Publish bundles and Allow Install From Tag #379
Conversation
jeremyrickard
force-pushed
the
publish-bundles
branch
from
feaac0a
to
8671c52
Compare
cmd/porter/bundle.go
Outdated
| f.StringVarP(&opts.Tag, "tag", "t", "", | ||
| "Install from a bundle in an OCI registry specified by the given tag") | ||
| f.BoolVar(&opts.InsecureRegistry, "insecure-registry", false, | ||
| "Treat the given bundle registry as insecure") |
There was a problem hiding this comment.
Can we improve this error message a bit? Based on what you told me, I think it means "Allow connecting to a registry that isn't secured with TLS certificates" or something like that, no?
cmd/porter/bundle.go
Outdated
| @@ -288,7 +291,7 @@ func buildBundlePublishCommand(p *porter.Porter) *cobra.Command { | |||
|
|
|||
| f := cmd.Flags() | |||
| f.StringVarP(&opts.File, "file", "f", "", "Path to the Porter manifest. Defaults to `porter.yaml` in the current directory.") | |||
| f.StringVarP(&opts.Tag, "tag", "t", "", "Tag to apply to the CNAB bundle. Defaults to the `Tag` value currently in the Porter manifest.") | |||
| f.BoolVar(&opts.InsecureRegistry, "insecure", false, "Treat the registry as insecure.") | |||
There was a problem hiding this comment.
Just a note that whatever we change the flag description to above, let's change this one as well.
docs/content/distributing-bundles.md
Outdated
|
|
||
| * This needs to wait until bundle registries is figured out | ||
| Before you can publish your bundle, you must first run a `porter build` command. This will create the invocation image so it can be pushed to an OCI (Docker) registry along with your CNAB bundle manifest. It's a good idea to work with your bundle and test it locally before you decide to publish it to a registry. |
There was a problem hiding this comment.
nit: "before you decide to publish" -> "before you publish"
docs/content/distributing-bundles.md
Outdated
| ## Bundle Publish | ||
|
|
||
| Once you are satisfied with the bundle, the next step is to publish the bundle! Bundle publishing involves pushing the both the invocation image and the CNAB bundle manifest to an OCI registry. Porter uses [docker tags](https://docs.docker.com/engine/reference/commandline/tag/) for both nvocation images and CNAB bundle manifests. These are defined in your `porter.yaml` file: |
There was a problem hiding this comment.
spelling: "nvocation images" -> "invocation images"
docs/content/distributing-bundles.md
Outdated
| ``` | ||
|
|
||
| This YAML snippet indicates that the invocation image will be built and tagged as `deislabs/porter-kubernetes:latest`. The first part of this reference, `deislabs` indicates the registry that the invocation image should eventually be published to. The `porter-kubernetes` segment identifies the iamge, while the `:latest` portion denotes a specific version. Much like the `invocationImage` attribute is used to control the name of resulting Docker invocation image, the `tag` attribute is used to specify the name and location of the resulting CNAB bundle. In both cases, when you are ready to publish your bundle, it would be a good idea to provide specific versions for both of these, such as `v1.0.0`. We recommend using [semantic versioning](https://semver.org/) for both the invocation image and the bundle. We also recommend specifying the same registry for both, in order to simplify access to your bundle and invocation image by end users. |
pkg/cache/cache.go
Outdated
| bid := getBundleID(bundleTag) | ||
| bundleCnabDir, err := c.getCachedBundleCNABDir(bid) | ||
| cachedBundlePath := filepath.Join(bundleCnabDir, "bundle.json") | ||
| c.FileSystem.MkdirAll(bundleCnabDir, os.ModePerm) |
There was a problem hiding this comment.
This isn't checking for an error
pkg/cache/cache.go
Outdated
| // hash the tag, tags have characters that won't work as part of a path | ||
| // so hashing here to get a path friendly name | ||
| bid := md5.Sum([]byte(bundleTag)) | ||
| return fmt.Sprintf("%x", bid) |
There was a problem hiding this comment.
You can also use hex.EncodeToString. Not sure if that's better or not, or if fmt uses that under the hood. It may be more clear though.
| @@ -46,6 +64,21 @@ func (o *InstallOptions) ToDuffleArgs() cnabprovider.InstallArguments { | |||
| // InstallBundle accepts a set of pre-validated InstallOptions and uses | |||
| // them to install a bundle. | |||
| func (p *Porter) InstallBundle(opts InstallOptions) error { | |||
| // If opts.Tag is set, fetch the bundle | |||
There was a problem hiding this comment.
I see you had to put this here because there's a bug in applyDefaultOptions. It assumes there there is always a porter.yaml to load. Heads up that I'm fixing that as part of the work I'm doing today on rebuilding before actions when the hash is out of date.
pkg/porter/install_test.go
Outdated
| @@ -89,6 +90,7 @@ func TestInstallOptions_validateParams(t *testing.T) { | |||
| sharedOptions{ | |||
| Params: []string{"A=1", "B=2"}, | |||
| }, | |||
| BundlePullOptions{}, | |||
There was a problem hiding this comment.
Since you declared InstallOptions with BundlePullOptions as an embedded type (and not a pointer), you don't need to have this line here. Same for the other tests below. I
The only time you need stuff like this line here is if you defined it like this instead
type InstallOptions struct {
*BundlePullOptions
}
There was a problem hiding this comment.
huh, the compiler complained until I added this.
| pwd, err := os.Getwd() | ||
| if err != nil { | ||
| return errors.Wrap(err, "could not get current working directory") | ||
| } | ||
| f = filepath.Join(pwd, config.Name) |
There was a problem hiding this comment.
I notice that we are duplicating validation between sharedOptions and here. As part of my --cnab-file work, I'm making another struct that is going to extract out logic for --file and --cnab-file that will do the common validation for these flags across all the commands. Just a heads up.
This PR starts down the road of implementing a bundle cache per #322. It doesn't fully implement that issue, but lays some groundwork.
The major addition here is that users can now
porter publisha bundle to an OCI registry using cnab-to-oci and install a bundle from an OCI registry using a new--tagflag onporter install:When the
--tagflag is provided, Porter will attempt to locate the specified bundle in the new ~/.porter/cache directory using the hashed tag name as a directory key. If it is not found, it is pulled withcnab-to-oci, stored in the cache, and the new path in the cache is returned and used to update the install opts. If it is found, the cached path is returned.Sorry this is rather large.