Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: replace image pull and push library from ORAS to crane #3559

Draft
wants to merge 58 commits into
base: main
Choose a base branch
from
Draft

feat: replace image pull and push library from ORAS to crane #3559

wants to merge 58 commits into from
+1,151 −868

Conversation

AustinAbro321
Copy link
Contributor

@AustinAbro321 AustinAbro321 commented Mar 7, 2025
edited
Loading

Description

This replaces the Crane library uses for image pulls and pushes with ORAS. This does not change zarf tools crane operations.

Proposal - ZEP-0019: Refactor Image operations #20

This changes the default value to --oci-concurrency from three to six. Crane pushes and pulls all layers concurrently always, and the replaced implementation pushed multiple images at a time. Therefore, no matter what number it will still be less than it was previously.

One unfortunate side effect of this PR is that when Syft or Steroscope reads images from the cache it adds the image layers back to the cache. It is expecting a cache format that Crane uses, but still works with a traditional OCI directory. I'll need to look into how this can be mitigated so we don't make things messier than necessary.

Related Issue

Fixes #3434
Fixes #3194
Relates to #3113
Relates to #2104

Checklist before merging

Sorry, something went wrong.

@netlify Netlify
Copy link

netlify bot commented Mar 7, 2025
edited
Loading

Deploy Preview for zarf-docs canceled.

Name Link
🔨 Latest commit 3106d02
🔍 Latest deploy log https://app.netlify.com/sites/zarf-docs/deploys/67d33d59f64d690008721370

@codecov Codecov
Copy link

codecov bot commented Mar 7, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 48.58871% with 255 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
src/internal/packager/images/pull.go 56.80% 93 Missing and 15 partials ⚠️
src/internal/packager/images/cache/cache.go 49.35% 31 Missing and 8 partials ⚠️
src/internal/packager/images/push.go 52.56% 26 Missing and 11 partials ⚠️
src/internal/packager/images/common.go 44.18% 20 Missing and 4 partials ⚠️
src/internal/packager2/mirror.go 0.00% 16 Missing ⚠️
src/pkg/cluster/tunnel.go 0.00% 9 Missing ⚠️
src/pkg/utils/image.go 0.00% 9 Missing ⚠️
src/internal/packager2/layout/create.go 0.00% 6 Missing ⚠️
src/internal/packager2/layout/package.go 0.00% 2 Missing ⚠️
src/internal/packager2/layout/sbom.go 0.00% 2 Missing ⚠️
... and 3 more
Files with missing lines Coverage Δ
src/cmd/viper.go 53.08% <100.00%> (ø)
src/cmd/package.go 42.81% <0.00%> (-0.07%) ⬇️
src/pkg/packager/creator/normal.go 7.12% <0.00%> (+0.18%) ⬆️
src/pkg/packager/deploy.go 5.40% <0.00%> (-0.01%) ⬇️
src/internal/packager2/layout/package.go 38.37% <0.00%> (-2.14%) ⬇️
src/internal/packager2/layout/sbom.go 51.02% <0.00%> (+0.62%) ⬆️
src/internal/packager2/layout/create.go 40.66% <0.00%> (+0.15%) ⬆️
src/pkg/cluster/tunnel.go 10.10% <0.00%> (-0.26%) ⬇️
src/pkg/utils/image.go 0.00% <0.00%> (ø)
src/internal/packager2/mirror.go 0.00% <0.00%> (ø)
... and 4 more
🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@RothAndrew
Copy link
Contributor

let's gooooooo! so excited for this lol

AustinAbro321 and others added 27 commits March 12, 2025 16:33
@AustinAbro321
lots to do but first passing test
00f8589 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
first test passing
715fe53 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
refactoring
9b9010d 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@dependabot @AustinAbro321
chore(deps): bump github.com/go-git/go-git/v5 from 5.13.2 to 5.14.0 (#…
b414396 
…3550)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@dependabot @AustinAbro321
chore(deps): bump codecov/codecov-action from 5.3.1 to 5.4.0 (#3547)
60b7ad5 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
another test working WIP
d535f0f 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
test pull cosign
924090c 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
another test passing
1e01d0c 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
fix tests, improve code
51d56e5 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
images
ca79503 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
docker daemon first pass
de464cc 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
docker pulls seem to work
525d269 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
push working
cea69d4 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
test
b914354 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
get rid of external manifest reliance
6019d08 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
tests passing
55caeb7 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
moving back to v27.5.1
ab1e2ba 
git push

Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
negotiate api version
d47e7f2 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
set oci concurrency higher
a2b9767 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
don't give a platform
1c43ee8 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
comment
4739de0 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
add push tests
3ad6be2 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
correctly not finding image
e51b8d6 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
tests passing for crane images
494e30f 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
fix
6771838 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
accidentally deleted the container config :)
e07194f 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
fix helm charts
09d55f1 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
add bad case
4936246 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
we now have a way to specify annotations
6da2f8a 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
registry overrides passing
d37b538 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
way to messy but e2e tests maybe pass now?
74eefe6 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
push images to registry
78ba98d 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
changing annotate image
1332e7a 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
make docs and schema
b2f5783 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
change mirror to use new logic
01c20ba 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321 AustinAbro321 force-pushed the move-image-operations-to-oras branch from a4f9e7a to 01c20ba Compare March 12, 2025 16:36
@AustinAbro321
support svc urls
034cc67 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
unnecessary println
ef7c120 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
fix checksums
426be51 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
trying this just to see if it works
c34f2d3 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
improve pull tests
c7203a2 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
move image operation
4aa551f 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
v4
777fd6b 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
fix example checksums
5d7f5d3 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
merge
69190cd 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
nginx remote component
9b61ad5 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
delete get crane image
51c2e06 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321 AustinAbro321 mentioned this pull request Mar 13, 2025
Open
@AustinAbro321
concurrency first stab
43903e3 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
update pull test
6638827 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
AustinAbro321
AustinAbro321 commented Mar 13, 2025
View reviewed changes
src/pkg/cluster/tunnel.go
@@ -153,6 +154,15 @@ func (c *Cluster) ConnectToZarfRegistryEndpoint(ctx context.Context, registryInf
if tunnel, err = c.NewTunnel(ZarfNamespaceName, SvcResource, ZarfRegistryName, "", 0, ZarfRegistryPort); err != nil {
return "", tunnel, err
}
} else if dns.IsServiceURL(registryInfo.Address) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the packager2 mirror refactor the push logic was changed to take Kubernetes services as input, this brings this function in parity with that.

@AustinAbro321
update images
f717021 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
require cache
08b6b93 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
order and improve docker ops
eb5e322 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
cleanup function
71ec34e 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
crane to oras
9ea28d6 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
@AustinAbro321
linter errors
3106d02 
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Migrate off of crane for pulling and pushing OCI images image pull fail from corrupted Crane cache
2 participants
@AustinAbro321 @RothAndrew