Skip to content

fix(tools): update-creds handle registry subpaths #4026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 30, 2025
Merged

fix(tools): update-creds handle registry subpaths #4026

merged 2 commits into from
Jul 30, 2025

Conversation

brandtkeller
Copy link
Member

@brandtkeller brandtkeller commented Jul 29, 2025
edited
Loading

Description

Fix support for subpaths in the use of external registries during zarf tools update-creds agent.

Most managed external registries will not have the root registry available to push images. Rather a organization with nested projects may be defined - such as registry.example.com/organization.

Zarf init for the agent - which is pre-mutation - is set as registry.example.com/organization/zarf-dev/zarf/agent:<tag>

In this scenario - the current logic for updating the agent tls certificate was identifying:
registry = registry.example.com
path = organization/zarf-dev/zarf/agent

and assigning the full path - organization/zarf-dev/zarf/agent - to the image - which when the registry is appended now equals registry.example.com/organization/organization/zarf-dev/zarf/agent:<tag>.

This fixes the behavior by trimming subpaths when present - as the registry-url should indeed declare subpaths if utilized.

Related Issue

Fixes #4024

Checklist before merging

@brandtkeller
fix(tools): update-creds handle registry subpaths
59739a0 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
@brandtkeller brandtkeller self-assigned this Jul 29, 2025
@netlify Netlify
Copy link

netlify bot commented Jul 29, 2025
edited
Loading

Deploy Preview for zarf-docs canceled.

Name Link
🔨 Latest commit f54ca9f
🔍 Latest deploy log https://app.netlify.com/projects/zarf-docs/deploys/688941f52e790b00088e60a0

@codecov Codecov
Copy link

codecov bot commented Jul 29, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 6 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
src/internal/packager/helm/zarf.go 0.00% 6 Missing ⚠️
Files with missing lines Coverage Δ
src/internal/packager/helm/zarf.go 0.00% <0.00%> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@brandtkeller
fix(test): proper subpath on external test
f54ca9f 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
@brandtkeller brandtkeller marked this pull request as ready for review July 29, 2025 22:14
@brandtkeller brandtkeller requested review from a team as code owners July 29, 2025 22:14
AustinAbro321
AustinAbro321 approved these changes Jul 30, 2025
View reviewed changes
Copy link
Contributor

@AustinAbro321 AustinAbro321 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@brandtkeller brandtkeller added this pull request to the merge queue Jul 30, 2025
Merged via the queue into main with commit 6bc63d5 Jul 30, 2025
28 of 29 checks passed
@brandtkeller brandtkeller deleted the 4024_agent_subpath branch July 30, 2025 20:23
Ansible-man pushed a commit to Ansible-man/zarf that referenced this pull request Sep 6, 2025
@brandtkeller @Ansible-man
fix(tools): update-creds handle registry subpaths (zarf-dev#4026)
b22deee 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
Signed-off-by: Cade Thomas <cadethomas23@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AustinAbro321 AustinAbro321 AustinAbro321 approved these changes

Assignees

@brandtkeller brandtkeller

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Zarf breaks its own image path when updating cert after it is expired - Cluster outage possible
2 participants
@brandtkeller @AustinAbro321