Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Composable Packages from a URL #823

Closed
andrewg-xyz opened this issue Oct 1, 2022 · 1 comment
Closed

Composable Packages from a URL #823

andrewg-xyz opened this issue Oct 1, 2022 · 1 comment
Labels
enhancement ✨ New feature or request

Comments

@andrewg-xyz
Copy link
Contributor

Describe the solution you'd like
I'd like to build a Zarf package referencing a package via URL.

  - name: games
    description: "Games package"
    import:
      path: https://raw.githubusercontent.com/defenseunicorns/zarf/master/examples/game/
...

Additional context
Short slack discussion here

@Racer159
Copy link
Contributor

Closing this as a dupe of #1060

@github-project-automation github-project-automation bot moved this from Backlog to Done in Zarf Project Board Feb 26, 2023
Noxsios added a commit that referenced this issue Mar 1, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298 

Fixes #381
Fixes #823

Blocked by #1331 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Noxsios added a commit that referenced this issue Mar 1, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298 

Fixes #381
Fixes #823

Blocked by #1331 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Noxsios added a commit that referenced this issue Mar 8, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298 

Fixes #381
Fixes #823

Blocked by #1331 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Noxsios added a commit that referenced this issue Mar 8, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298

Fixes #381
Fixes #823

Blocked by #1331

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Signed-off-by: razzle <[email protected]>
Racer159 added a commit that referenced this issue Mar 8, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298 

Fixes #381
Fixes #823

Blocked by #1331 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Racer159 added a commit that referenced this issue Mar 8, 2023
## Description

### 💲 `zarf package publish`

This PR adds a new `zarf package publish` command.

This command will publish a fully built (via `zarf package create`) Zarf
package to an OCI compliant registry using the oras library.

The command's usage is based off of how Helm's `helm push` command
operates and has many of the same restrictions.

<https://v3.helm.sh/docs/topics/registries/#the-push-subcommand>

```
$ zarf package publish [PATH_TO_TAR] [REGISTRY_URL]

$ zarf package publish zarf-package-strimzi.tar oci://localhost:666/defenseunicorns
```

#### CLI Syntax restrictions:

- The OCI URL _must_ start with `oci://`
- A basename/version _cannot_ be provided, as it is derived from
information present in the built `zarf.yaml` where it _must_ be set.

- The command may return an error, permission denied, if the repository
does not exist, ie `defenseunicorns/strimzi` as an example on Docker
Hub.
- A `zarf tools registry login` must be done prior as this will inherit
the credentials from docker's cred system (defaultly located at
`~/.docker`), or users can create a Docker compatible `config.json` and
point its directory:

```sh
# example symlinking podman
$ mkdir ~/.docker/
$ ln -s $XDG_RUNTIME_DIR/containers/auth.json ~/.docker/config.json

$ zarf package publish <...>
```

### 💲 `zarf package deploy oci://`

This PR also adds a new `deploy oci://` feature.

This command uses the existing `deploy` system, but does some slightly
different behavior from `sget://`. oras is used to pull the package
layer by layer to the temp directory. There is no need to unarchive, as
the package is already in an uncompressed state. The temp path is then
used by the packager to deploy the package as though it is a local
package. Usage is denoted in the following example:

```
$ zarf package deploy oci://REGISTRY/NAMESPACE/NAME:VERSION

$ zarf package deploy oci://docker.io/defenseunicorns/strimzi:v0.24.0-arm64

$ zarf package deploy oci://localhost:666/strimzi:v0.24.0-arm64 --insecure
```

### 💲 `zarf package inspect oci://`

This PR also adds a new `inspect oci://` feature.

```
$ zarf package inspect oci://docker.io/defenseunicorns/strimzi

tags:
- v0.23.5-14-arm64
latest:
  tag: v0.23.5-14-arm64
  descriptor:
    mediaType: application/vnd.oci.image.manifest.v1+json
    digest: sha256:340f489a105e476f846203e6844b2738f2924fc608522711761a21b176d6b67f
    size: 41817
```

## Related Issue

Relates to #1298 

Fixes #381
Fixes #823

Blocked by #1331 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement ✨ New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants