MZOCI - Make Zarf OCI #1402

Noxsios · 2023-03-01T19:21:07Z

Description

o boi

Related Issue

Relates to #1298

Fixes #1319
Fixes #1326
Fixes #1324
Fixes #1322
Fixes #1325

Type of change

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Other (security config, docs update, etc)

Checklist before merging

Test, docs, adr added or updated as needed
Contributor Guide Steps followed

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [k8s.io/utils](https://togithub.com/kubernetes/utils) | require | digest | `1a15be2` -> `8e77b1f` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | @defense-unicorns/unicorn-ui | [`^0.0.22` -> `^0.0.23`](https://renovatebot.com/diffs/npm/@defense-unicorns%2funicorn-ui/0.0.22/0.0.23) | [![age](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.23/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.23/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.23/compatibility-slim/0.0.22)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.23/confidence-slim/0.0.22)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@playwright/test](https://playwright.dev) ([source](https://togithub.com/Microsoft/playwright)) | [`1.27.1` -> `1.28.0`](https://renovatebot.com/diffs/npm/@playwright%2ftest/1.27.1/1.28.0) | [![age](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.28.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.28.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.28.0/compatibility-slim/1.27.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.28.0/confidence-slim/1.27.1)](https://docs.renovatebot.com/merge-confidence/) | | [playwright](https://playwright.dev) ([source](https://togithub.com/Microsoft/playwright)) | [`1.27.1` -> `1.28.0`](https://renovatebot.com/diffs/npm/playwright/1.27.1/1.28.0) | [![age](https://badges.renovateapi.com/packages/npm/playwright/1.28.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/playwright/1.28.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/playwright/1.28.0/compatibility-slim/1.27.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/playwright/1.28.0/confidence-slim/1.27.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>Microsoft/playwright</summary> ### [`v1.28.0`](https://togithub.com/microsoft/playwright/releases/tag/v1.28.0): v1.28 [Compare Source](https://togithub.com/Microsoft/playwright/compare/v1.27.1...v1.28.0) #### Playwright Tools - **Record at Cursor in VSCode.** You can run the test, position the cursor at the end of the test and continue generating the test. <img alt="New VSCode Extension" width=600 src="https://user-images.githubusercontent.com/746130/202005839-aba2eeba-217b-424d-8496-8b4f5fa72f41.png"> - **Live Locators in VSCode.** You can hover and edit locators in VSCode to get them highlighted in the opened browser. - **Live Locators in CodeGen.** Generate a locator for any element on the page using "Explore" tool. <img alt="Locator Explorer" src="https://user-images.githubusercontent.com/746130/201796876-01567a0b-ca61-4a9d-b12b-04786c471671.png" width=600> - **Codegen and Trace Viewer Dark Theme.** Automatically picked up from operating system settings. <img alt="Dark Theme" src="https://user-images.githubusercontent.com/746130/201797969-603f74df-d7cf-4c56-befd-798dbd269796.png" width=600> ##### Test Runner - Configure retries and test timeout for a file or a test with [`test.describe.configure([options])`](https://playwright.dev/docs/api/class-test#test-describe-configure). ```js // Each test in the file will be retried twice and have a timeout of 20 seconds. test.describe.configure({ retries: 2, timeout: 20_000 }); test('runs first', async ({ page }) => {}); test('runs second', async ({ page }) => {}); ``` - Use [`testProject.snapshotPathTemplate`](https://playwright.dev/docs/api/class-testproject#test-project-snapshot-path-template) and [`testConfig.snapshotPathTemplate`](https://playwright.dev/docs/api/class-testconfig#test-config-snapshot-path-template) to configure a template controlling location of snapshots generated by [`expect(page).toHaveScreenshot(name[, options])`](https://playwright.dev/docs/test-assertions#page-assertions-to-have-screenshot-1) and [`expect(screenshot).toMatchSnapshot(name[, options])`](https://playwright.dev/docs/test-assertions#screenshot-assertions-to-match-snapshot-1). ```js // playwright.config.ts import type { PlaywrightTestConfig } from '@playwright/test'; const config: PlaywrightTestConfig = { testDir: './tests', snapshotPathTemplate: '{testDir}/__screenshots__/{testFilePath}/{arg}{ext}', }; export default config; ``` ##### New APIs - [`locator.blur([options])`](https://playwright.dev/docs/api/class-locator#locator-blur) - [`locator.clear([options])`](https://playwright.dev/docs/api/class-locator#locator-clear) - [`android.launchServer([options])`](https://playwright.dev/docs/api/class-android#android-launch-server) and [`android.connect(wsEndpoint[, options])`](https://playwright.dev/docs/api/class-android#android-connect) - [`androidDevice.on('close')`](https://playwright.dev/docs/api/class-androiddevice#android-device-event-close) ##### Browser Versions - Chromium 108.0.5359.29 - Mozilla Firefox 106.0 - WebKit 16.4 This version was also tested against the following stable channels: - Google Chrome 107 - Microsoft Edge 107 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/anchore/syft](https://togithub.com/anchore/syft) | require | minor | `v0.60.3` -> `v0.62.0` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>anchore/syft</summary> ### [`v0.62.0`](https://togithub.com/anchore/syft/releases/tag/v0.62.0) [Compare Source](https://togithub.com/anchore/syft/compare/v0.61.0...v0.62.0) ### Changelog #### [v0.62.0](https://togithub.com/anchore/syft/tree/v0.62.0) (2022-11-18) [Full Changelog](https://togithub.com/anchore/syft/compare/v0.61.0...v0.62.0) ##### Added Features - NPM package-lock.json version 3 \[[Issue #1203](https://togithub.com/anchore/syft/issues/1203)] ##### Bug Fixes - Don't replace : with - in docker SPDX namespaces \[[Issue #1111](https://togithub.com/anchore/syft/issues/1111)] ### [`v0.61.0`](https://togithub.com/anchore/syft/releases/tag/v0.61.0) [Compare Source](https://togithub.com/anchore/syft/compare/v0.60.3...v0.61.0) ### Changelog #### [v0.61.0](https://togithub.com/anchore/syft/tree/v0.61.0) (2022-11-18) [Full Changelog](https://togithub.com/anchore/syft/compare/v0.60.3...v0.61.0) ##### Added Features - Add support for map fields in CycloneDX (XML and JSON) \[[Issue #1032](https://togithub.com/anchore/syft/issues/1032)] - Dependency's MIT license not picked up when scanning package-lock.json \[[Issue #1113](https://togithub.com/anchore/syft/issues/1113)] - Support SPDX 2.3 \[[Issue #1292](https://togithub.com/anchore/syft/issues/1292)] ##### Bug Fixes - Normalize alpm md5 refs \[[PR #1333](https://togithub.com/anchore/syft/pull/1333)] \[[wagoodman](https://togithub.com/wagoodman)] - APK Metadata decoding should be backwards compatible \[[PR #1341](https://togithub.com/anchore/syft/pull/1341)] \[[wagoodman](https://togithub.com/wagoodman)] - Add spdx relationship encoding for dependencies \[[PR #1342](https://togithub.com/anchore/syft/pull/1342)] \[[wagoodman](https://togithub.com/wagoodman)] - v0.3.0 SPDX SBOM Does Not Have Unique SPDXID Package IDs \[[Issue #923](https://togithub.com/anchore/syft/issues/923)] - Missing licenses and "skipping encoding of unsupported property: syft:metadata:goBuildSetting" \[[Issue #1007](https://togithub.com/anchore/syft/issues/1007)] - System independent build not possible \[[Issue #1084](https://togithub.com/anchore/syft/issues/1084)] - Dependency's MIT license not picked up when scanning package-lock.json \[[Issue #1113](https://togithub.com/anchore/syft/issues/1113)] - No packages discovered in SIF when image source not specified \[[Issue #1189](https://togithub.com/anchore/syft/issues/1189)] - `syft packages` panics on OCI archive creation \[[Issue #1318](https://togithub.com/anchore/syft/issues/1318)] - Missing metadata in syft-json artifacts crashes grype \[[Issue #1334](https://togithub.com/anchore/syft/issues/1334)] - CPE for amazoncorretto:19.0.1-al2 is incorrect \[[Issue #1337](https://togithub.com/anchore/syft/issues/1337)] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [material-symbols](https://marella.github.io/material-symbols/demo/) ([source](https://togithub.com/marella/material-symbols)) | [`0.2.15` -> `0.4.0`](https://renovatebot.com/diffs/npm/material-symbols/0.2.15/0.4.0) | [![age](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.0/compatibility-slim/0.2.15)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.0/confidence-slim/0.2.15)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>marella/material-symbols</summary> ### [`v0.4.0`](https://togithub.com/marella/material-symbols/releases/tag/v0.4.0): 0.4.0 [Compare Source](https://togithub.com/marella/material-symbols/compare/v0.3.0...v0.4.0) ##### Changes - Add TypeScript types - Add `viewBox` to SVGs ### [`v0.3.0`](https://togithub.com/marella/material-symbols/compare/v0.2.15...v0.3.0) [Compare Source](https://togithub.com/marella/material-symbols/compare/v0.2.15...v0.3.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [prettier-plugin-svelte](https://togithub.com/sveltejs/prettier-plugin-svelte) | [`2.8.0` -> `2.8.1`](https://renovatebot.com/diffs/npm/prettier-plugin-svelte/2.8.0/2.8.1) | [![age](https://badges.renovateapi.com/packages/npm/prettier-plugin-svelte/2.8.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/prettier-plugin-svelte/2.8.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/prettier-plugin-svelte/2.8.1/compatibility-slim/2.8.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/prettier-plugin-svelte/2.8.1/confidence-slim/2.8.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>sveltejs/prettier-plugin-svelte</summary> ### [`v2.8.1`](https://togithub.com/sveltejs/prettier-plugin-svelte/blob/HEAD/CHANGELOG.md#281) [Compare Source](https://togithub.com/sveltejs/prettier-plugin-svelte/compare/0957c4bdf0a44ae460db6125c3bbbb4455fd6f36...14da6fb7fe0141771d88662b73efa53d39946b1f) - (fix) format `{#await .. catch ..}..{/await}` correctly ([#323](https://togithub.com/sveltejs/prettier-plugin-svelte/issues/323)) - (fix) respect strict mode and shorthand options when formatting bindings ([#321](https://togithub.com/sveltejs/prettier-plugin-svelte/issues/321)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [golang.org/x/crypto](https://togithub.com/golang/crypto) | require | minor | `v0.2.0` -> `v0.3.0` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>golang/crypto</summary> ### [`v0.3.0`](https://togithub.com/golang/crypto/compare/v0.2.0...v0.3.0) [Compare Source](https://togithub.com/golang/crypto/compare/v0.2.0...v0.3.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pterm/pterm](https://togithub.com/pterm/pterm) | require | patch | `v0.12.49` -> `v0.12.50` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pterm/pterm</summary> ### [`v0.12.50`](https://togithub.com/pterm/pterm/releases/tag/v0.12.50) [Compare Source](https://togithub.com/pterm/pterm/compare/v0.12.49...v0.12.50)  #### What's Changed ##### Fixes 🔧 - fix: slice bounds out of range on select printer by [@mponton](https://togithub.com/mponton) in [https://github.com/pterm/pterm/pull/420](https://togithub.com/pterm/pterm/pull/420) ##### Other Changes - chore(ci): remove macos from matrix by [@rafaelrubbioli](https://togithub.com/rafaelrubbioli) in [https://github.com/pterm/pterm/pull/412](https://togithub.com/pterm/pterm/pull/412) #### New Contributors - [@rafaelrubbioli](https://togithub.com/rafaelrubbioli) made their first contribution in [https://github.com/pterm/pterm/pull/412](https://togithub.com/pterm/pterm/pull/412) - [@mponton](https://togithub.com/mponton) made their first contribution in [https://github.com/pterm/pterm/pull/420](https://togithub.com/pterm/pterm/pull/420) **Full Changelog**: pterm/pterm@v0.12.49...v0.12.50 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/anchore/syft](https://togithub.com/anchore/syft) | require | patch | `v0.62.0` -> `v0.62.1` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>anchore/syft</summary> ### [`v0.62.1`](https://togithub.com/anchore/syft/releases/tag/v0.62.1) [Compare Source](https://togithub.com/anchore/syft/compare/v0.62.0...v0.62.1) ### Changelog #### [v0.62.1](https://togithub.com/anchore/syft/tree/v0.62.1) (2022-11-21) [Full Changelog](https://togithub.com/anchore/syft/compare/v0.62.0...v0.62.1) ##### Bug Fixes - fix(npm): handle aliases in package-lock.json \[[Issue #1314](https://togithub.com/anchore/syft/issues/1314)] \[[Mikcl](https://togithub.com/Mikcl)] - chore: add debug logging for decode errors \[[PR #1352](https://togithub.com/anchore/syft/pull/1352)] \[[kzantow](https://togithub.com/kzantow)] - fix: sort relationships in SPDX output \[[Issue #1213](https://togithub.com/anchore/syft/issues/1213)] \[[kzantow](https://togithub.com/kzantow)] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [prettier](https://prettier.io) ([source](https://togithub.com/prettier/prettier)) | [`2.7.1` -> `2.8.0`](https://renovatebot.com/diffs/npm/prettier/2.7.1/2.8.0) | [![age](https://badges.renovateapi.com/packages/npm/prettier/2.8.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/prettier/2.8.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/prettier/2.8.0/compatibility-slim/2.7.1)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/prettier/2.8.0/confidence-slim/2.7.1)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>prettier/prettier</summary> ### [`v2.8.0`](https://togithub.com/prettier/prettier/blob/HEAD/CHANGELOG.md#280) [Compare Source](https://togithub.com/prettier/prettier/compare/2.7.1...2.8.0) [diff](https://togithub.com/prettier/prettier/compare/2.7.1...2.8.0) 🔗 [Release Notes](https://prettier.io/blog/2022/11/23/2.8.0.html) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

## Description Update the big bang core package to `1.47.0` ## Related Issue N/A ## Type of change  - [ ] Bug fix (non-breaking change which fixes an issue) - [x] Package update - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) ## Checklist before merging ``` kubectl get po,hr -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system pod/coredns-b96499967-xs824 1/1 Running 0 68m kube-system pod/local-path-provisioner-7b7dc8d6f5-cbtpw 1/1 Running 0 68m zarf pod/zarf-docker-registry-56fc86bd86-dmtkz 1/1 Running 0 40m zarf pod/agent-hook-6c67479b95-2ql65 1/1 Running 0 39m zarf pod/agent-hook-6c67479b95-vztmb 1/1 Running 0 39m zarf pod/zarf-gitea-0 1/1 Running 0 39m flux-system pod/helm-controller-7f6cc74df7-gl698 1/1 Running 0 36m flux-system pod/notification-controller-796647cb7d-m567f 1/1 Running 0 36m flux-system pod/kustomize-controller-5b8c948ccd-wz2nc 1/1 Running 0 36m flux-system pod/source-controller-7d5bd54b48-rzcsz 1/1 Running 0 36m gatekeeper-system pod/gatekeeper-audit-6b5f99776d-cz4wg 1/1 Running 0 12m gatekeeper-system pod/gatekeeper-controller-manager-bf689659b-bbcms 1/1 Running 0 12m gatekeeper-system pod/gatekeeper-controller-manager-bf689659b-qjll2 1/1 Running 0 12m gatekeeper-system pod/gatekeeper-controller-manager-bf689659b-n5pnc 1/1 Running 0 12m istio-operator pod/istio-operator-55d78f9bd9-8bxln 1/1 Running 0 9m41s istio-system pod/istiod-7f94fc9476-2hmv9 1/1 Running 0 9m11s kube-system pod/svclb-public-ingressgateway-956b1960-kg5jw 3/3 Running 0 9m3s kube-system pod/svclb-public-ingressgateway-956b1960-pprvn 3/3 Running 0 9m3s kube-system pod/svclb-public-ingressgateway-956b1960-tlgkc 3/3 Running 0 9m3s kube-system pod/svclb-public-ingressgateway-956b1960-j29gk 3/3 Running 0 9m3s istio-system pod/public-ingressgateway-5c66995b65-rskvl 1/1 Running 0 9m4s monitoring pod/monitoring-monitoring-prometheus-node-exporter-ft2q5 2/2 Running 0 6m42s monitoring pod/monitoring-monitoring-kube-operator-78bdc66558-6w5x2 2/2 Running 0 6m47s monitoring pod/monitoring-monitoring-prometheus-node-exporter-d75hv 2/2 Running 0 6m45s monitoring pod/monitoring-monitoring-prometheus-node-exporter-lrhzd 2/2 Running 0 6m48s monitoring pod/monitoring-monitoring-prometheus-node-exporter-p88wv 2/2 Running 0 6m45s monitoring pod/monitoring-monitoring-kube-state-metrics-7c5d6c87f8-l6gk4 2/2 Running 0 6m48s monitoring pod/alertmanager-monitoring-monitoring-kube-alertmanager-0 3/3 Running 1 (5m50s ago) 6m15s monitoring pod/monitoring-monitoring-grafana-5986f55dff-x2c24 4/4 Running 0 6m47s monitoring pod/prometheus-monitoring-monitoring-kube-prometheus-0 3/3 Running 0 6m13s cluster-auditor pod/opa-exporter-65bb684494-894cl 2/2 Running 0 4m8s tempo pod/tempo-tempo-0 3/3 Running 0 3m36s twistlock pod/twistlock-console-6b66d5d885-tc4hg 2/2 Running 0 3m46s metrics-server pod/metrics-server-8478777f8c-kvxjb 2/2 Running 0 3m35s metrics-server pod/metrics-server-8478777f8c-qhc7b 2/2 Running 0 3m26s logging pod/logging-loki-0 2/2 Running 0 3m32s twistlock pod/twistlock-init-20221126033413-9v9d8 0/2 Completed 0 3m46s logging pod/logging-promtail-jc8st 2/2 Running 0 64s logging pod/logging-promtail-dlhbc 2/2 Running 0 73s logging pod/logging-promtail-pbxxz 2/2 Running 0 68s logging pod/logging-promtail-92hvr 2/2 Running 0 68s NAMESPACE NAME AGE READY STATUS bigbang helmrelease.helm.toolkit.fluxcd.io/bigbang 14m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/gatekeeper 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/istio-operator 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/istio 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/monitoring 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/cluster-auditor 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/tempo 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/metrics-server 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/loki 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/twistlock 13m True Release reconciliation succeeded bigbang helmrelease.helm.toolkit.fluxcd.io/promtail 13m True Release reconciliation succeeded ```

