Skip to content

[Feature]: --vendor-charts opt-in flag for air-gap bundles #663

Description

@lockwobr

Feature Summary

Add a --vendor-charts opt-in flag to aicr bundle (and the vendor-charts=true query parameter on the API server) that pulls upstream Helm chart bytes into the bundle at bundle time using the Helm SDK in-process. With the flag set, every component becomes a local chart in the bundle — enabling air-gap deployability.

Parent: #516. Depends on the base format library landing in the sub-issue that adopts --deployer helm first.

Problem / Use Case

The uniform numbered local-chart layout (scope A) eliminates component-type branching but still references upstream Helm chart registries at deploy time. For air-gap clusters, regulated environments, or deployments over flaky networks, the bundle must be self-contained — every byte needed to install lives inside the artifact.

Vendoring is opt-in for two reasons:

  • CVE-yank signal preservation. Non-vendored bundles fail loudly when an upstream chart version is yanked (prompting a rebundle with a fixed recipe). Vendored bundles silently deploy the frozen version, outliving the yank signal.
  • Bundle-time cost. Pulling charts adds bundle-time network dependency, bundle-time auth surface, and bundle size. Users who don't need air-gap shouldn't pay these costs by default.

Proposed Solution

Add --vendor-charts (bool, default false) to aicr bundle and the corresponding API query parameter.

When set, the base-format library (from the sub-issue 1 work) pulls upstream Helm chart bytes in-process via helm.sh/helm/v3 (repo.Entry, downloader.ChartDownloader, chartutil.ExpandFile) and writes them to NNN-<name>/charts/<chart>/ alongside a wrapper Chart.yaml.

For mixed Helm + raw-manifest components, --vendor-charts collapses the two-folder primary + -post emission from sub-issue 1 into a single wrapped folder. The vendored chart bytes go under charts/<upstream>/; raw manifests move into templates/*.yaml as helm hooks (helm.sh/hook: post-install) inside the wrapper. Deploy-time ordering preserved without the injected -post Application.

Wrapped Kustomize / raw-manifest-only components are unaffected — they're already local after the layout refactor.

Bundle-time audit log. Per vendored chart: (name, version, source URL, SHA256 digest). Written to the bundle (e.g. provenance.json) so downstream yank-list lookups are possible.

Auth. Reuse existing Helm conventions (HELM_REPOSITORY_USERNAME, HELM_REPOSITORY_PASSWORD) plus an explicit config block for the API server.

Success Criteria

  • --vendor-charts flag works for CLI and API server.
  • Vendored bundle installs end-to-end against KWOK with registry egress blocked at deploy time.
  • Each vendored chart has an audit-log entry with name, version, source URL, and SHA256.
  • Mixed components emit a single wrapped folder (collapsing sub-issue 1's primary + -post two-folder shape); raw manifests become helm hooks with correct post-install ordering.
  • Bundle-time auth works for authenticated chart registries via Helm env conventions.
  • docs/user/cli-reference.md documents the flag, the CVE-yank tradeoff, and the audit-log contents.
  • make qualify clean; test coverage gate satisfied.

Alternatives Considered

  • Shell out to helm pull. Requires helm CLI in the aicr bundle environment (and the API server pod). Rejected in favor of in-process Helm SDK for deploy-dependency hygiene.
  • Direct HTTP / go-containerregistry. Smaller dependency footprint but forces us to reimplement chart repo semantics and provenance. Rejected.
  • Mandatory vendoring (no flag). Simpler code path but imposes bundle-time network / auth / size costs on every user and makes offline bundling impossible. Rejected.

Component

Bundlers (gpu-operator, network-operator, etc.)

Priority

Important (would improve my workflow)

Compatibility / Breaking Changes

Additive and opt-in. Non-vendored behavior is the default and unchanged. Users who don't set --vendor-charts see zero difference from today's behavior (after sub-issue 1 lands).

Operational Considerations

  • Bundle-time network egress required when flag is set — including for the API server pod.
  • Bundle-time credentials required for private chart registries.
  • Bundle size grows substantially (0.5–5 MB per chart unpacked; meaningful for OCI image publishing).
  • CVE-yank side effect documented alongside the flag: vendored bundles outlive upstream yank signals.

Are you willing to contribute?

Maybe, with guidance

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions