager/create.go b/src/pkg/packager/create.go index e16740f58c..95c36b650c 100755 --- a/src/pkg/packager/create.go +++ b/src/pkg/packager/create.go @@ -150,10 +150,11 @@ func (p *Packager) Create(baseDir string) error { doPull := func() error { imgConfig := images.ImgConfig{ - ImagesPath: p.tmp.Images, - ImgList: imgList, - Insecure: config.CommonOptions.Insecure, - Architectures: []string{p.cfg.Pkg.Metadata.Architecture, p.cfg.Pkg.Build.Architecture}, + ImagesPath: p.tmp.Images, + ImgList: imgList, + Insecure: config.CommonOptions.Insecure, + Architectures: []string{p.cfg.Pkg.Metadata.Architecture, p.cfg.Pkg.Build.Architecture}, + RegistryOverrides: p.cfg.CreateOpts.RegistryOverrides, } return imgConfig.PullAll() diff --git a/src/pkg/packager/yaml.go b/src/pkg/packager/yaml.go index bd05168077..8f086c4172 100644 --- a/src/pkg/packager/yaml.go +++ b/src/pkg/packager/yaml.go @@ -77,5 +77,7 @@ func (p *Packager) writeYaml() error { deprecated.PluralizeSetVariable, } + p.cfg.Pkg.Build.RegistryOverrides = p.cfg.CreateOpts.RegistryOverrides + return utils.WriteYaml(p.tmp.ZarfYaml, p.cfg.Pkg, 0400) } diff --git a/src/test/e2e/25_helm_test.go b/src/test/e2e/25_helm_test.go index e5a49c14df..7679aeb00b 100644 --- a/src/test/e2e/25_helm_test.go +++ b/src/test/e2e/25_helm_test.go @@ -9,7 +9,6 @@ import ( "os/exec" "testing" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -20,6 +19,8 @@ func TestHelm(t *testing.T) { testHelmReleaseName(t) + testHelmGitChartWithRegistryOverride(t) + testHelmLocalChart(t) testHelmEscaping(t) @@ -42,13 +43,37 @@ func testHelmReleaseName(t *testing.T) { // Verify multiple helm installs of different release names were deployed. kubectlOut, _ := exec.Command("kubectl", "get", "pods", "-n=helm-releasename", "--no-headers").Output() - assert.Contains(t, string(kubectlOut), "cool-name-podinfo") + require.Contains(t, string(kubectlOut), "cool-name-podinfo") // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "test-helm-releasename", "--confirm") require.NoError(t, err, stdOut, stdErr) } +func testHelmGitChartWithRegistryOverride(t *testing.T) { + t.Log("E2E: Git Helm chart w/Registry Override") + + // Create the package. + stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/helm-git-chart", "-o", "build", "--registry-override", "ghcr.io=docker.io", "--confirm") + require.NoError(t, err, stdOut, stdErr) + + path := fmt.Sprintf("build/zarf-package-helm-git-chart-%s.tar.zst", e2e.Arch) + + // Deploy the package. + stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, string(stdErr), "registryOverrides", "registry overrides was not saved to build data") + require.Contains(t, string(stdErr), "docker.io", "docker.io not found in registry overrides") + + // Verify that nginx successfully deploys in the cluster + kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=podinfo-from-git", "rollout", "status", "deployment/podinfo") + require.Contains(t, string(kubectlOut), "successfully rolled out") + + // Remove the package. + stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-git-chart", "--confirm") + require.NoError(t, err, stdOut, stdErr) +} + func testHelmLocalChart(t *testing.T) { t.Log("E2E: Local Helm chart") @@ -60,7 +85,7 @@ func testHelmLocalChart(t *testing.T) { // Verify that nginx successfully deploys in the cluster kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=local-chart", "rollout", "status", "deployment/local-demo") - assert.Contains(t, string(kubectlOut), "successfully rolled out") + require.Contains(t, string(kubectlOut), "successfully rolled out") // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "test-helm-local-chart", "--confirm") @@ -82,10 +107,10 @@ func testHelmEscaping(t *testing.T) { // Verify the configmap was deployed and escaped. kubectlOut, _ := exec.Command("kubectl", "describe", "cm", "dont-template-me").Output() - assert.Contains(t, string(kubectlOut), `alert: OOMKilled {{ "{{ \"random.Values\" }}" }}`) - assert.Contains(t, string(kubectlOut), "backtick1: \"content with backticks `some random things`\"") - assert.Contains(t, string(kubectlOut), "backtick2: \"nested templating with backticks {{` random.Values `}}\"") - assert.Contains(t, string(kubectlOut), `description: Pod {{$labels.pod}} in {{$labels.namespace}} got OOMKilled`) + require.Contains(t, string(kubectlOut), `alert: OOMKilled {{ "{{ \"random.Values\" }}" }}`) + require.Contains(t, string(kubectlOut), "backtick1: \"content with backticks `some random things`\"") + require.Contains(t, string(kubectlOut), "backtick2: \"nested templating with backticks {{` random.Values `}}\"") + require.Contains(t, string(kubectlOut), `description: Pod {{$labels.pod}} in {{$labels.namespace}} got OOMKilled`) // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "evil-templates", "--confirm") @@ -103,9 +128,9 @@ func testHelmOCIChart(t *testing.T) { // Verify that podinfo successfully deploys in the cluster kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=helm-oci-demo", "rollout", "status", "deployment/podinfo") - assert.Contains(t, string(kubectlOut), "successfully rolled out") + require.Contains(t, string(kubectlOut), "successfully rolled out") kubectlOut, _, _ = e2e.ExecZarfCommand("tools", "kubectl", "-n=helm-oci-demo", "get", "deployment", "podinfo", "-o=jsonpath={.metadata.labels}") - assert.Contains(t, string(kubectlOut), "6.3.3") + require.Contains(t, string(kubectlOut), "6.3.3") // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-oci-chart", "--confirm") @@ -129,7 +154,7 @@ func testHelmUninstallRollback(t *testing.T) { // Ensure that this does not leave behind a dos-games chart helmOut, err := exec.Command("helm", "list", "-n", "dos-games").Output() require.NoError(t, err) - assert.NotContains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") + require.NotContains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Deploy the good package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", goodPath, "--confirm") @@ -138,7 +163,7 @@ func testHelmUninstallRollback(t *testing.T) { // Ensure that this does create a dos-games chart helmOut, err = exec.Command("helm", "list", "-n", "dos-games").Output() require.NoError(t, err) - assert.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") + require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Deploy the evil package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", evilPath, "--confirm") @@ -147,7 +172,7 @@ func testHelmUninstallRollback(t *testing.T) { // Ensure that the dos-games chart was not uninstalled helmOut, err = exec.Command("helm", "list", "-n", "dos-games").Output() require.NoError(t, err) - assert.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") + require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") @@ -162,7 +187,7 @@ func testHelmAdoption(t *testing.T) { // Deploy dos-games manually into the cluster without Zarf kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "apply", "-f", deploymentManifest) - assert.Contains(t, string(kubectlOut), "deployment.apps/game created") + require.Contains(t, string(kubectlOut), "deployment.apps/game created") // Deploy dos-games into the cluster with Zarf stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", packagePath, "--confirm", "--adopt-existing-resources") @@ -171,7 +196,7 @@ func testHelmAdoption(t *testing.T) { // Ensure that this does create a dos-games chart helmOut, err := exec.Command("helm", "list", "-n", "dos-games").Output() require.NoError(t, err) - assert.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") + require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Remove the package. stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") diff --git a/src/types/package.go b/src/types/package.go index f7fecb1e37..8890ac9a90 100644 --- a/src/types/package.go +++ b/src/types/package.go @@ -33,13 +33,14 @@ type ZarfMetadata struct { // ZarfBuildData is written during the packager.Create() operation to track details of the created package. type ZarfBuildData struct { - Terminal string `json:"terminal" jsonschema:"description=The machine name that created this package"` - User string `json:"user" jsonschema:"description=The username who created this package"` - Architecture string `json:"architecture" jsonschema:"description=The architecture this package was created on"` - Timestamp string `json:"timestamp" jsonschema:"description=The timestamp when this package was created"` - Version string `json:"version" jsonschema:"description=The version of Zarf used to build this package"` - Migrations []string `json:"migrations" jsonschema:"description=Any migrations that have been run on this package"` - Differential bool `json:"differential" jsonschema:"description=Whether