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/anchore/syft](https://togithub.com/anchore/syft) | require | patch | `v0.62.1` -> `v0.62.2` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>anchore/syft</summary> ### [`v0.62.2`](https://togithub.com/anchore/syft/releases/tag/v0.62.2) [Compare Source](https://togithub.com/anchore/syft/compare/v0.62.1...v0.62.2) ### Changelog #### [v0.62.2](https://togithub.com/anchore/syft/tree/v0.62.2) (2022-11-28) [Full Changelog](https://togithub.com/anchore/syft/compare/v0.62.1...v0.62.2) ##### Bug Fixes - SPDX-json output differs between cli and golang implementation \[[Issue #1213](https://togithub.com/anchore/syft/issues/1213)] - Python cataloging fails to remove some non-version characters from version string \[[Issue #1360](https://togithub.com/anchore/syft/issues/1360)] - Haskell Cabal packages crash syft \[[Issue #1362](https://togithub.com/anchore/syft/issues/1362)] - Panic case for alpm on windows has a correct error case \[[Issue #1094](https://togithub.com/anchore/syft/issues/1094)] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

## Description Update schema validation url ## Related Issue Fixes #1052

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [svelte-check](https://togithub.com/sveltejs/language-tools) | [`2.9.2` -> `2.10.0`](https://renovatebot.com/diffs/npm/svelte-check/2.9.2/2.10.0) | [![age](https://badges.renovateapi.com/packages/npm/svelte-check/2.10.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/svelte-check/2.10.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/svelte-check/2.10.0/compatibility-slim/2.9.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/svelte-check/2.10.0/confidence-slim/2.9.2)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>sveltejs/language-tools</summary> ### [`v2.10.0`](https://togithub.com/sveltejs/language-tools/releases/tag/svelte-check-2.10.0) [Compare Source](https://togithub.com/sveltejs/language-tools/compare/svelte-check-2.9.2...svelte-check-2.10.0) - (fix) type error for component with no props ([#1744](https://togithub.com/sveltejs/language-tools/issues/1744)) - (fix) generic support for component getter and accessor ([#1689](https://togithub.com/sveltejs/language-tools/issues/1689)) - (fix) allow falsy values for svelte:component ([#1694](https://togithub.com/sveltejs/language-tools/issues/1694)) - (fix) skip forwarded event from svelte:self ([#1693](https://togithub.com/sveltejs/language-tools/issues/1693)) - (fix) case insenstive file system document sync ([#1697](https://togithub.com/sveltejs/language-tools/issues/1697)) - (feat) add --preserveWatchOutput option ([#1715](https://togithub.com/sveltejs/language-tools/issues/1715)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

…1058) Quick typo fix

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [k8s.io/utils](https://togithub.com/kubernetes/utils) | require | digest | `8e77b1f` -> `99ec85e` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

This PR is a major refactor of the zarf code base primarily designed around better structure to support the current Zarf API as well as expose some key portions of Zarf as an SDK for other tools to consume. This major refactor came out of growing API needs as well as needs in #892 and the [zarf-controller](https://github.com/defenseunicorns/zarf-controller) prototype. Major changes: - Migrate all global configs used by the packager into [receiver methods](https://medium.com/globant/go-method-receiver-pointer-vs-value-ffc5ab7acdb) to avoid concurrency issues - Migrate from heavy `fatal` use to conventional error bubbling / wrapping - Expose core packager code as `github.com/defenseunicorns/zarf/src/pkg/packager` - Split the k8s package into `github.com/defenseunicorns/zarf/src/pkg/k8s` (external) and `src/internal/cluster` (internal) - Expose `message`, `pki`, and `utils` as `github.com/defenseunicorns/zarf/src/pkg/*` - Move the remaining `src/internal/*` packages (except for `agent` & `api`) into `src/internal/packager/*` - Change K8s connections to a reusable connection, except for `cluster.Tunnel` - Switch to Revive for linting - Introduce language file and establish basic patterns, related to #631 - Add SPDX headers to all files - Begin work to standardize on the [Uber Go Style Guide](https://github.com/uber-go/guide/blob/master/style.md) - Address a lot of lint issues - Return confirm yaml display to only show populated values Co-authored-by: Jon Perry <[email protected]> Co-authored-by: Wayne Starr <[email protected]>

## Description Fixes UI failing silently if init package is not found. It is worth noting that this PR introduces some basic JSON error messaging to the API + JSON error message handling in the UI's `http.ts`. ## Related Issue    Fixes #1013 ## Type of change  - [X] Bug fix (non-breaking change which fixes an issue)

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [loki-stack](https://grafana.com/loki) ([source](https://togithub.com/grafana/helm-charts)) | patch | `2.8.2` -> `2.8.7` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>grafana/helm-charts</summary> ### [`v2.8.7`](https://togithub.com/grafana/helm-charts/releases/tag/loki-stack-2.8.7) [Compare Source](https://togithub.com/grafana/helm-charts/compare/loki-stack-2.8.6...loki-stack-2.8.7) Loki: like Prometheus, but for logs. ### [`v2.8.6`](https://togithub.com/grafana/helm-charts/releases/tag/loki-2.8.6) [Compare Source](https://togithub.com/grafana/helm-charts/compare/loki-stack-2.8.5...loki-stack-2.8.6) Loki: like Prometheus, but for logs. ### [`v2.8.5`](https://togithub.com/grafana/helm-charts/releases/tag/loki-2.8.5) [Compare Source](https://togithub.com/grafana/helm-charts/compare/loki-stack-2.8.4...loki-stack-2.8.5) Loki: like Prometheus, but for logs. ### [`v2.8.4`](https://togithub.com/grafana/helm-charts/releases/tag/loki-stack-2.8.4) [Compare Source](https://togithub.com/grafana/helm-charts/compare/loki-stack-2.8.3...loki-stack-2.8.4) Loki: like Prometheus, but for logs. ### [`v2.8.3`](https://togithub.com/grafana/helm-charts/releases/tag/loki-2.8.3) [Compare Source](https://togithub.com/grafana/helm-charts/compare/loki-stack-2.8.2...loki-stack-2.8.3) Loki: like Prometheus, but for logs. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <[email protected]> Co-authored-by: Wayne Starr <[email protected]>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/anchore/syft](https://togithub.com/anchore/syft) | require | patch | `v0.62.2` -> `v0.62.3` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>anchore/syft</summary> ### [`v0.62.3`](https://togithub.com/anchore/syft/releases/tag/v0.62.3) [Compare Source](https://togithub.com/anchore/syft/compare/v0.62.2...v0.62.3) ### Changelog #### [v0.62.3](https://togithub.com/anchore/syft/tree/v0.62.3) (2022-11-30) [Full Changelog](https://togithub.com/anchore/syft/compare/v0.62.2...v0.62.3) ##### Added Features - Add a generic binary cataloger \[[PR #1336](https://togithub.com/anchore/syft/pull/1336)] \[[kzantow](https://togithub.com/kzantow)] - Add `--name` option to override name in output \[[1269](https://togithub.com/anchore/syft/pull/1269)] \[[jedevc](https://togithub.com/jedevc)] ##### Bug Fixes - Recover from bad parsing of golang binary \[[PR #1371](https://togithub.com/anchore/syft/pull/1371)] \[[wagoodman](https://togithub.com/wagoodman)] - panic: runtime error: index out of range \[0] with length 0 \[[Issue #1094](https://togithub.com/anchore/syft/issues/1094)] - Syft finds no apks for some images with apks \[[Issue #1354](https://togithub.com/anchore/syft/issues/1354)] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [x] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <[email protected]>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [material-symbols](https://marella.github.io/material-symbols/demo/) ([source](https://togithub.com/marella/material-symbols)) | [`0.4.0` -> `0.4.1`](https://renovatebot.com/diffs/npm/material-symbols/0.4.0/0.4.1) | [![age](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.1/compatibility-slim/0.4.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/material-symbols/0.4.1/confidence-slim/0.4.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>marella/material-symbols</summary> ### [`v0.4.1`](https://togithub.com/marella/material-symbols/compare/v0.4.0...v0.4.1) [Compare Source](https://togithub.com/marella/material-symbols/compare/v0.4.0...v0.4.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [serde_json](https://togithub.com/serde-rs/json) | dependencies | patch | `1.0.87` -> `1.0.89` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>serde-rs/json</summary> ### [`v1.0.89`](https://togithub.com/serde-rs/json/releases/tag/v1.0.89) [Compare Source](https://togithub.com/serde-rs/json/compare/v1.0.88...v1.0.89) - Fix invalid JSON incorrectly accepted when a large number has no digits after decimal point ([#953](https://togithub.com/serde-rs/json/issues/953)) ### [`v1.0.88`](https://togithub.com/serde-rs/json/releases/tag/v1.0.88) [Compare Source](https://togithub.com/serde-rs/json/compare/v1.0.87...v1.0.88) - Optimize serde_json::Map's implementation of `append` and `clone_from` ([#952](https://togithub.com/serde-rs/json/issues/952), thanks [@Lucretiel](https://togithub.com/Lucretiel)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <[email protected]>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [flate2](https://togithub.com/rust-lang/flate2-rs) | dependencies | patch | `1.0.24` -> `1.0.25` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <[email protected]>

## Description A new workflow created which will track the pushed changes and automatically check for the vulnerabilities with the help of CodeQL in the repo every week. ... ## Related Issue Fixes #897  Relates to # ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed

Racer159

Some requested code changes

docs/13-walkthroughs/6-publish-and-deploy.md

src/pkg/utils/oras.go

src/pkg/utils/random.go

src/test/e2e/50_oci_package_test.go

Co-authored-by: Wayne Starr <[email protected]>

Racer159 · 2023-03-08T00:03:33Z

docs/13-walkthroughs/6-publish-and-deploy.tape

@@ -0,0 +1,169 @@
+Output docs/.images/walkthrough-6.gif


@Noxsios were you going to remove this and the gif?

Racer159 · 2023-03-08T00:04:58Z

src/cmd/tools/archiver.go

@@ -31,6 +35,8 @@ var archiverCompressCmd = &cobra.Command{
 	},
 }

+var decompressLayers bool


If this stays as --decompress-all then I think it should decompress sboms too

src/pkg/packager/network.go

src/pkg/packager/publish.go

src/pkg/packager/network.go

Racer159 · 2023-03-08T00:22:07Z

src/pkg/packager/inspect.go

+		spinner := message.NewProgressSpinner("Loading Zarf Package %s", p.cfg.DeployOpts.PackagePath)
+		ref, err := registry.ParseReference(strings.TrimPrefix(p.cfg.DeployOpts.PackagePath, "oci://"))
+		if err != nil {
+			return err
+		}
+
+		dst, err := utils.NewOrasRemote(ref)
+		if err != nil {
+			return err
+		}

-	if err := p.loadZarfPkg(); err != nil {
-		return fmt.Errorf("unable to load the package: %w", err)
+		desc, err := dst.Resolve(dst.Context, ref.Reference)
+		if err != nil {
+			return err
+		}
+
+		// get the manifest
+		spinner.Updatef("Fetching the manifest for %s", p.cfg.DeployOpts.PackagePath)
+		manifestBytes, err := content.FetchAll(dst.Context, dst, desc)
+		if err != nil {
+			return err
+		}
+		manifest := ocispec.Manifest{}
+		artifact := ocispec.Artifact{}
+		var layers []ocispec.Descriptor
+		// if the manifest is an artifact, unmarshal it as an artifact
+		// otherwise, unmarshal it as a manifest
+		if desc.MediaType == ocispec.MediaTypeArtifactManifest {
+			if err = json.Unmarshal(manifestBytes, &artifact); err != nil {
+				return err
+			}
+			layers = artifact.Blobs
+		} else {
+			if err = json.Unmarshal(manifestBytes, &manifest); err != nil {
+				return err
+			}
+			layers = manifest.Layers
+		}
+		spinner.Updatef("Loading Zarf Package %s", p.cfg.DeployOpts.PackagePath)
+		zarfYamlDesc := utils.Find(layers, func(d ocispec.Descriptor) bool {
+			return d.Annotations["org.opencontainers.image.title"] == "zarf.yaml"
+		})
+		zarfYamlBytes, err := content.FetchAll(dst.Context, dst, zarfYamlDesc)
+		if err != nil {
+			return err
+		}
+		if err := utils.WriteFile(p.tmp.ZarfYaml, zarfYamlBytes); err != nil {
+			return err
+		}
+		if includeSBOM {
+			sbmomsTarDesc := utils.Find(layers, func(d ocispec.Descriptor) bool {
+				return d.Annotations["org.opencontainers.image.title"] == "sboms.tar"
+			})
+			sbmomsTarBytes, err := content.FetchAll(dst.Context, dst, sbmomsTarDesc)
+			if err != nil {
+				return err
+			}
+			if err := utils.WriteFile(p.tmp.SbomTar, sbmomsTarBytes); err != nil {
+				return err
+			}
+			if err := archiver.Unarchive(p.tmp.SbomTar, filepath.Join(p.tmp.Base, "sboms")); err != nil {
+				return err
+			}
+		}
+		err = utils.ReadYaml(p.tmp.ZarfYaml, &p.cfg.Pkg)
+		if err != nil {
+			return err
+		}
+		spinner.Successf("Loaded Zarf Package %s", p.cfg.DeployOpts.PackagePath)


