Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to share/reuse Updatecli manifest using any OCI registry #1605

Merged
merged 65 commits into from
Oct 6, 2023
Merged

Allow to share/reuse Updatecli manifest using any OCI registry #1605

merged 65 commits into from
Oct 6, 2023

Conversation

olblak
Copy link
Member

@olblak olblak commented Sep 18, 2023
edited

Fix #1600

TODO

  • Gate this feature behind the experimental flag
  • Show proper title when push/pull registry
  • Move the oras module update to a proper pullrequest

This pullrequest allows to:

  • Push an update policy to an OCI registry
  • Pull an update policy from an OCI registry
  • Apply/Show/Diff update policy from an OCI registry

A policy can be composed of manifest, values, and secrets files
values and secret files can be overridden at runtime similarly the current behavior
when we specify multiple --values or --secrets

I also did a few code cleanup:

  • I took the opportunity to split the engine package to split the main file which became huge to multiple one as it became very hard to read.
  • I updated oras-project/oras-go to 1.2.4. This dependency was needed for go-container-test and several other dependency in the container space like moby or helm. It potentially introduces a breaking change for older version of those dependencies. I had a quick look and it shouldn't affect the code we use. This version bump will also unblock PR like Update Golang module github.com/moby/buildkit #1578

Test

To test this pull request, you can run the following commands:

go build -o bin/updatecli
./bin/updatecli manifest push --config updatecli/updatecli.d/updatecli.yaml -t ghcr.io/olblak/policies/updatecli:latest .
./bin/updatecli manifest pull --disable-tls localhost:5000/myrepo:latest
./bin/updatecli manifest show --disable-tls ghcr.io/olblak/policies/updatecli:latest
./bin/updatecli diff --disable-tls ghcr.io/olblak/policies/updatecli:latest

Additional Information

This feature relies on the docker login to create the credential store, updatecli doesn't provide login mechanism

Secret or Values files specified at command execution will override default values publish on the registry.
Similar to doing updatecli diff --config manifest.yaml --values default.yaml --values override.yaml
File are not merged using deep merged

Tradeoff

Potential improvement

while looking at the cmd package, I realize how none consistent the command and I wonder if

updatecli diff should become updatecli pipeline diff
updatecli apply should become updatecli pipeline apply

or rename

updatecli diff should become updatecli policy diff
updatecli apply should become updatecli policy apply

@olblak
Init registry support
f8fed9f 
Signed-off-by: Olblak <me@olblak.com>
@olblak
small code cleanup
d6b2e2e 
Signed-off-by: Olblak <me@olblak.com>
@olblak
support multiple manifest input in the engine
830abfa 
Signed-off-by: Olblak <me@olblak.com>
@olblak
refactor registry support
69e729d 
Signed-off-by: Olblak <me@olblak.com>
@olblak
refactor cmd to support registry
4b69b5e 
allow to specify multiple config

Signed-off-by: Olblak <me@olblak.com>
@olblak olblak added the enhancement New feature or request label Sep 18, 2023
@olblak olblak marked this pull request as draft September 18, 2023 19:02
olblak and others added 23 commits September 18, 2023 21:54
@olblak
Merge branch 'main' into issue/1600
a81eff2
@olblak
Merge branch 'main' into issue/1600
a087eb1
@olblak
Merge branch 'main' into issue/1600
fa53a90
@olblak
Fix comment typo
93673d1 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Ignore various checkspelling warning
df4c703 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'issue/1600' of github.com:olblak/updatecli into issue/1600
e144888
@olblak
Group value/secret/manifest together
d9f179d 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move autodiscovery function to dedicated go file
25f5b78 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move schema function to dedicated go file
7e25b27 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move function show to a specific golang file
5e2a38b 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move run function to a dedicated go file
e6753c7 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move loadconfigurations to a dedicated go file
badfe31 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move prepare function to a dedicated go file
1883ec9 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Move scm functions to a dedicated file
4fc3e58 
Signed-off-by: Olblak <me@olblak.com>
@olblak
create a utils.go
59c285e 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Refactor show title
3c266ed 
Signed-off-by: Olblak <me@olblak.com>
@olblak
cleanup deprecation syntax
f944b4b 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Another deprecation fix
05e7387 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Use go-container-test for registry integration test
8a16696 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Ignore spellingcheck warning
dfca72d 
Signed-off-by: Olblak <me@olblak.com>
@olblak
fix formatting issue
c66af7d 
Signed-off-by: Olblak <me@olblak.com>
@olblak
replace oras.land/oras.go with temporary fork, from sylabs
856b8f5 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Bump oras-project/oras-go to 1.2.4 and remove sylab fork
e1ccd54 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Copy link
Member Author

olblak commented Sep 29, 2023

Well the oras library is bumped with the Helm dependency update in #1626

@olblak olblak mentioned this pull request Sep 30, 2023
Merged
1 task
@olblak olblak changed the title Allow to share/reuse Updatecli manifest to/from OCI registry Allow to share/reuse Updatecli manifest using any OCI registry Oct 1, 2023
@olblak olblak mentioned this pull request Oct 3, 2023
Merged
olblak and others added 19 commits October 3, 2023 20:35
@olblak
Merge branch 'main' into issue/1600
7cfc136
@olblak
pull from oci to path using digest
133fb04 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Specify alpha in the mediatype
91bb0fa 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Add alpha to artifact layer too
34831a8 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Add policy metadata file
73d58a2 
fix minor displaying issue

Use the correct image tag

Signed-off-by: Olblak <me@olblak.com>
@olblak
Fix policy.yaml
0606586 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'main' into issue/1600
1061d11
@olblak
Add default value for updatecli manifest push command
3a5c8a2 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Refactor registry to enforce semver version
b3c63f8 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'issue/1600' of github.com:olblak/updatecli into issue/1600
e608ac5
@olblak
Merge branch 'main' into issue/1600
3ebf84b
@olblak
fix various typos
bba8b1e 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'issue/1600' of github.com:olblak/updatecli into issue/1600
d243633
@olblak
convert an array to a slice
16c0576 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'main' into issue/1600
7768fd3
@olblak
Allow to retrieve manifest from subdir
3c02659 
Signed-off-by: Olblak <me@olblak.com>
@olblak
Merge branch 'issue/1600' of github.com:olblak/updatecli into issue/1600
9947343
@olblak
Fix file retrieval
e9b80fd 
Signed-off-by: Olblak <me@olblak.com>
@olblak
remove useless print message
383b4c0 
Signed-off-by: Olblak <me@olblak.com>
@olblak olblak merged commit f94fda1 into updatecli:main Oct 6, 2023
6 checks passed
@olblak olblak deleted the issue/1600 branch October 6, 2023 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow sharing Updatecli configuration using OCI registry such as ghcr.io
1 participant
@olblak