You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
UDS Core is published with multiple variations (Zarf flavors). Each flavor uses a separate source registry for the images. Each flavor is used as the suffix on the OCI tags for packages. For production use cases we recommend the `registry1` or `unicorn` flavors as these images tend to be more secure than their `upstream` counterparts.
8
+
9
+
{{% alert-note %}}
10
+
Demo and dev bundles (`k3d-core-demo` and `k3d-core-slim-dev`) are only published from the upstream flavor.
|`upstream`|`ghcr.io/defenseunicorns/packages/uds`| Various sources, typically DockerHub/GHCR/Quay, these are the default images used by helm charts |
19
+
|**ALPHA**`unicorn`|`ghcr.io/defenseunicorns/packages/private/uds`| Industry best images designed with security and minimalism in mind |
20
+
21
+
{{% alert-note %}}
22
+
The `unicorn` flavored packages are only available in a private repository. These packages are available for all members of the Defense Unicorns organization/company, if you are outside the organization [contact us](https://www.defenseunicorns.com/contactus) if you are interested in using this flavor for your mission.
Specific flavors of UDS Core have access and architecture restrictions when used for development work. The `upstream` flavor is generally recommended for development as it does not have any restrictions or requirements.
8
+
9
+
### Registry1
10
+
11
+
The `registry1` flavor uses images from [Ironbank](https://p1.dso.mil/services/iron-bank) which can only be pulled with authentication. Developers can self-register on [P1 SSO](https://login.dso.mil/) and retrieve a pull token for auth from [registry1's Harbor](https://registry1.dso.mil/). (In upper right corner, click --> User Profile, then click the Copy icon next to CLI secret, and use this for `docker login`.)
12
+
13
+
Images in `registry1` historically only supported `amd64` architectures. While some images do now support `arm64` architecture, uds-core only supports `amd64` for the `registry1` flavor. If developing on an `arm64` machine you will need to use a virtualization layer or an external dev box.
14
+
15
+
### Unicorn
16
+
17
+
The `unicorn` flavor uses images primarily from a private Chainguard repository. These images can be pulled by any developers in the Defense Unicorns organization once added to the Chainguard repository. Local authentication should be done with [chainctl](https://edu.chainguard.dev/chainguard/administration/how-to-install-chainctl/), specifically using the [credential helper](https://edu.chainguard.dev/chainguard/administration/how-to-install-chainctl/#configure-a-docker-credential-helper) for a seamless experience.
18
+
19
+
Developers outside of the Defense Unicorns organization/company will be unable to pull these images directly and should rely on CI testing for validation of this flavor. [Contact us](https://www.defenseunicorns.com/contactus) if you have a need to pull these images and develop on this flavor in particular.
0 commit comments