This should be broken into a helper function (or functions) that is able to pull a file from OCI (lines 64-89 are largely repeating)

src/pkg/packager/publish.go

Racer159 · 2023-03-08T00:25:33Z

src/pkg/packager/publish.go

+	copyOpts.FindSuccessors = func(ctx context.Context, fetcher content.Fetcher, node ocispec.Descriptor) ([]ocispec.Descriptor, error) {
+		if content.Equal(node, root) {
+			// skip non-config
+			content, err := content.FetchAll(ctx, fetcher, root)
+			if err != nil {
+				return nil, err
+			}
+			var manifest ocispec.Manifest
+			if err := json.Unmarshal(content, &manifest); err != nil {
+				return nil, err
+			}
+			return []ocispec.Descriptor{manifest.Config}, nil
+		}
+		// config has no successors
+		return nil, nil
+	}


Still not a huge fan of these larger inline functions... It can make it harder to follow where the returns are going.

Racer159 · 2023-03-08T00:41:45Z

src/pkg/utils/bytes.go

+			progressBar.Update(int64(expectedTotal), title)
+
+			// Send success message
+			progressBar.Successf("%s (%s)", updateText, ByteFormat(float64(expectedTotal), 2))
+			wg.Done()


This seems to result in some visual glitches on package create

Racer159 · 2023-03-08T00:44:27Z

docs/13-walkthroughs/6-publish-and-deploy.md

+
+In this walkthrough, we are going to run through how to publish a Zarf package to an [OCI](https://github.com/opencontainers/image-spec) compliant registry, allowing end users to pull and deploy packages without needing to build locally, or transfer the package to their environment.
+
+![Walkthrough GIF](../.images/walkthrough-6.gif)


walkthrough gif

Racer159 · 2023-03-08T00:51:56Z

docs/13-walkthroughs/6-publish-and-deploy.md

+```bash
+# Setup some variables for the registry we will be using
+$ REGISTRY=docker.io
+$ set +o history
+$ REGISTRY_USERNAME=<username> # <-- replace with your username
+$ REPOSITORY_URL=$REGISTRY/$REGISTRY_USERNAME
+$ REGISTRY_SECRET=<secret> # <-- replace with your password or auth token
+$ set -o history
+
+# Authenticate with your registry using Zarf
+$ echo $REGISTRY_SECRET | zarf tools registry login $REGISTRY --username $REGISTRY_USERNAME --password-stdin
+# (Optional) Otherwise, create a Docker compliant auth config file if the Docker CLI is not installed
+$ mkdir -p ~/.docker
+$ AUTH=$(echo -n "$REGISTRY_USERNAME:$REGISTRY_SECRET" | base64)
+# Note: If using Docker Hub, the registry URL is `https://index.docker.io/v1/` for the auth config
+$ cat <<EOF > ~/.docker/config.json
+{
+  "auths": {
+    "$REGISTRY": {
+      "auth": "$AUTH"
+    }
+  }
+}
+EOF
+```


Feedback I took away from watching the user go through the BB walkthrough, can we split this into a Setup section and remove the instructions from the code comments?

Suggested change

```bash

# Setup some variables for the registry we will be using

$ REGISTRY=docker.io

$ set +o history

$ REGISTRY_USERNAME=<username> # <-- replace with your username

$ REPOSITORY_URL=$REGISTRY/$REGISTRY_USERNAME

$ REGISTRY_SECRET=<secret> # <-- replace with your password or auth token

$ set -o history

# Authenticate with your registry using Zarf

$ echo $REGISTRY_SECRET | zarf tools registry login $REGISTRY --username $REGISTRY_USERNAME --password-stdin

# (Optional) Otherwise, create a Docker compliant auth config file if the Docker CLI is not installed

$ mkdir -p ~/.docker

$ AUTH=$(echo -n "$REGISTRY_USERNAME:$REGISTRY_SECRET" | base64)

# Note: If using Docker Hub, the registry URL is `https://index.docker.io/v1/` for the auth config

$ cat <<EOF > ~/.docker/config.json

{

"auths": {

"$REGISTRY": {

"auth": "$AUTH"

}

}

}

EOF

