Simplify Deploying Apps ontop of BigBang with Flux

[runyontr]

Is your feature request related to a problem? Please describe.
When deploying apps on top of big bang there are two options:

• Specify some complicated flux manifests to deploy it in the same paradigm as BigBang
• Deploy a native helm chart with Zarf performing the Helm install

Describe the solution you'd like

Add a parameter to ZarfChart

// ZarfChart defines a helm chart to be deployed.
type ZarfChart struct {
	Name        string   `json:"name" jsonschema:"description=The name of the chart to deploy, this should be the name of the chart as it is installed in the helm repo"`
	ReleaseName string   `json:"releaseName,omitempty" jsonschema:"description=The name of the release to create, defaults to the name of the chart"`
	Url         string   `json:"url,omitempty" jsonschema:"oneof_required=url,description=The URL of the chart repository or git url if the chart is using a git repo instead of helm repo"`
	Version     string   `json:"version" jsonschema:"description=The version of the chart to deploy, for git-based charts this is also the tag of the git repo"`
	Namespace   string   `json:"namespace" jsonschema:"description=The namespace to deploy the chart to"`
	ValuesFiles []string `json:"valuesFiles,omitempty" jsonschema:"description=List of values files to include in the package, these will be merged together"`
	GitPath     string   `json:"gitPath,omitempty" jsonschema:"description=If using a git repo, the path to the chart in the repo"`
	LocalPath   string   `json:"localPath,omitempty" jsonschema:"oneof_required=localPath,description=The path to the chart folder"`
	NoWait      bool     `json:"noWait,omitempty" jsonschema:"description=Wait for chart resources to be ready before continuing"`
	Flux        bool     `json:"flux,omitempty" jsonschema:"When Deploying the chart, leverage the Flux deployment to make a Source object and HelmRelease rather than Zarf performing the install"`
}

When flux is set to true, zarf would:

components:
  - name: demo-helm-releasename
    required: true
    charts:
      - name: podinfo
        releaseName: cool-name
        url: https://stefanprodan.github.io/podinfo
        version: 6.1.6
        namespace: helm-releasename
    images:
      - ghcr.io/stefanprodan/podinfo:6.1.6

Create:

• Download the provided Helm chart from either Git or the helm repo
• Download the required images for the helm chart

Deploy:

• Upload the images to the registry
• Upload the git repo to the gitea deployment
• Create a GitRepository object pointing at the repo
• Create secrets for each values file provided to the chart
• Create a HelmRelease for Flux to deploy the Helm chart, configured with values

Example

This same process is followed by the creation of a Flux wrapper around BigBang in https://github.com/defenseunicorns/zarf/blob/033374bf17ee223f69af5517bcb3f96ff40292d4/src/pkg/bigbang/bigbang.go#L311-L492

Additional context
This should balance the need for light runtime for tiny edge with cloud based consistency and resources by allowing Flux to manage the lifecycle of Helm

In order to do this for OCI objects only, These things need to be fixed

• Add http client and insecure tls tests for registry client helm/helm#11623
• Get helm to release that patch
• Update Source controller with that helm version and finish Add support for insecure registries in HelmRepositories of Type oci fluxcd/source-controller#807
• Released Flux with new source controller tag
• Get Flux through IronBank
• Release Flux in BigBang
• Profit

[runyontr]

To facilitate the OCI upload of charts and pulling from Flux, we would need fluxcd/source-controller#807 closed first since the Zarf registry is not https protected

Initial implementation is blocked by:

 kubectl get helmrepositories.source.toolkit.fluxcd.io -A
NAMESPACE   NAME      URL                                                              AGE   READY   STATUS
bigbang     bigbang   oci://zarf-docker-registry.zarf.svc:5000/charts/bigbang:1.47.0   70s   False   failed to login to registry 'oci://zarf-docker-registry.zarf.svc:5000/charts/bigbang:1.47.0': Get "https://zarf-docker-registry.zarf.svc:5000/v2/": http: server gave HTTP response to HTTPS client

[joelcomp1]

This seems like the same thing i am interested in doing but just thought I would comment here if anyone has additional info. I am intersted in using Flux like BigBang but using a Helm Repository. I wanted to just use existing registry that has the helm charts already but I can't seem to connect to it. I assume its a OCI registry and suffers from that helm unsecure bug that exists in both helm and flux today. Is there any alternative that I could use today minus hosting my own chart museum with zarf and pushing my helm charts there?

[AustinAbro321]

This was completed in #2005