Refactor the hardcoded seed image out of the Zarf codebase (#1579)

## Description This refactors Zarf so that the `registry:2.8.1` image is no longer hard coded in the codebase (allowing it to be overridden and for the injector to be more flexible) ## Related Issue Relates to #1577 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [X] Other (security config, docs update, etc) ## Checklist before merging - [X] Test, docs, adr added or updated as needed - [X] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed
zarf-dev · Apr 13, 2023 · e687494 · e687494
1 parent 058058d
commit e687494
Show file tree

Hide file tree

Showing 28 changed files with 228 additions and 142 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -55,8 +55,8 @@ jobs:
       # Builds init packages since GoReleaser won't handle this for us
       - name: Build init-packages For Release
         run: |
-          make release-init-package ARCH=amd64 AGENT_IMAGE=agent:$GITHUB_REF_NAME
-          make release-init-package ARCH=arm64 AGENT_IMAGE=agent:$GITHUB_REF_NAME
+          make release-init-package ARCH=amd64 AGENT_IMAGE_TAG=$GITHUB_REF_NAME
+          make release-init-package ARCH=arm64 AGENT_IMAGE_TAG=$GITHUB_REF_NAME
 
       - name: Run Tests
         run: |

diff --git a/.github/workflows/test-windows.yml b/.github/workflows/test-windows.yml
@@ -44,7 +44,7 @@ jobs:
       # the tests this workflow runs do not use the agent at all!
       - name: Build init-package
         run: |
-          make release-init-package ARCH=amd64 AGENT_IMAGE=agent:v0.23.6
+          make release-init-package ARCH=amd64 AGENT_IMAGE_TAG=v0.25.2
 
       - name: Build zarf packages
         run: make build-examples ARCH=amd64

diff --git a/Makefile b/Makefile
@@ -106,7 +106,7 @@ dev: ensure-ui-build-dir ## Start a Dev Server for the Zarf UI
 
 # INTERNAL: a shim used to build the agent image only if needed on Windows using the `test` command
 init-package-local-agent:
-	@test "$(AGENT_IMAGE)" != "agent:local" || $(MAKE) build-local-agent-image
+	@test "$(AGENT_IMAGE_TAG)" != "local" || $(MAKE) build-local-agent-image
 
 build-local-agent-image: ## Build the Zarf agent image to be used in a locally built init package
 	@ if [ "$(ARCH)" = "amd64" ] && [ ! -s ./build/zarf ]; then $(MAKE) build-cli-linux-amd; fi
@@ -121,7 +121,7 @@ init-package: ## Create the zarf init package (must `brew install coreutils` on
 
 # INTERNAL: used to build a release version of the init package with a specific agent image
 release-init-package:
-	$(ZARF_BIN) package create -o build -a $(ARCH) --set AGENT_IMAGE=$(AGENT_IMAGE) --confirm .
+	$(ZARF_BIN) package create -o build -a $(ARCH) --set AGENT_IMAGE_TAG=$(AGENT_IMAGE_TAG) --confirm .
 
 build-examples: ## Build all of the example packages
 	@test -s $(ZARF_BIN) || $(MAKE) build-cli

diff --git a/docs-website/static/docs/walkthroughs/logging_init.html b/docs-website/static/docs/walkthroughs/logging_init.html
@@ -126,7 +126,7 @@
 <b style="color:#ffffff;">  </b><b style="color:#55ffff;">actions</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">    onCreate</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">      before</b>:
-      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE="agent:v0.24.3"</b>
+      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE_TAG="v0.24.3"</b>
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">manifests</b>:
   -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> zarf-agent</b>
 <b style="color:#ff55ff;">    </b><b style="color:#55ffff;">namespace</b>:<b style="color:#ff55ff;"> zarf</b>
@@ -234,7 +234,13 @@
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">default</b>:<b style="color:#ff55ff;"> 2Gi</b>
 <b style="color:#ff55ff;"></b><b style="color:#55ffff;">constants</b>:
 -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE</b>
-<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> agent:v0.24.3</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> defenseunicorns/zarf/agent</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> v0.24.3</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> registry</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> 2.8.1</b>
 <b class=YEL>This package has 9 artifacts with software bill-of-materials (SBOM) included. You can view them now</b>
 <b class=YEL>in the zarf-sbom folder in this directory or to go directly to one, open this in your browser:</b>
 <b class=YEL>/Users/jason/src/github.com/jasonvanbrackel/zarf/docs/.examples/walkthroughs/zarf-sbom/sbom-viewer-docker.io_grafana_promtail_2.7.0.html</b>
@@ -331,7 +337,7 @@
 
 <b style="color:#55ffff;"></b><b style="color:#55ffff;">     Application</b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Username  </b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Password                </b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Connect              </b>
      Registry   <b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf-push <b style="color:#555555;"></b><b style="color:#555555;"> | </b>Tka7dWq4GEit5G3GDX2dQwdh<b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf connect registry
-     Logging    <b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf-admin<b style="color:#555555;"></b><b style="color:#555555;"> | </b>ysC9TEWsSm37pBmA3hvqrLN3<b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf connect logging 
+     Logging    <b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf-admin<b style="color:#555555;"></b><b style="color:#555555;"> | </b>ysC9TEWsSm37pBmA3hvqrLN3<b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf connect logging
 </pre>
 </body>
 </html>
diff --git a/docs-website/static/docs/walkthroughs/logging_init_manual.html b/docs-website/static/docs/walkthroughs/logging_init_manual.html
@@ -122,7 +122,7 @@
 <b style="color:#ffffff;">  </b><b style="color:#55ffff;">actions</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">    onCreate</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">      before</b>:
-      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE="agent:v0.24.3"</b>
+      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE_TAG="v0.24.3"</b>
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">manifests</b>:
   -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> zarf-agent</b>
 <b style="color:#ff55ff;">    </b><b style="color:#55ffff;">namespace</b>:<b style="color:#ff55ff;"> zarf</b>
@@ -230,7 +230,13 @@
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">default</b>:<b style="color:#ff55ff;"> 2Gi</b>
 <b style="color:#ff55ff;"></b><b style="color:#55ffff;">constants</b>:
 -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE</b>
-<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> agent:v0.24.3</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> defenseunicorns/zarf/agent</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> v0.24.3</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> registry</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> 2.8.1</b>
 <b class=YEL>This package has 9 artifacts with software bill-of-materials (SBOM) included. You can view them now</b>
 <b class=YEL>in the zarf-sbom folder in this directory or to go directly to one, open this in your browser:</b>
 <b class=YEL>/Users/jason/src/github.com/jasonvanbrackel/zarf/docs-website/zarf-sbom/sbom-viewer-docker.io_grafana_promtail_2.7.0.html</b>

diff --git a/docs-website/static/docs/walkthroughs/zarf_init.html b/docs-website/static/docs/walkthroughs/zarf_init.html
@@ -127,7 +127,7 @@
 <b style="color:#ffffff;">  </b><b style="color:#55ffff;">actions</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">    onCreate</b>:<b style="color:#55ffff;"></b>
 <b style="color:#55ffff;">      before</b>:
-      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE="agent:v0.25.0"</b>
+      -<b style="color:#55ffff;"> cmd</b>:<b style="color:#ff55ff;"> make init-package-local-agent AGENT_IMAGE_TAG="v0.25.0"</b>
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">manifests</b>:
   -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> zarf-agent</b>
 <b style="color:#ff55ff;">    </b><b style="color:#55ffff;">namespace</b>:<b style="color:#ff55ff;"> zarf</b>
@@ -235,7 +235,13 @@
 <b style="color:#ff55ff;">  </b><b style="color:#55ffff;">default</b>:<b style="color:#ff55ff;"> 2Gi</b>
 <b style="color:#ff55ff;"></b><b style="color:#55ffff;">constants</b>:
 -<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE</b>
-<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> agent:v0.25.0</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> defenseunicorns/zarf/agent</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> AGENT_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> v0.25.0</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> registry</b>
+-<b style="color:#55ffff;"> name</b>:<b style="color:#ff55ff;"> REGISTRY_IMAGE_TAG</b>
+<b style="color:#ff55ff;">  </b><b style="color:#55ffff;">value</b>:<b style="color:#ff55ff;"> 2.8.1</b>
 <b class=YEL>This package has 9 artifacts with software bill-of-materials (SBOM) included. You can view them now</b>
 <b class=YEL>in the zarf-sbom folder in this directory or to go directly to one, open this in your browser:</b>
 <b class=YEL>/Users/josimoore/Desktop/projects/zarf/zarf-sbom/sbom-viewer-docker.io_grafana_promtail_2.7.2.html</b>
@@ -350,33 +356,33 @@
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">                                                                                </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     </div>
-    
+
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Copying 1 files</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Copying 1 files</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Gathering cluster information</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Gathering cluster information</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Attempting to bootstrap the seed image into the cluster</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Attempting to bootstrap the seed image into the cluster</b>
-    
+
     <div style="background-color:#555555">
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">  📦 ZARF-SEED-REGISTRY COMPONENT                                               </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">                                                                                </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     </div>
-    
+
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Loading the Zarf State from the Kubernetes cluster</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Loading the Zarf State from the Kubernetes cluster</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Processing helm chart docker-registry:1.0.0 from Zarf-generated helm chart</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Processing helm chart docker-registry:1.0.0 from Zarf-generated helm chart</b>
-    
+
     <div style="background-color:#555555">
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">  📦 ZARF-REGISTRY COMPONENT                                                    </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">                                                                                </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     </div>
-    
+
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Opening tunnel 62270 -&gt; 5000 for svc/zarf-docker-registry in namespace zarf</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Creating port forwarding tunnel at http://127.0.0.1:62270/v2/_catalog</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Storing images in the zarf registry</b>
@@ -395,14 +401,14 @@
            <b style="color:#55ffff;"></b><b style="color:#55ffff;">Zarf-generated helm chart</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Processing helm chart raw-init-zarf-registry-kep-1755-registry-annotation:0.1.1680014363 from</b>
            <b style="color:#55ffff;"></b><b style="color:#55ffff;">Zarf-generated helm chart</b>
-    
+
     <div style="background-color:#555555">
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">  📦 ZARF-AGENT COMPONENT                                                       </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555"></b><b style="color:#ffffff;background-color:#555555"></b><b style="color:#ffffff;background-color:#555555">                                                                                </b><b style="background-color:#555555"></b><b style="background-color:#555555"></b>
     <b style="background-color:#555555"></b><b style="background-color:#555555">                                                                                </b>
     </div>
-    
+
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Opening tunnel 62284 -&gt; 5000 for svc/zarf-docker-registry in namespace zarf</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Creating port forwarding tunnel at http://127.0.0.1:62284/v2/_catalog</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Storing images in the zarf registry</b>
@@ -412,12 +418,12 @@
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Processing helm chart raw-init-zarf-agent-zarf-agent:0.1.1680014363 from Zarf-generated helm chart</b>
       •  <b style="color:#55ffff;"></b><b style="color:#55ffff;">Processing helm chart raw-init-zarf-agent-zarf-agent:0.1.1680014363 from Zarf-generated helm chart</b>
     <b style="color:#55ff55;"></b><b style="color:#55ff55;">  ✔ </b> <b style="color:#55ff55;"></b><b style="color:#55ff55;">Zarf deployment complete</b>
-    
-    
+
+
     <b style="color:#55ffff;"></b><b style="color:#55ffff;">Application</b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Username </b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Password                </b><b style="color:#555555;"></b><b style="color:#555555;"> | </b><b style="color:#55ffff;"></b><b style="color:#55ffff;">Connect</b>
     <b style="color:#55ffff;"></b>Registry   <b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf-push<b style="color:#555555;"></b><b style="color:#555555;"> | </b>DdarrzTahz6oclGTUAUOfbsY<b style="color:#555555;"></b><b style="color:#555555;"> | </b>zarf connect registry
-    
+
 <b style="color:#555555;"></b>
 </pre>
 </body>
-</html>
+</html>
diff --git a/docs/4-user-guide/1-the-zarf-cli/index.md b/docs/4-user-guide/1-the-zarf-cli/index.md
@@ -111,7 +111,7 @@ cd build
 If you installed Zarf through Homebrew, Zarf will already be on your $PATH and you can skip this section.
 :::
 
