dashboard icon indicating copy to clipboard operation
dashboard copied to clipboard

Published 20 hours ago verified publisher icon rancher

Ability to use OCI Helm Chart Registry in Apps&Marketplace

Open rohitsakala opened this issue 1 year ago • 16 comments

Internal Reference: SURE-7573

Is your feature request related to a problem? Please describe. Helm supports OCI-based helm charts since 3.8.0 and Rancher doesn't through Apps & Markatplace. Backend is being done for it through this RFC https://confluence.suse.com/display/RMI/Support+OCI+Registry+based+Helm+Charts

Describe the solution you'd like RFC https://confluence.suse.com/display/RMI/Support+OCI+Registry+based+Helm+Charts

UI Specific

  • [x] https://confluence.suse.com/display/RMI/Support+OCI+Registry+based+Helm+Charts
  • [x] The add cluster repo page should contain a new target named oci url in addition to http and git and only show basic auth as oci only supports basic auth right now.
  • [x] Add experimental banner for OCI as this feature is experimental
  • [x] There is a way to not show Created date of index in the Individual Chart page if the Created date is zero
  • [x] There is a way to specify plainHTTP checkbox if OCI target is selected.
  • [x] There is a way to specify that users are recommended to add only OCI URLs that contain only helm charts. For example oci://dp.apps.rancher.io/charts or oci://registry-1.docker.io/rohitsakala/testingchart.

OCI URL's must contain ONLY helm charts. For example oci://test.rancher.io/charts or oci://test.rancher.io/charts/mychart. The list of charts available from the repository are updated every 6 hours.

  • [x] In the individual Charts page, the UI must fetch the Application Version, Home, Maintainers values from the response of the link=info API call.
  • [x] There is a way to specify the ExponentialBackOff values in the Create ClusterRepo page from the user to fill in this struct
type ExponentialBackOffValues struct {
	MinWait    int  `json:"minWait,omitempty"`
	MaxWait    int `json:"maxWait,omitempty"`
	MaxRetries int     `json:"maxRetries,omitempty"`
}

which is in the spec of the clusterRepo. These are optional values and the default values set in the backend from 1s,5s,5 respectively. The minimum is 1 second

  • [x] When the individual chart page is loaded, if the backend sends an error, that error should be shown in the UI.
  • [x] There is a way to specify caBundle and InsecureSkipTLSverify for all targets.

These tasks will be delayed since docs page needs to be setup first.

  • [ ] There is a way to show docs page for OCI
  • [ ] There is way that ExponentailBackOffValues struct will show have a docs link pointing on how to use it and how it works.

rohitsakala avatar Sep 29 '23 18:09 rohitsakala

JIRA-3173

gunamata avatar Sep 29 '23 20:09 gunamata

@rohitsakala is there a target milestone for the feature?

richard-cox avatar Oct 02 '23 06:10 richard-cox

@richard-cox Yes it would be Q1-2.8 Rancher release

rohitsakala avatar Oct 02 '23 15:10 rohitsakala

Waiting on the backend to be ready before working on this. Checking with @gunamata on what tickets they have to track on their side.

gaktive avatar Nov 03 '23 18:11 gaktive

@gaktive , Here's the backend ticket - https://github.com/rancher/rancher/issues/29105

gunamata avatar Nov 03 '23 19:11 gunamata

I assume that this is no longer targeted for 2.8, now that 2.8.0 released?

CC007 avatar Dec 20 '23 00:12 CC007

@CC007 correct, we'll look now for 2.9.0 as the various teams align on working on this.

gaktive avatar Feb 12 '24 16:02 gaktive

From confluence it looks like the cluster repo resource accepts a url that's either http/s or oci. It also states that the url can either be all repos at the location or a specific repo

The possible values for the URL are oci://registry-1.docker.io/abc/helm-test-chart or
 oci://test.azurecr.io. (Mandatory)

If the input is oci://test.azure.io  that means it only has the host URL of the registry and
 the backend code should find all repositories and tags in that registry. 

If the input is oci://testr.azure.io/abc/helm-test-chart , it has the host URL for the 
registry test.azure.io  and namespace being abc/helm-test-chart . So we only fetch
 all the tags in that particular registry/repository namespace.

oci://test.azure.io

registry_host_url: test.azure.io 
repository_namespace: 

oci://test.azure.io/abc/helm-test-chart

registry_host_url: test.azure.io 
repository_namespace: abc/helm-test-chart

Note is also goes on to talk about tags

In SURE-7218 it was discussed to reduce the impact of large helm repos by targeting a specific chart.

Looks like there's some misalignment on terminology. The OCI registry host would equate to the helm repository, and the repository the chart(S).

I think then SURE-7218 would be alright if we offered the user the proposed two input fields of registry_host_url and repository_namespace (not quite sure what we'd call them...)

Edit: tags where also specified in the RFC and below, so we would need to construct the url via three fields

(registry_host_url) / (repository_namespace) : (tag)

richard-cox avatar Feb 21 '24 17:02 richard-cox

@richard-cox Yes the values can be

  1. oci://test.acure.io/charts/etcd:1.0.0
  2. oci://test.acure.io/charts/etcd
  3. oci://test.acure.io/charts
  4. oci://test.acure.io

@mattfarina suggested to use only one URL field for specifying OCI URL since fleet also gives a URL field. This maintains consistency.

can we please have this conversation in JIRA ? if possible ? Thanks

rohitsakala avatar Feb 23 '24 17:02 rohitsakala

@rohitsakala These would be UI input fields that would be used to construct the URL sent your way, rather than a request for you to change the underlying resource

richard-cox avatar Feb 28 '24 09:02 richard-cox

@richard-cox yes but @mattfarina suggested only one field.

but please feel free to do what the UI team thinks right according to the user experience. I am okay with anything

rohitsakala avatar Feb 28 '24 13:02 rohitsakala

@kwwii based on the requirements, I have some ux/ui questions:

  • Should we go with separate inputs for different parts of the url: (registry_host_url) / (repository_namespace) : (tag)

  • How should we display these information to the user:

    Add experimental banner for OCI as this feature is experimental

    There is a way to specify that users are recommended to add only OCI URLs that contain only helm charts for better performance...

  • Also there are three more values that need to be specified for ExponentialBackOff: MinWait, MaxWait and MaxRetries. A UI mock might be helpful for the whole section.

momesgin avatar Apr 09 '24 19:04 momesgin

@rohitsakala should UI do something about this item?

There is a way to not show Created date of index in the Individual Chart page if the Created date is [zero]

momesgin avatar Apr 09 '24 19:04 momesgin

@momesgin RE Should we go with separate inputs for different parts of the url: (registry_host_url) / (repository_namespace) : (tag) i think in planning the vote was to keep this as a single field

richard-cox avatar Apr 10 '24 06:04 richard-cox

@momesgin Be sure to add a proper placeholder to reflect the url/namespace:tag information the user needs to enter

kwwii avatar Apr 10 '24 12:04 kwwii

@momesgin Yes, index.yaml is recieved by the UI and the UI should not display the date&time in the List of Versions column when the time field is zero or empty.

rohitsakala avatar Apr 11 '24 22:04 rohitsakala

I found a small issue related to this feature which would be good to add to our test coverage but that can be tracked in the issue itself. aside from that, the e2e test coverage is sufficient. moving this to done @izaac

yonasberhe23 avatar May 24 '24 19:05 yonasberhe23