$ zarf package create .

kind: ZarfInitConfig
metadata:
  name: init
  description: Used to establish a new Zarf cluster
components:
- name: k3s
  description: "*** REQUIRES ROOT *** Install K3s, certified Kubernetes distribution built for IoT & Edge computing. K3s provides the cluster need for Zarf running in Appliance Mode as well as can host a low-resource Gitops Service if not using an existing Kubernetes platform."
  only:
    localOS: linux
    cluster:
      architecture: arm64
  actions:
    onDeploy:
      defaults:
        maxRetries: 5
      before:
      - maxRetries: 0
        cmd: ./zarf internal is-valid-hostname
      - cmd: "[ -e /etc/redhat-release ] && systemctl disable firewalld --now || echo ''"
      after:
      - cmd: systemctl daemon-reload
      - cmd: systemctl enable k3s
      - cmd: systemctl start k3s
  files:
  - source: packages/distros/k3s/common/zarf-clean-k3s.sh
    target: /opt/zarf/zarf-clean-k3s.sh
    executable: true
  - source: packages/distros/k3s/common/k3s.service
    target: /etc/systemd/system/k3s.service
    symlinks:
    - /etc/systemd/system/multi-user.target.wants/k3s.service
  - source: https://github.com/k3s-io/k3s/releases/download/v1.24.1+k3s1/k3s-arm64
    shasum: bd8b87d215f7a073d0139a0ab70e3fbeaa76e1b9ce6c00cd8d471cb44ba80687
    target: /usr/sbin/k3s
    executable: true
    symlinks:
    - /usr/sbin/kubectl
    - /usr/sbin/ctr
    - /usr/sbin/crictl
  - source: https://github.com/k3s-io/k3s/releases/download/v1.24.1+k3s1/k3s-airgap-images-arm64.tar.zst
    shasum: 12029e4bbfecfa16942345aeac798f4790e568a7202c2b85ee068d7b4756ba04
    target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst
- name: zarf-injector
  description: |
    Bootstraps a Kubernetes cluster by cloning a running pod in the cluster and hosting the registry image.
    Removed and destroyed after the Zarf Registry is self-hosting the registry image.
  required: true
  cosignKeyPath: cosign.pub
  files:
  - source: sget://defenseunicorns/zarf-injector:arm64-2023-02-09
    target: "###ZARF_TEMP###/zarf-injector"
    executable: true
- name: zarf-seed-registry
  description: |
    Deploys the Zarf Registry using the registry image provided by the Zarf Injector.
  required: true
  charts:
  - name: docker-registry
    releaseName: zarf-docker-registry
    version: 1.0.0
    namespace: zarf
    valuesFiles:
    - packages/zarf-registry/registry-values.yaml
    - packages/zarf-registry/registry-values-seed.yaml
    localPath: packages/zarf-registry/chart
- name: zarf-registry
  description: |
    Updates the Zarf Registry to use the self-hosted registry image. 
    Serves as the primary docker registry for the cluster.
  required: true
  charts:
  - name: docker-registry
    releaseName: zarf-docker-registry
    version: 1.0.0
    namespace: zarf
    valuesFiles:
    - packages/zarf-registry/registry-values.yaml
    localPath: packages/zarf-registry/chart
  manifests:
  - name: registry-connect
    namespace: zarf
    files:
    - packages/zarf-registry/connect.yaml
  - name: kep-1755-registry-annotation
    namespace: zarf
    files:
    - packages/zarf-registry/configmap.yaml
  images:
  - registry:2.8.1
- name: zarf-agent
  description: |
    A Kubernetes mutating webhook to enable automated URL rewriting for container
    images and git repository references in Kubernetes manifests. This prevents
    the need to manually update URLs from their original sources to the Zarf-managed
    docker registry and git server.
  required: true
  actions:
    onCreate:
      before:
      - cmd: make init-package-local-agent AGENT_IMAGE="agent:local"
  manifests:
  - name: zarf-agent
    namespace: zarf
    files:
    - packages/zarf-agent/manifests/service.yaml
    - packages/zarf-agent/manifests/secret.yaml
    - packages/zarf-agent/manifests/deployment.yaml
    - packages/zarf-agent/manifests/webhook.yaml
  images:
  - ghcr.io/defenseunicorns/zarf/agent:local
- name: logging
  description: |
    Deploys the Promtail Grafana & Loki (PGL) stack.