```

## Setup

This walkthrough will require a registry to be configured (see [prerequisites](#prerequisites) for more information). The below sets up some variables for us to use when logging into the registry:

```bash

$ REGISTRY=docker.io

$ set +o history

$ REGISTRY_USERNAME=<username> # <-- replace with your username

$ REPOSITORY_URL=$REGISTRY/$REGISTRY_USERNAME

$ REGISTRY_SECRET=<secret> # <-- replace with your password or auth token

$ set -o history

With those set, you can tell Zarf to login to your registry with the following:

$ echo $REGISTRY_SECRET | zarf tools registry login $REGISTRY --username $REGISTRY_USERNAME --password-stdin

:::note

If you do not have the Docker CLI installed, you may need to create a Docker compliant auth config file manually:

$ mkdir -p ~/.docker $ AUTH=$(echo -n "$REGISTRY_USERNAME:$REGISTRY_SECRET" | base64) # Note: If using Docker Hub, the registry URL is `https://index.docker.io/v1/` for the auth config $ cat <<EOF > ~/.docker/config.json { "auths": { "$REGISTRY": { "auth": "$AUTH" } } } EOF

:::

Github hates me but hopefully you get the point

Racer159 · 2023-03-08T00:54:43Z

docs/13-walkthroughs/6-publish-and-deploy.md

+```bash
+# Setup some variables for the registry we will be using
+$ REGISTRY=docker.io
+$ set +o history
+$ REGISTRY_USERNAME=<username> # <-- replace with your username
+$ REPOSITORY_URL=$REGISTRY/$REGISTRY_USERNAME
+$ REGISTRY_SECRET=<secret> # <-- replace with your password or auth token
+$ set -o history
+
+# Authenticate with your registry using Zarf
+$ echo $REGISTRY_SECRET | zarf tools registry login $REGISTRY --username $REGISTRY_USERNAME --password-stdin
+# (Optional) Otherwise, create a Docker compliant auth config file if the Docker CLI is not installed
+$ mkdir -p ~/.docker
+$ AUTH=$(echo -n "$REGISTRY_USERNAME:$REGISTRY_SECRET" | base64)
+# Note: If using Docker Hub, the registry URL is `https://index.docker.io/v1/` for the auth config
+$ cat <<EOF > ~/.docker/config.json
+{
+  "auths": {
+    "$REGISTRY": {
+      "auth": "$AUTH"
+    }
+  }
+}
+EOF
+```


Github hates me but hopefully you get the point

Racer159 · 2023-03-08T01:01:20Z

docs/13-walkthroughs/6-publish-and-deploy.md

+Inspecting a Zarf package stored in an OCI registry is the same as inspecting a local package and has the same flags:
+
+```yaml
+$ zarf package inspect oci://$REPOSITORY_URLhelm-oci-chart:0.0.1-arm64


This is not expected I am assuming?

Racer159 · 2023-03-08T01:04:45Z

docs/13-walkthroughs/6-publish-and-deploy.md

+Then publish the package to the registry:
+
+```bash
+# Your package tarball may be named differently based on your machine's architecture


This should probably be a :::note

Racer159 · 2023-03-08T01:29:17Z

👀 guess we're not doing this anymore @Noxsios

bburky · 2023-03-08T01:30:43Z

sorry, I deleted a branch in the GitHub mobile app on accident. Had to use the web UI to restore. I was just trying to read comments to see what was going on and mistapped

Racer159 · 2023-03-08T01:40:27Z

No problem, there were a few things going on that messed this one up

renovate bot and others added 30 commits November 16, 2022 10:55

Update codeowners (#1044)

6012ee9

fix: update schema validation url in docs (#1052) (#1053)

668320d

## Description Update schema validation url ## Related Issue Fixes #1052

remove typo character in example command within the postgres readme (#…

6e96cf9

…1058) Quick typo fix

abhiyant-10 and others added 4 commits March 6, 2023 15:58

Merge branch 'main' into features/oci-package

15ad57e

repackage components into a tarball when publishing (instead of tar.zst)

a0cf661

fix e2e test that validate oci functionality

e390164

Racer159 requested changes Mar 7, 2023

View reviewed changes

Noxsios and others added 10 commits March 7, 2023 10:38

Apply suggestions from code review by @Racer159

7036742

Co-authored-by: Wayne Starr <[email protected]>

clean up clean up, everybody clean up

308275e

create utility for creating a progress bar for local file saves

04dd7bd

make inspect oci:// like inspect

3462123

use new utils fn

e77997a

update inspect test

edca09f

fix inspect

1e42eeb

update docs

4d83579

concurrency --> oci-concurrency

cda6a25

removed uneeded gitignore

2b0c8ba

Racer159 requested changes Mar 8, 2023

View reviewed changes

Noxsios added 4 commits March 7, 2023 18:36

no more precopy

d0a2d9e

linting

39d8bc5

better isManifestUnsupported handling

5dcdfc5

docs

bf92ac9

Racer159 reviewed Mar 8, 2023

View reviewed changes

Racer159 requested changes Mar 8, 2023

View reviewed changes

Noxsios closed this Mar 8, 2023

Noxsios force-pushed the features/oci-package branch from 85e8c0e to bf92ac9 Compare March 8, 2023 01:21

bburky deleted the features/oci-package branch March 8, 2023 01:29

bburky restored the features/oci-package branch March 8, 2023 01:30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MZOCI - Make Zarf OCI #1402

MZOCI - Make Zarf OCI #1402

Noxsios commented Mar 1, 2023 •

edited

Loading

Racer159 left a comment

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023 •

edited

Loading

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 Mar 8, 2023

Racer159 commented Mar 8, 2023

bburky commented Mar 8, 2023

Racer159 commented Mar 8, 2023


		In this walkthrough, we are going to run through how to publish a Zarf package to an [OCI](https://github.com/opencontainers/image-spec) compliant registry, allowing end users to pull and deploy packages without needing to build locally, or transfer the package to their environment.

		![Walkthrough GIF](../.images/walkthrough-6.gif)

MZOCI - Make Zarf OCI #1402

MZOCI - Make Zarf OCI #1402

Conversation

Noxsios commented Mar 1, 2023 • edited Loading

Description

Related Issue

Type of change

Checklist before merging

Racer159 left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Racer159 Mar 8, 2023 • edited Loading

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Racer159 commented Mar 8, 2023

bburky commented Mar 8, 2023

Racer159 commented Mar 8, 2023

Noxsios commented Mar 1, 2023 •

edited

Loading

Racer159 Mar 8, 2023 •

edited

Loading