diff --git a/docs/5-zarf-tutorials/8-custom-init-packages.md b/docs/5-zarf-tutorials/8-custom-init-packages.md index a8447c8cfd..6f2e455b68 100644 --- a/docs/5-zarf-tutorials/8-custom-init-packages.md +++ b/docs/5-zarf-tutorials/8-custom-init-packages.md @@ -2,7 +2,7 @@ ## Introduction -In most cases the default Zarf 'init' Package will provide what you need to get started deploying packages into the air gap, however there are cases where you may want to tweak this package to tailor it for your target environment. This could include adding or removing components or including hardened versions of components specific to your use case. +In most cases the default Zarf 'init' Package will provide what you need to get started deploying packages into the air gap, however there are cases where you may want to tweak this package to tailor it for your target environment. This could include adding or removing components or including hardened versions of components specific to your use case. In this tutorial, we will demonstrate how to build a custom [Zarf 'init' Package](../3-create-a-zarf-package/3-zarf-init-package.md) with `zarf package create`. @@ -22,7 +22,7 @@ Before beginning this tutorial you will need the following: ## Building the init-package -Creating the zarf 'init' package is as simple as creating any other package. All you need to do is run the `zarf package create` command within the Zarf git repository. +Creating the zarf 'init' package is as simple as creating any other package. All you need to do is run the `zarf package create` command within the Zarf git repository. ```bash $ cd zarf # Enter the zarf repository that you have cloned down @@ -60,13 +60,13 @@ After you confirm package creation, Zarf will create the Zarf 'init' package in ## Customizing the 'init' Package -The above will simply build the init package as it is defined for your version of Zarf. To build something custom you will need to make some modifications. +The above will simply build the init package as it is defined for your version of Zarf. To build something custom you will need to make some modifications. -The Zarf 'init' Package is a [composed Zarf Package](../3-create-a-zarf-package/2-zarf-components.md#composing-package-components) made up of many sub-Zarf Packages. The root `zarf.yaml` file is defined at the root of the Zarf git repository. +The Zarf 'init' Package is a [composed Zarf Package](../3-create-a-zarf-package/2-zarf-components.md#composing-package-components) made up of many sub-Zarf Packages. The root `zarf.yaml` file is defined at the root of the Zarf git repository. ### Swapping Images -As of v0.26.0 you can swap the `registry` and `agent` images by specifying different values in the `zarf-config.toml` file at the root of the project or by overriding them as we did above with `--set` on the command line. This allows you to swap these images for hardened or enterprise-vetted versions like those from [Iron Bank](https://repo1.dso.mil/dsop/opensource/defenseunicorns/zarf/zarf-agent). +As of v0.26.0 you can swap the `registry` and `agent` images by specifying different values in the `zarf-config.toml` file at the root of the project or by overriding them as we did above with `--set` on the command line. This allows you to swap these images for hardened or enterprise-vetted versions like those from [Iron Bank](https://repo1.dso.mil/dsop/opensource/defenseunicorns/zarf/zarf-agent). For other components, or older versions of Zarf, you can modify the manifests of the components you want to change in their individual packages under the `packages` folder of the Zarf repo. @@ -74,18 +74,36 @@ For other components, or older versions of Zarf, you can modify the manifests of If your enterprise uses pull-through mirrors to host vetted images you can run the following command to create a Zarf 'init' package from those mirrors (where `.enterprise.corp` are your enterprise mirror(s)): -``` +```bash $ zarf package create . --set AGENT_IMAGE_TAG=vX.X.X \ --registry-override docker.io=dockerio.enterprise.corp \ --registry-override ghcr.io=ghcr.enterprise.corp \ --registry-override quay.io=quay.enterprise.corp ``` +And if you need even more control over the exact Agent, Registry, and Gitea images you can specify that with additional `--set` flags: + +```bash +$ zarf package create . \ +--set AGENT_IMAGE_TAG=$(zarf version) \ +--set