README ¶
Zarf - DevSecOps for Air Gap
Zarf eliminates the complexity of air gap software delivery for Kubernetes clusters and cloud native workloads using a declarative packaging strategy to support DevSecOps in offline and semi-connected environments.
📦 Out of the Box Features
- Automate Kubernetes deployments in disconnected environments
- Automate Software Bill of Materials (SBOM) generation
- Provide a web dashboard for viewing SBOM output
- Deploy a new cluster while fully disconnected with K3s or into any existing cluster using a kube config
- Builtin logging stack with Loki
- Builtin git server with Gitea
- Builtin docker registry
- Builtin K9s Dashboard for managing a cluster from the terminal
- Mutating Webhook to automatically update Kubernetes pods image path and pull secrets as well as Flux Git Repository URLs and secret references
- Builtin command to find images and resources from a helm chart
- Tunneling capability to connect to Kuberenetes resources without network routing, DNS, TLS or Ingress configuration required
🛠️ Configurable Features
- Customizable packages variables with defaults and user prompting
- Composable packages to include multiple sub-packages/components
- Filters to select the correct architectures/operating systems for packages
Early Zarf research and prototypes were developed jointly with United States Naval Postgraduate School research you can read here.
Demo
https://www.youtube.com/watch?v=WnOYlFVVKDE
Getting Started
To try Zarf out for yourself, visit the "Try It Now" section on our website, and if you want to learn more about Zarf and its use cases visit docs.zarf.dev.
From the docs you can learn more about installation, using the CLI, making packages, and the Zarf package schema.
Using Zarf in Github workflows? Checkout the setup-zarf action. Install any version of Zarf and it's init
package with zero added dependencies.
Developing
To contribute, please see our Contributor Guide. Below is an architectural diagram showing the basics of how Zarf functions which you can read more about here.
Special Thanks
We would also like to thank the following awesome libraries and projects without which Zarf would not be possible!
Directories ¶
Path | Synopsis |
---|---|
cli
module
|
|
src
|
|
cmd
Package cmd contains the CLI commands for zarf contains the CLI commands for zarf
|
Package cmd contains the CLI commands for zarf contains the CLI commands for zarf |
config
Package config stores the global configuration and constants
|
Package config stores the global configuration and constants |
config/lang
Package lang contains the language strings for english used by Zarf Alternative languages can be created by duplicating this file and changing the build tag to "//go:build alt_language && <language>"
|
Package lang contains the language strings for english used by Zarf Alternative languages can be created by duplicating this file and changing the build tag to "//go:build alt_language && <language>" |
pkg/k8s
Package k8s provides a client for interacting with a Kubernetes cluster.
|
Package k8s provides a client for interacting with a Kubernetes cluster. |
pkg/message
Package message provides a rich set of functions for displaying messages to the user.
|
Package message provides a rich set of functions for displaying messages to the user. |
pkg/packager
Package packager contains functions for interacting with, managing and deploying zarf packages
|
Package packager contains functions for interacting with, managing and deploying zarf packages |
pkg/pki
Package pki provides a simple way to generate a CA and signed server keypair
|
Package pki provides a simple way to generate a CA and signed server keypair |
pkg/utils
Package utils provides generic helper functions
|
Package utils provides generic helper functions |
test/e2e
Package test provides e2e tests for zarf
|
Package test provides e2e tests for zarf |
types
Package types contains all the types used by Zarf
|
Package types contains all the types used by Zarf |
test
|
|
e2e
Module
|