Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5275

Native OCI Support in Argo CD

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • GitOps
    • None
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      What is the nature and description of the request?

      Currently, Argo CD leverages a native feature of Helm to retrieve Helm Charts that are packaged and stored as OCI artifacts. The industry is beginning to see a rapid adoption of OCI Artifacts as a methods for packaging, storing and retrieving content. Examples include AI Models, Software Bill of Materials (SBOM), and WASM Modules.

      Argo CD relies on two primary methods for sourcing content:

      • Git
      • Helm Chart Repositories (HTTP based/OCI)

       
      Git repositories are the primary method for storing assets that are consumed by Argo CD. However, in many environments that Argo CD is deployed within, access to a Git Server may not be available (Infrastructure availability, restrictions on communication from source to destination, or organizational/regulatory requirements).

      Support should be added to Argo CD to provide a method for leveraging OCI Artifacts as a first class storage method for manifests that are processed by any of the supported tools.
       
      Additionally, to simplify the process and lower the barrier of entry for end users, additional functionality should be added to the Argo CD CLI to provide capabilities for managing OCI Artifacts (packaging, retrieval, inspection).

      Since OCI Artifacts are stored in standard container registries, many of the same paradigms for managing traditional container images can be reused, while providing a universal method for storing and managing GitOps related content.

      This request would implement the Argo CD first-class OCI support proposal in the Argo CD community.
       
      Why does the customer need this? (List the business requirements here)
       
      Argo CD sources content from systems external to the Argo CD platform. 

      • Git repository
      • HTTP server hosting Helm repository
      • Container registry hosting Helm OCI artifact
        In many organizations, it may not be possible to retrieve these types assets due to content availability concerns or organizational requirements. The former two types require that additional infrastructure be made available in order to host GitOps content. Access to the required infrastructure needed to support Argo CD may not be possible due to the following:
          # Lack of infrastructure to host GitOps content
      1. Access restrictions
        1. Network availability of content (network design separation, disconnected, restricted, edge)
        2. Method for accessing secured content (Authentication/authorization).
      2. Separation of concerns between development tooling (Git) and operations
        1. Many organizations consider Git to be a development tool and should not be used within operational environments
           

      Due to these limitations, many organizations are unable to leverage both the capabilities provided by Argo CD/OpenShift GitOps nor reap the benefits that are inherently provided by the technology.

      By utilizing OCI Artifacts as a method for packaging, storing and managing content that is source by Argo CD, existing infrastructure (Container registries) and processes (CI/CD) can be reused (similar tooling, transport methods, security), eliminating many of the restrictions that are currently in place.

       

      How would the customer like to achieve this? (List the functional requirements here)

      The following enhancement should be added to Argo CD and aligns to the proposal for adding native OCI support in the Argo CD Community.

      • Provide GitOps sources (directory containing manifests/Helm chart) and leverage the content as OCI artifact using supported tools (Argo CD CLI)
      • Utilize OCI Repository Source
        • Utilize content with any of the supported Argo CD tools
        • Access Management (Authentication/Authorization)
      • Updates to the Argo CD User Interface
        • Update repository source dialogs to account for OCI Artifact type
        • Credentials management

       

      For each functional requirement listed in question 4, specify how Red Hat and the customer

      Leverage the native capabilities of Argo CD to natively source GitOps related content as OCI artifacts.

      • Creating and publishing Argo CD assets as OCI artifacts using Argo CD CLI
      • Utilize `Application`/`ApplicationSet` resources to retrieve content stored as OCI Artifacts
        • Access content from secured registries

              halawren@redhat.com Harriet Lawrence
              ablock@redhat.com Andrew Block
              None
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved:
                None
                None