this package was created with differential components"` + Terminal string `json:"terminal" jsonschema:"description=The machine name that created this package"` + User string `json:"user" jsonschema:"description=The username who created this package"` + Architecture string `json:"architecture" jsonschema:"description=The architecture this package was created on"` + Timestamp string `json:"timestamp" jsonschema:"description=The timestamp when this package was created"` + Version string `json:"version" jsonschema:"description=The version of Zarf used to build this package"` + Migrations []string `json:"migrations" jsonschema:"description=Any migrations that have been run on this package"` + Differential bool `json:"differential" jsonschema:"description=Whether this package was created with differential components"` + RegistryOverrides map[string]string `json:"registryOverrides" jsonschema:"description=Any registry domains that were overridden on package create when pulling images"` } // ZarfPackageVariable are variables that can be used to dynamically template K8s resources. diff --git a/src/types/runtime.go b/src/types/runtime.go index afb0c036cd..c92514d4d6 100644 --- a/src/types/runtime.go +++ b/src/types/runtime.go @@ -71,6 +71,7 @@ type ZarfCreateOptions struct { SigningKeyPath string `json:"signingKeyPath" jsonschema:"description=Location where the private key component of a cosign key-pair can be found"` SigningKeyPassword string `json:"signingKeyPassword" jsonschema:"description=Password to the private key signature file that will be used to sigh the created package"` DifferentialData DifferentialData `json:"differential" jsonschema:"description=A package's differential images and git repositories from a referenced previously built package"` + RegistryOverrides map[string]string `json:"registryOverrides" jsonschema:"description=A map of domains to override on package create when pulling images"` } // ZarfPartialPackageData contains info about a partial package. diff --git a/src/ui/lib/api-types.ts b/src/ui/lib/api-types.ts index f855c034fb..bcdbdca8c4 100644 --- a/src/ui/lib/api-types.ts +++ b/src/ui/lib/api-types.ts @@ -238,6 +238,10 @@ export interface ZarfBuildData { * Any migrations that have been run on this package */ migrations: string[]; + /** + * Any registry domains that were overridden on package create when pulling images + */ + registryOverrides: { [key: string]: string }; /** * The machine name that created this package */ @@ -1125,6 +1129,10 @@ export interface ZarfCreateOptions { * Location where the finalized Zarf package will be placed */ outputDirectory: string; + /** + * A map of domains to override on package create when pulling images + */ + registryOverrides: { [key: string]: string }; /** * Whether to pause to allow for viewing the SBOM post-creation */ @@ -1408,6 +1416,7 @@ const typeMap: any = { { json: "architecture", js: "architecture", typ: "" }, { json: "differential", js: "differential", typ: true }, { json: "migrations", js: "migrations", typ: a("") }, + { json: "registryOverrides", js: "registryOverrides", typ: m("") }, { json: "terminal", js: "terminal", typ: "" }, { json: "timestamp", js: "timestamp", typ: "" }, { json: "user", js: "user", typ: "" }, @@ -1708,6 +1717,7 @@ const typeMap: any = { { json: "differential", js: "differential", typ: r("DifferentialData") }, { json: "maxPackageSizeMB", js: "maxPackageSizeMB", typ: 0 }, { json: "outputDirectory", js: "outputDirectory", typ: "" }, + { json: "registryOverrides", js: "registryOverrides", typ: m("") }, { json: "sbom", js: "sbom", typ: true }, { json: "sbomOutput", js: "sbomOutput", typ: "" }, { json: "setVariables", js: "setVariables", typ: m("") }, diff --git a/zarf.schema.json b/zarf.schema.json index e175a1841b..a62609834b 100644 --- a/zarf.schema.json +++ b/zarf.schema.json @@ -77,7 +77,8 @@ "timestamp", "version", "migrations", - "differential" + "differential", + "registryOverrides" ], "properties": { "terminal": { @@ -110,6 +111,15 @@ "differential": { "type": "boolean", "description": "Whether this package was created with differential components" + }, + "registryOverrides": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object", + "description": "Any registry domains that were overridden on package create when pulling images" } }, "additionalProperties": false,