Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feature request] Support generic OCI image in init --provisioners #178

Closed
mathieu-benoit opened this issue Sep 21, 2024 · 13 comments
Closed
Assignees
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@mathieu-benoit
Copy link
Contributor

To complete #175, it would be great to support generic OCI image to import external provisioners.

https://opencontainers.org/

Example:

score-compose init --provisioners oci://...

Wondering if for this we could use the ORAS client:

@mathieu-benoit mathieu-benoit added the enhancement New feature or request label Sep 21, 2024
@astromechza
Copy link
Member

@mathieu-benoit how would that work? What would the archive format be inside the image and how would users create an image file with a single yaml file inside it?

@astromechza
Copy link
Member

Why is this better than just an https url?

@mathieu-benoit
Copy link
Contributor Author

mathieu-benoit commented Sep 23, 2024

Simple as:

oras push registry/name:tag my-provisioner.yaml

Then you can use it:

oras pull registry/name:tag

Or more embedded:

score-compose init --provisioners registry/name:tag

Why it's appealing? Because you now have your provisioners as OCI artifacts in your private secure artifact/container registry.

Not directly related, but I went through this full picture/story in a GitOps flow with Policies files, as an illustration: https://medium.com/p/e1233429ae2.

@astromechza
Copy link
Member

Ah ok I see so this is a common pattern used in oras 👍 .

So score-k8s init --provisioners oci://reg/name:tag would be fairly equivalent to

score-k8s init
oras pull oci://reg/name:tag --output .score-k8s

Thankfully looks like there's a useful go library here: https://github.com/oras-project/oras-go.

Cool @mathieu-benoit I think this is a good idea. Note that we MUST keep the oci:// or oras:// scheme prefix on the URI to unambiguate it.

@astromechza astromechza added good first issue Good for newcomers help wanted Extra attention is needed and removed discussion labels Sep 24, 2024
@astromechza
Copy link
Member

Also note: This would import ALL the files from that oci reference: all provisioner files and possibility utility scripts as needed.

@mathieu-benoit
Copy link
Contributor Author

mathieu-benoit commented Sep 24, 2024

Yup, I think oci:// is the right approach, very generic, and that's what oras recommends too.

And yes, you can do this below to upload multiple files in a folder:

oras push registry/name:tag my-folder-container-files/

@7h3-3mp7y-m4n
Copy link
Contributor

hey, since it's a good first issue, Can I try to fix it?

@sujaya-sys
Copy link
Contributor

@7h3-3mp7y-m4n For sure, that sounds great! You can go ahead and assign the issue to yourself whenever you're ready to get started. If you have any questions in regards to the implementation @mathieu-benoit and @delca85 should be able to assist. Thanks a lot!

@7h3-3mp7y-m4n
Copy link
Contributor

thanks @mathieu-benoit and @sujaya-sys I'll start working on this and I'll be happy if you folks could help me if I run into some confusion :)

@mathieu-benoit
Copy link
Contributor Author

mathieu-benoit commented Oct 11, 2024

@7h3-3mp7y-m4n, like discussed offline, the implementation of this needs to actually happen in the https://github.com/score-spec/score-go repo, see example here: score-spec/score-go#45.
And then, we will be able to release a new version of score-go and include it here for this OCI support (and in score-k8s in the meantime ;)).

@7h3-3mp7y-m4n
Copy link
Contributor

Thanks @mathieu-benoit :)

@mathieu-benoit
Copy link
Contributor Author

mathieu-benoit commented Oct 18, 2024

Good progress here, it's now in score-go 1.8.3: https://github.com/score-spec/score-go/releases/tag/v1.8.3.

We'll need to do the following things next in order to officially release this new feature:

Out of scope for now (right?):

@mathieu-benoit
Copy link
Contributor Author

@github-project-automation github-project-automation bot moved this from In Progress to Done in KubeCon NA 2024 SLC Nov 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
Status: Done
Development

No branches or pull requests

4 participants