AGENT_IMAGE="opensource/zarf" \ +--set AGENT_IMAGE_DOMAIN="custom.enterprise.corp" \ +--set REGISTRY_IMAGE_TAG=2.8.3 \ +--set REGISTRY_IMAGE="opensource/registry" \ +--set REGISTRY_IMAGE_DOMAIN="custom.enterprise.corp" \ +--set GITEA_IMAGE="custom.enterprise.corp/opensource/gitea" \ +--set GITEA_SERVER_VERSION="v1.19.3" +``` + +⚠️ - The Gitea image and version are different than the Agent and Registry in that Zarf will always prefer the `rootless` version of a given server image. This means that the above reference would template out to be `custom.enterprise.corp/opensource/gitea:v1.19.3-rootless`. If you need to change this, edit the `packages/gitea` package. + +You can find all of the `--set` configurations by looking at the `zarf-config.toml` in the root of the repository. + ::: ### Removing Components -You may not need or want all of the components in your 'init' package and may choose to slim down your package by removing them. Because the [Zarf Package is composed](../3-create-a-zarf-package/2-zarf-components.md#composing-package-components) all you need to do is remove the component that imports the component you wish to exclude. +You may not need or want all of the components in your 'init' package and may choose to slim down your package by removing them. Because the [Zarf Package is composed](../3-create-a-zarf-package/2-zarf-components.md#composing-package-components) all you need to do is remove the component that imports the component you wish to exclude. ## Troubleshooting diff --git a/packages/gitea/README.md b/packages/gitea/README.md index dbc6cc7296..316134c90a 100644 --- a/packages/gitea/README.md +++ b/packages/gitea/README.md @@ -1,3 +1,14 @@ ## Zarf Git Server -This package contains the Zarf Git Server to enable more advanced gitops-based deployments. See the [git-data](../../examples/git-data/) example for more on how Zarf handles `git` repositories. +This package contains the Zarf Git Server to enable more advanced gitops-based deployments. See the [git-data](../../examples/git-data/) example for more on how Zarf handles `git` repositories. + +### Image Values + +The default setup for this package is to use a `rootless` image, specified in the [gitea helm values](gitea-values.yaml). Because the gitea helm chart does its own appending of `-rootless` to the image tag, based on the `rootless` helm value, users don't need to supply the full image tag when overriding the default gitea image. Instead you need to use the `GITEA_SERVER_VERSION`, either in the zarf-config.toml or with `--set`. + +_Make sure, though, that the `x.x.x-rootless` tag does exist for Zarf to find._ + +```bash +$ zarf package create . --set GITEA_IMAGE="custom.enterprise.corp/ironbank/opensource/gitea" \ + --set GITEA_SERVER_VERSION="v1.19.3" +``` diff --git a/packages/gitea/gitea-values.yaml b/packages/gitea/gitea-values.yaml index 3ac892ba27..8ff5ee2008 100644 --- a/packages/gitea/gitea-values.yaml +++ b/packages/gitea/gitea-values.yaml @@ -44,4 +44,6 @@ postgresql: enabled: false image: + repository: "###ZARF_CONST_GITEA_IMAGE###" + tag: "###ZARF_CONST_GITEA_SERVER_VERSION###" rootless: true diff --git a/packages/gitea/zarf.yaml b/packages/gitea/zarf.yaml index 53eb5179e5..08652d3dac 100644 --- a/packages/gitea/zarf.yaml +++ b/packages/gitea/zarf.yaml @@ -35,13 +35,19 @@ variables: description: The number of git server replicas to deploy default: "1" +constants: + - name: GITEA_IMAGE + value: "###ZARF_PKG_TMPL_GITEA_IMAGE###" + - name: GITEA_SERVER_VERSION + value: "###ZARF_PKG_TMPL_GITEA_SERVER_VERSION###" + components: - name: git-server description: | Deploys Gitea to provide git repositories for Kubernetes configurations. Required for GitOps deployments if no other git server is available. images: - - gitea/gitea:1.19.3-rootless + - "###ZARF_PKG_TMPL_GITEA_IMAGE###:###ZARF_PKG_TMPL_GITEA_SERVER_VERSION###-rootless" manifests: - name: git-connect namespace: zarf diff --git a/zarf-config.toml b/zarf-config.toml index 946cfbcfdc..5f0f1b5357 100644 --- a/zarf-config.toml +++ b/zarf-config.toml @@ -13,3 +13,7 @@ injector_arm64_shasum = '663df681deea957b0ec53538eab221691a83de8e95d86b8a29008af registry_image_domain = '' registry_image = 'library/registry' registry_image_tag = '2.8.3' + +# The image reference to use for the optional git-server Zarf deploys +gitea_image = 'gitea/gitea' +gitea_server_version = '1.19.3'