FairwindsOps/nova

Support OCI chart repositories

Closed this issue · 2 comments

Gui13 commented

Is your feature request related to a problem? Please describe.

OCI is supported by Helm since Jan 2022.

This is becoming the main distribution channel for Helm charts, since it piggybacks on Docker registries and facilitates scanning & policies applications.
As of today, Nova cannot use OCI repositories, since it depends on the package list of ChartMuseum format. It would be a good step

Some popular registries (harbor for instance) are migrating to OCI-only support, and thus cannot be used when scanning with the current Nova software.

Describe the solution you'd like

I would like nova to implement the ability to scan for semver versions of charts in an OCI repository. It is possible already using the Helm command line like this:

helm show crds oci://my-repository_url/my-chart which shows the latest helm chart found on the OCI repo

Describe alternatives you've considered

There are many helm chart "exporters" out there, but none of them has proper OCI support. Even helm-exporter has closed his issue about this.

Additional context

Note that the OCI spec doesn't specify a "search" axiom (it is in the works, or least identified).

Agreed, this would be a very good thing to add to Nova as OCI becomes common.

@sudermanjr the issue is being closed as completed, without any commit indicating that the work has been done.

Did you guys implement it in a "paid" version?

I am actually interested in using it, even commercially.