/oci-chartrepo

helm chartrepo host on oci registry

Primary LanguageGo

OCI-ChartRepo

OCI (Open Container Initiative) is an open governance structure for the express purpose of creating open industry standards around container formats and runtimes.

Helm 3 supports OCI for package distribution. Chart packages are able to be stored and shared across OCI-based registries. Here

OCI Artifacts actually use an existing docker repository as an infrastructure, extending its capabilities to support other types of artifacts

oci-chartrepo as an adapter that supports the transformation of OCI data structures into standard chart repository data structures.

How to use

Helm v3

  # There is a docker registry run locally on localhost:5000
  $ helm chart save mychart/ localhost:5000/myrepo/mychart:2.7.0

  # Install helm push plugin
  $ helm plugin install https://github.com/chartmuseum/helm-push.git
  $ helm chart push localhost:5000/myrepo/mychart:2.7.0

  # The directory structure of the chart artifacts cache also follows the OCI Image specification, you can see the mediaType in index.json is `application/vnd.oci.image.manifest.v1+json`

Launch arguments

    --port                      # The server listen port (default is 8080)
    --storage                   # Storage backend (only registry for now)
    --storage-registry-repo     # Your oci registry address (eg. 192.168.0.1:5000)
    --storage-registry-scheme   # Your oci registry address scheme (HTTP or HTTPS), default is empty means that the scheme will be automatically determined

APIS

    /index.yaml     # Get the OCI data from --storage-registry-repo, then transform them into standard chart repository data structures.
    /charts/:name   # Download a chart artifact

Build

# Locally bin
make build

# Docker
docker build -t oci-chart-registry .

How to Run

Run locally

docker run -d --restart=always --name oci-chart-registry \
-p 8088:8080 \
oci-chart-registry --storage=registry --storage-registry-repo={your_registry_addr} --port=8080

# If your registry equires user authentication, a file in dockerconfigjson(kubernetes secret type) format needs to be mounted into container /etc/secret/dockerconfigjson
# In the docker run scenario, the content of dockerconfigjson in kubernetes secret needs to be base64 decoded, and then stored it into the ~/dockerconfigjson file
# How to generate dockerconfigjson, please refer to the section "Run in kubernetes"
docker run -d --restart=always --name oci-chart-registry \
-p 8088:8080 \
-v ~/dockerconfigjson:/etc/secret/dockerconfigjson \
oci-chart-registry --storage=registry --storage-registry-repo={your_registry_addr} --storage-registry-scheme=HTTPS --port=8080

Run in kubernetes

# Generate secret config file if you need.
# The dockerconfigjson content can be generated by the following command:
kubectl create secret docker-registry my-registry-secret --docker-server=DOCKER_REGISTRY_SERVER --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL

# Please modify the --storage-registry-repo and --storage-registry-scheme parameters before apply
kubectl apply -f deploy/oci-chart-registry-deployment.yaml