defenseunicorns
Actually use emptydir mount when persistence is disabled
Description
In #2124, an emptydir was mounted when persistence.enabled: false is set. However, this is not enough to make registry work: it crashloops as in issue #1998:
Configuration error: error parsing /etc/docker/registry/config.yml: no storage configuration provided
This is fixed by setting the env variable specifying storage config even if persistence is disabled:
Related Issue
Fixes #1998
Checklist before merging
- [ ] Test, docs, adr added or updated as needed
- [ ] Contributor Guide Steps followed
Deploy Preview for zarf-docs canceled.
| Name | Link |
|---|---|
| Latest commit | c19a563d31d98a1b7f4c70112f0b6c96e44c6248 |
| Latest deploy log | https://app.netlify.com/sites/zarf-docs/deploys/673cd3f595d88a000804929e |
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
🚨 Try these New Features:
- Flaky Tests Detection - Detect and resolve failed and flaky tests
- JS Bundle Analysis - Avoid shipping oversized bundles
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hey, really appreciate this PR, and this is a bug. The persitence.enabled block on there was added specifically with a s3 backend in mind. I'm not sure if this change would break that use case, but the team and I will need to add a test to the Zarf repo first before I'd feel comfortable with this change. Marking this as blocked for now, and I will circle back when that test is merged.
To provide some context, I use this to bootstrap Zarf on a cluster where there's no PV provisioner available. The way I do it is to install Rancher's local-path-provisioner as part of Zarf init package:
components:
# This package moves the injector & registries binaries
- name: zarf-injector
required: true
import:
path: zarf/packages/zarf-registry
# Creates the temporary seed-registry with ephemeral PV to install local path provisioner
- name: zarf-seed-registry
required: true
import:
path: zarf/packages/zarf-registry
actions:
onDeploy:
before:
- cmd: echo "false"
setVariables:
- name: REGISTRY_PVC_ENABLED
# Creates the temporary seed local path provisioner with ephemeral PV to install local path provisioner
- name: seed-local-c-provisioner
required: true
import:
path: zarf-local-path-provisioner
# Creates the permanent registry
- name: zarf-registry
required: true
import:
path: zarf/packages/zarf-registry
actions:
onDeploy:
before:
- cmd: echo "true"
setVariables:
- name: REGISTRY_PVC_ENABLED
# Reinstall local path provisioner to get its image inserted into permanent registry
- name: local-path-provisioner
required: true
import:
path: zarf-local-path-provisioner
# Creates the pod+git mutating webhook
- name: zarf-agent
required: true
import:
path: zarf/packages/zarf-agent
Without this, I'd need to make local-path-provisioner installation part of pre-Zarf process.
I'd like to revisit this PR and review two items:
- If this modification should be able to dynamically handle the permutations 1.a. It appears as though there are three possible scenarios: emptyDir, S3, and a k8s PVC. There could be more room here to improve the flexibility to support the required environment variable when needed.
- The intended behavior can be achieved via a workaround such as:
# zarf.yaml
- name: zarf-seed-registry
required: true
import:
url: oci://ghcr.io/zarf-dev/packages/init:v0.63.0
charts:
- name: docker-registry
valuesFiles:
- overrides/registry-values-longhorn.yaml
and
# overrides/registry-values-longhorn.yaml
persistence:
enabled: false
extraEnvVars:
- name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
value: "/var/lib/registry"
@xyzzyz are you still interested in pursuing this update or would you like to close it out?
