Kustomize Packaging about cluster-addons HOT 10 CLOSED

It depends on what you'd like to accomplish. If you want to simply store YAML inside of container layers and pull them out, you could use skopeo/umoci. If you want to actually differentiate between regular container images and Kustomize YAML at the registry level, then you want to use ORAS and configure a custom mimetype. ORAS is internally using libraries from containerd -- they are just flexible enough to configure the mimetype whereas I'm not sure if skopeo or umoci have a public API that allows that level of configuration.

from cluster-addons.

Some initial POC work on this is posted:
https://github.com/ecordell/kpg

Thanks for getting started @ecordell

from cluster-addons.

+1 to using ORAS. I'm an OCI maintainer and trying to ensure that there is a cohesive strategy for how everyone is storing non-container artifacts before we cut a stable OCI-distribution release.

from cluster-addons.

@jzelinskie do you have an opinion on using https://github.com/containers/skopeo + https://github.com/openSUSE/umoci as libraries to pull and unpack?

I was able to get something working with the commandline tools and some canonical file layout.
The creation UX was just to docker build a Dockerfile where the resulting kustomize layer(s) were in an image under /addon/

from cluster-addons.

If we use a different mime-type -- we'll probably need to use something buildkit based to assemble the OCI image instead of using canonical folders in a Dockerfile. This is definitely more formal.
One thing I found interesting about using the docker layers was that it provided another means of extending a package (since you can overlay the files).

umoci appears to only have UX for operating on files, but you can unpack and repack the image and make raw edits:

  umoci insert --image oci:foo mybinary /usr/bin/mybinary
  umoci insert --image oci:foo myconfigdir /etc/myconfigdir
  umoci insert --image oci:foo --opaque myoptdir /opt
  umoci insert --image oci:foo --whiteout /some/old/dir

I'm not sure about modifying the mime-types when using it as a library /cc @cyphar

WRT implementation:
What feels most appropriate in my opinion is for the unpack functionality whether it's ORAS based or using skopeo/umoci/something-else be integrated into the kustomize ref parser /w URI's and the execution occurring within kustomize libs (as opposed to us first unpacking and passing the resulting dir into kustomize).

from cluster-addons.

IIRC Helm3 is using ORAS with dedicated MIME-types so that's a consideration for parity.

from cluster-addons.

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

from cluster-addons.

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

from cluster-addons.

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

from cluster-addons.

@fejta-bot: Closing this issue.

from cluster-addons.