    Aggregates logs from different containers and presents them in a web dashboard.
    Recommended if no other logging stack is deployed in the cluster.
  charts:
  - name: loki-stack
    releaseName: zarf-loki-stack
    url: https://grafana.github.io/helm-charts
    version: 2.9.9
    namespace: zarf
    valuesFiles:
    - packages/logging-pgl/pgl-values.yaml
  manifests:
  - name: logging-connect
    namespace: zarf
    files:
    - packages/logging-pgl/connect.yaml
  images:
  - docker.io/grafana/promtail:2.7.2
  - grafana/grafana:8.3.5
  - grafana/loki:2.6.1
  - quay.io/kiwigrid/k8s-sidecar:1.19.2
- name: git-server
  description: |
    Deploys Gitea to provide git repositories for Kubernetes configurations.
    Required for GitOps deployments if no other git server is available.
  actions:
    onDeploy:
      after:
      - maxTotalSeconds: 60
        maxRetries: 3
        cmd: ./zarf internal create-read-only-gitea-user
  charts:
  - name: gitea
    releaseName: zarf-gitea
    url: https://dl.gitea.io/charts
    version: 7.0.4
    namespace: zarf
    valuesFiles:
    - packages/gitea/gitea-values.yaml
  manifests:
  - name: git-connect
    namespace: zarf
    files:
    - packages/gitea/connect.yaml
  images:
  - gitea/gitea:1.19.3-rootless
variables:
- name: K3S_ARGS
  description: Arguments to pass to K3s
  default: --disable traefik
- name: REGISTRY_EXISTING_PVC
  description: "Optional: Use an existing PVC for the registry instead of creating a new one. If this is set, the REGISTRY_PVC_SIZE variable will be ignored."
- name: REGISTRY_PVC_SIZE
  description: The size of the persistent volume claim for the registry
  default: 20Gi
- name: REGISTRY_CPU_REQ
  description: The CPU request for the registry
  default: 100m
- name: REGISTRY_MEM_REQ
  description: The memory request for the registry
  default: 256Mi
- name: REGISTRY_CPU_LIMIT
  description: The CPU limit for the registry
  default: "3"
- name: REGISTRY_MEM_LIMIT
  description: The memory limit for the registry
  default: 2Gi
- name: REGISTRY_HPA_MIN
  description: The minimum number of registry replicas
  default: "1"
- name: REGISTRY_HPA_MAX
  description: The maximum number of registry replicas
  default: "5"
- name: REGISTRY_HPA_ENABLE
  description: Enable the Horizontal Pod Autoscaler for the registry
  default: "true"
- name: GIT_SERVER_EXISTING_PVC
  description: "Optional: Use an existing PVC for the git server instead of creating a new one. If this is set, the GIT_SERVER_PVC_SIZE variable will be ignored."
- name: GIT_SERVER_PVC_SIZE
  description: The size of the persistent volume claim for git server
  default: 10Gi
- name: GIT_SERVER_CPU_REQ
  description: The CPU request for git server
  default: 200m
- name: GIT_SERVER_MEM_REQ
  description: The memory request for git server
  default: 512Mi
- name: GIT_SERVER_CPU_LIMIT
  description: The CPU limit for git server
  default: "3"
- name: GIT_SERVER_MEM_LIMIT
  description: The memory limit for git server
  default: 2Gi
constants:
- name: AGENT_IMAGE
  value: agent:local

 ? Create this Zarf package? (y/N) Yes