-To simplify the usage of the Zarf CLI, you may add it to your $PATH. This configuration will allow you to use `zarf` without having to specify the binary’s precise location and your computer will automatically find the binary for you to execute. The directories listed in your $PATH can be viewed by executing the command `echo $PATH` in your terminal. If you move your CLI to any of these directories, you will be able to execute it without the need to specify its full path. A typical $PATH you can use is: `mv ./path/to/cli/file/zarf /usr/local/bin/zarf`
+To simplify the usage of the Zarf CLI, you may add it to your $PATH. This configuration will allow you to use `zarf` without having to specify the binary's precise location and your computer will automatically find the binary for you to execute. The directories listed in your $PATH can be viewed by executing the command `echo $PATH` in your terminal. If you move your CLI to any of these directories, you will be able to execute it without the need to specify its full path. A typical $PATH you can use is: `mv ./path/to/cli/file/zarf /usr/local/bin/zarf`
 
 :::note
 Throughout the rest of the documentation, we will often be describing commands as `zarf {command}`. This assumes that the CLI is on your $PATH.
@@ -132,7 +132,7 @@ The `zarf init` command is utilized to configure a K8s cluster in preparation fo
 ### zarf package deploy
 
 <!-- The most common use case (like 99.9% of the time) is deploying onto a k8s cluster.. but that doesn't HAVE to be the case.. How do I write the docs for this then? -->
-<!-- TODO: Write some docs (or reddirect to other docs) describing when you would be able to do a `zarf package deploy` before a `zarf init` -->
+<!-- TODO: Write some docs (or redirect to other docs) describing when you would be able to do a `zarf package deploy` before a `zarf init` -->
 
 The `zarf package deploy` command is used to deploy an already built tar.zst package onto a machine, typically within a K8s cluster. Generally, it is presumed that the `zarf init` command has already been executed on the target machine. However, there are a few exceptional cases where this assumption does not apply.
 

diff --git a/packages/zarf-agent/manifests/deployment.yaml b/packages/zarf-agent/manifests/deployment.yaml
@@ -22,7 +22,7 @@ spec:
       priorityClassName: system-node-critical
       containers:
         - name: server
-          image: "###ZARF_REGISTRY###/defenseunicorns/zarf/###ZARF_CONST_AGENT_IMAGE###"
+          image: "###ZARF_REGISTRY###/###ZARF_CONST_AGENT_IMAGE###:###ZARF_CONST_AGENT_IMAGE_TAG###"
           imagePullPolicy: IfNotPresent
           livenessProbe:
             httpGet: