fixed completion commands (#312)

should fix:
```
go install hauler.dev/go/hauler@latest
go: hauler.dev/go/hauler@latest: unrecognized import path "hauler.dev/go/hauler": reading https://hauler.dev/go/hauler?go-get=1: 404 Not Found
```

Signed-off-by: Jacob Blain Christen <dweomer5@gmail.com>

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,6 +1,6 @@
 ---
 name: Bug Report
-about: Create a report to help us improve!
+about: Submit a bug report to help us improve!
 title: '[BUG]'
 labels: 'bug'
 assignees: ''

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,7 +1,7 @@
 ---
 name: Feature Request
-about: Submit a request for us to improve!
-title: '[RFE]'
+about: Submit a feature request for us to improve!
+title: '[feature]'
 labels: 'enhancement'
 assignees: ''
 ---

.github/workflows/pages.yaml

@@ -0,0 +1,40 @@
+# Simple workflow for deploying static content to GitHub Pages
+name: 📋
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+  # Single deploy job since we're just deploying
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Pages
+        uses: actions/configure-pages@v5
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: './static'
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.github/workflows/release.yaml

@@ -17,17 +17,22 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
       - name: Set Up Go
         uses: actions/setup-go@v5
         with:
           go-version: 1.21.x
 
       - name: Run Go Releaser
-        uses: goreleaser/goreleaser-action@v5
+        uses: goreleaser/goreleaser-action@v6
         with:
           distribution: goreleaser
-          version: latest
-          args: release --clean -p 1
+          version: "~> v2"
+          args: "release --clean -p 1"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.HOMEBREW_TAP_GITHUB_TOKEN }}
@@ -35,30 +40,54 @@ jobs:
   container-release:
     name: Container Release Job
     runs-on: ubuntu-latest
+    needs: [go-release]
     timeout-minutes: 30
+    continue-on-error: true
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
       - name: Set Up QEMU
         uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Login to GitHub Container Registry
+      - name: Authenticate to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build and Push to GitHub Container Registry
+      - name: Authenticate to DockerHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and Push Release Container to GitHub Container Registry
         uses: docker/build-push-action@v5
         with:
           context: .
+          target: release
           platforms: linux/amd64,linux/arm64
           push: true
-          tags: ${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }},${{ github.repository_owner }}/${{ github.repository }}:latest
+          tags: ghcr.io/${{ github.repository }}:${{ github.ref_name }}, docker.io/hauler/hauler:${{ github.ref_name }}
+
+      - name: Build and Push Debug Container to GitHub Container Registry
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          target: debug
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ghcr.io/${{ github.repository }}-debug:${{ github.ref_name }}, docker.io/hauler/hauler-debug:${{ github.ref_name }}

.github/workflows/tests.yaml

@@ -0,0 +1,314 @@
+name: Tests Workflow
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  unit-tests:
+    name: Unit Tests
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Set Up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.21.x
+
+      - name: Install Go Releaser
+        uses: goreleaser/goreleaser-action@v6
+        with:
+          install-only: true
+
+      - name: Install Dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y make
+          sudo apt-get install -y build-essential
+
+      - name: Run Makefile Targets
+        run: |
+          make build-all
+
+      - name: Upload Hauler Binaries
+        uses: actions/upload-artifact@v4
+        with:
+          name: hauler-binaries
+          path: dist/*
+
+      - name: Upload Coverage Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage-report
+          path: coverage.out
+
+  integration-tests:
+    name: Integration Tests
+    runs-on: ubuntu-latest
+    needs: [unit-tests]
+    timeout-minutes: 30
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Install Dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y unzip
+          sudo apt-get install -y tree
+
+      - name: Download Artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: hauler-binaries
+          path: dist
+
+      - name: Prepare Hauler for Tests
+        run: |
+          pwd
+          ls -la
+          ls -la dist/
+          chmod -R 755 dist/ testdata/certificate-script.sh
+          sudo mv dist/hauler_linux_amd64_v1/hauler /usr/local/bin/hauler
+          ./testdata/certificate-script.sh && sudo chown -R $(whoami) testdata/certs/
+
+      - name: Verify - hauler version
+        run: |
+          hauler version
+
+      - name: Verify - hauler completion
+        run: |
+          hauler completion
+          hauler completion bash
+          hauler completion fish
+          hauler completion powershell
+          hauler completion zsh
+
+      - name: Verify - hauler help
+        run: |
+          hauler help
+
+      - name: Verify - hauler login
+        run: |
+          hauler login --help
+          hauler login docker.io --username bob --password haulin
+          echo "hauler" | hauler login docker.io -u bob --password-stdin
+
+      - name: Remove Hauler Store Credentials
+        run: |
+          rm -rf ~/.docker/config.json
+
+      - name: Verify - hauler store
+        run: |
+          hauler store --help
+
+      - name: Verify - hauler store add
+        run: |
+          hauler store add --help
+
+      - name: Verify - hauler store add chart
+        run: |
+          hauler store add chart --help
+          # verify via helm repository
+          hauler store add chart rancher --repo https://releases.rancher.com/server-charts/stable
+          hauler store add chart rancher --repo https://releases.rancher.com/server-charts/stable --version 2.8.4
+          hauler store add chart rancher --repo https://releases.rancher.com/server-charts/stable --version 2.8.3 --verify
+          # verify via oci helm repository
+          hauler store add chart hauler-helm --repo oci://ghcr.io/hauler-dev
+          hauler store add chart hauler-helm --repo oci://ghcr.io/hauler-dev --version 1.0.6
+          hauler store add chart hauler-helm --repo oci://ghcr.io/hauler-dev --version 1.0.4 --verify
+          # verify via local helm repository
+          curl -sfOL https://github.com/rancherfederal/rancher-cluster-templates/releases/download/rancher-cluster-templates-0.5.2/rancher-cluster-templates-0.5.2.tgz
+          hauler store add chart rancher-cluster-templates-0.5.2.tgz --repo .
+          curl -sfOL https://github.com/rancherfederal/rancher-cluster-templates/releases/download/rancher-cluster-templates-0.5.1/rancher-cluster-templates-0.5.1.tgz
+          hauler store add chart rancher-cluster-templates-0.5.1.tgz --repo . --version 0.5.1
+          curl -sfOL https://github.com/rancherfederal/rancher-cluster-templates/releases/download/rancher-cluster-templates-0.5.0/rancher-cluster-templates-0.5.0.tgz
+          hauler store add chart rancher-cluster-templates-0.5.0.tgz --repo . --version 0.5.0 --verify
+          # verify via the hauler store contents
+          hauler store info
+
+      - name: Verify - hauler store add file
+        run: |
+          hauler store add file --help
+          # verify via remote file
+          hauler store add file https://get.rke2.io/install.sh
+          hauler store add file https://get.rke2.io/install.sh --name rke2-install.sh
+          # verify via local file
+          hauler store add file testdata/hauler-manifest.yaml
+          hauler store add file testdata/hauler-manifest.yaml --name hauler-manifest-local.yaml
+          # verify via the hauler store contents
+          hauler store info
+
+      - name: Verify - hauler store add image
+        run: |
+          hauler store add image --help
+          # verify via image reference
+          hauler store add image busybox
+          # verify via image reference with version and platform
+          hauler store add image busybox:stable --platform linux/amd64
+          # verify via image reference with full reference
+          hauler store add image gcr.io/distroless/base@sha256:7fa7445dfbebae4f4b7ab0e6ef99276e96075ae42584af6286ba080750d6dfe5
+          # verify via the hauler store contents
+          hauler store info
+
+      - name: Verify - hauler store copy
+        run: |
+          hauler store copy --help
+          # need more tests here
+
+      - name: Verify - hauler store extract
+        run: |
+          hauler store extract --help
+          # verify via hauler store content
+          hauler store extract hauler/hauler-manifest-local.yaml:latest
+
+      - name: Verify - hauler store info
+        run: |
+          hauler store info --help
+          # verify via table output
+          hauler store info --output table
+          # verify via json output
+          hauler store info --output json
+          # verify via filtered output (chart)
+          hauler store info --type chart
+          # verify via filtered output (file)
+          hauler store info --type file
+          # verify via filtered output (image)
+          hauler store info --type image
+          # verify store directory structure
+          tree -hC store
+
+      - name: Verify - hauler store save
+        run: |
+          hauler store save --help
+          # verify via save
+          hauler store save
+          # verify via save with filename
+          hauler store save --filename store.tar.zst
+
+      - name: Remove Hauler Store Contents
+        run: |
+          rm -rf store
+          hauler store info
+
+      - name: Verify - hauler store load
+        run: |
+          hauler store load --help
+          # verify via load
+          hauler store load haul.tar.zst
+          # verify via load with different temp directory
+          hauler store load store.tar.zst --tempdir /opt
+
+      - name: Verify Hauler Store Contents
+        run: |
+          # verify store
+          hauler store info
+          # verify store directory structure
+          tree -hC store
+
+      - name: Remove Hauler Store Contents
+        run: |
+          rm -rf store haul.tar.zst store.tar.zst
+          hauler store info
+
+      - name: Verify - hauler store sync
+        run: |
+          hauler store sync --help
+          # download local helm repository
+          curl -sfOL https://github.com/rancherfederal/rancher-cluster-templates/releases/download/rancher-cluster-templates-0.5.2/rancher-cluster-templates-0.5.2.tgz
+          # verify via sync
+          hauler store sync --files testdata/hauler-manifest-pipeline.yaml
+          # need more tests here
+
+      - name: Verify - hauler store serve
+        run: |
+          hauler store serve --help
+
+      - name: Verify - hauler store serve registry
+        run: |
+          hauler store serve registry --help
+          # verify via registry
+          hauler store serve registry &
+          until curl -sf http://localhost:5000/v2/_catalog; do : ; done
+          pkill -f "hauler store serve registry"
+          # verify via registry with different port
+          hauler store serve registry --port 5001 &
+          until curl -sf http://localhost:5001/v2/_catalog; do : ; done
+          pkill -f "hauler store serve registry --port 5001"
+          # verify via registry with different port and readonly
+          hauler store serve registry --port 5001 --readonly &
+          until curl -sf http://localhost:5001/v2/_catalog; do : ; done
+          pkill -f "hauler store serve registry --port 5001 --readonly"
+          # verify via registry with different port with readonly with tls
+          # hauler store serve registry --port 5001 --readonly --tls-cert testdata/certs/server-cert.crt --tls-key testdata/certs/server-cert.key &
+          # until curl -sf --cacert testdata/certs/cacerts.pem https://localhost:5001/v2/_catalog; do : ; done
+          # pkill -f "hauler store serve registry --port 5001 --readonly --tls-cert testdata/certs/server-cert.crt --tls-key testdata/certs/server-cert.key"
+
+      - name: Verify - hauler store serve fileserver
+        run: |
+          hauler store serve fileserver --help
+          # verify via fileserver
+          hauler store serve fileserver &
+          until curl -sf http://localhost:8080; do : ; done
+          pkill -f "hauler store serve fileserver"
+          # verify via fileserver with different port
+          hauler store serve fileserver --port 8000 &
+          until curl -sf http://localhost:8000; do : ; done
+          pkill -f "hauler store serve fileserver --port 8000"
+          # verify via fileserver with different port and timeout
+          hauler store serve fileserver --port 8000 --timeout 120 &
+          until curl -sf http://localhost:8000; do : ; done
+          pkill -f "hauler store serve fileserver --port 8000 --timeout 120"
+          # verify via fileserver with different port with timeout and tls
+          # hauler store serve fileserver --port 8000 --timeout 120 --tls-cert testdata/certs/server-cert.crt --tls-key testdata/certs/server-cert.key &
+          # until curl -sf --cacert testdata/certs/cacerts.pem https://localhost:8000; do : ; done
+          # pkill -f "hauler store serve fileserver --port 8000 --timeout 120 --tls-cert testdata/certs/server-cert.crt --tls-key testdata/certs/server-cert.key"
+
+      - name: Verify Hauler Store Contents
+        run: |
+          # verify store
+          hauler store info
+          # verify store directory structure
+          tree -hC store
+          # verify registry directory structure
+          tree -hC registry
+          # verify fileserver directory structure
+          tree -hC fileserver
+
+      - name: Create Hauler Report
+        run: |
+          hauler version >> hauler-report.txt
+          hauler store info --output table >> hauler-report.txt
+
+      - name: Remove Hauler Store Contents
+        run: |
+          rm -rf store registry fileserver
+          hauler store info
+
+      - name: Upload Hauler Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: hauler-report
+          path: hauler-report.txt

.github/workflows/unittest.yaml

@@ -1,37 +0,0 @@
-name: Unit Test Workflow
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - main
-
-jobs:
-  unit-test:
-    name: Unit Tests
-    runs-on: ubuntu-latest
-    timeout-minutes: 30
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Set Up Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.21.x
-
-      - name: Run Unit Tests
-        run: |
-          mkdir -p cmd/hauler/binaries
-          touch cmd/hauler/binaries/dummy.txt
-          go test -race -covermode=atomic -coverprofile=coverage.out ./pkg/... ./internal/... ./cmd/...
-
-      - name: On Failure, Launch Debug Session
-        if: ${{ failure() }}
-        uses: mxschmitt/action-tmate@v3
-        timeout-minutes: 10

.gitignore

@@ -1,9 +1,4 @@
-.DS_Store
-
-# Vagrant
-.vagrant
-
-# Editor directories and files
+**/.DS_Store
 .idea
 .vscode
 *.suo
@@ -12,20 +7,12 @@
 *.sln
 *.sw?
 *.dir-locals.el
-
-# old, ad-hoc ignores
-artifacts
-local-artifacts
-airgap-scp.sh
-
-# test artifacts
-*.tar*
-*.out
-
-# generated
 dist/
 tmp/
 bin/
-/store/
-/registry/
-cmd/hauler/binaries
+store/
+registry/
+fileserver/
+cmd/hauler/binaries
+testdata/certs/
+coverage.out

.goreleaser.yaml

@@ -1,3 +1,5 @@
+version: 2
+
 project_name: hauler
 before:
   hooks:
@@ -7,10 +9,11 @@ before:
 
 release:
   prerelease: auto
+  make_latest: false
 
 env:
-  - vpkg=github.com/rancherfederal/hauler/internal/version
-  - cosign_version=v2.2.3+carbide.1
+  - vpkg=hauler.dev/go/hauler/internal/version
+  - cosign_version=v2.2.3+carbide.2
 
 builds:
   - main: cmd/hauler/main.go
@@ -25,10 +28,7 @@ builds:
       - -s -w -X {{ .Env.vpkg }}.gitVersion={{ .Version }} -X {{ .Env.vpkg }}.gitCommit={{ .ShortCommit }} -X {{ .Env.vpkg }}.gitTreeState={{if .IsGitDirty}}dirty{{else}}clean{{end}} -X {{ .Env.vpkg }}.buildDate={{ .Date }}
     hooks:
       pre:
-        - mkdir -p cmd/hauler/binaries
-        - wget -P cmd/hauler/binaries/ https://github.com/rancher-government-carbide/cosign/releases/download/{{ .Env.cosign_version }}/cosign-{{ .Os }}-{{ .Arch }}{{ if eq .Os "windows" }}.exe{{ end }}
-      post:
-        - rm -rf cmd/hauler/binaries
+        - wget -P cmd/hauler/binaries/ https://github.com/hauler-dev/cosign/releases/download/{{ .Env.cosign_version }}/cosign-{{ .Os }}-{{ .Arch }}{{ if eq .Os "windows" }}.exe{{ end }}
     env:
       - CGO_ENABLED=0
 
@@ -36,14 +36,14 @@ universal_binaries:
   - replace: false
 
 changelog:
-  skip: false
+  disable: false
   use: git
 
 brews:
   - name: hauler
-    tap:
-      owner: rancherfederal
+    repository:
+      owner: hauler-dev
       name: homebrew-tap
       token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}"
-    folder: Formula
+    directory: Formula
     description: "Hauler CLI"

Dockerfile

@@ -1,25 +1,45 @@
+# builder stage
 FROM registry.suse.com/bci/golang:1.21 AS builder
+
 RUN zypper --non-interactive install make bash wget ca-certificates
 
 COPY . /build
 WORKDIR /build
 RUN make build
 
-RUN echo "hauler:x:1001:1001::/home:" > /etc/passwd \
+RUN echo "hauler:x:1001:1001::/home/hauler:" > /etc/passwd \
 && echo "hauler:x:1001:hauler" > /etc/group \
+&& mkdir /home/hauler \
 && mkdir /store \
 && mkdir /fileserver \
 && mkdir /registry
 
-FROM scratch
+# release stage
+FROM scratch AS release
+
 COPY --from=builder /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /etc/group /etc/group
-COPY --from=builder --chown=hauler:hauler /home/. /home
+COPY --from=builder --chown=hauler:hauler /home/hauler/. /home/hauler
 COPY --from=builder --chown=hauler:hauler /tmp/. /tmp
 COPY --from=builder --chown=hauler:hauler /store/. /store
 COPY --from=builder --chown=hauler:hauler /registry/. /registry
 COPY --from=builder --chown=hauler:hauler /fileserver/. /fileserver
 COPY --from=builder --chown=hauler:hauler /build/bin/hauler /
+
 USER hauler
 ENTRYPOINT [ "/hauler" ]
+
+# debug stage
+FROM alpine AS debug
+
+COPY --from=builder /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/ca-certificates.crt
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/group /etc/group
+COPY --from=builder --chown=hauler:hauler /home/hauler/. /home/hauler
+COPY --from=builder --chown=hauler:hauler /build/bin/hauler /bin/hauler
+
+RUN apk --no-cache add curl
+
+USER hauler
+WORKDIR /home/hauler

Makefile

@@ -1,39 +1,51 @@
-SHELL:=/bin/bash
+# Makefile for hauler
+
+# set shell
+SHELL=/bin/bash
+
+# set go variables
 GO_FILES=$(shell go list ./... | grep -v /vendor/)
+GO_COVERPROFILE=coverage.out
 
-COSIGN_VERSION=v2.2.3+carbide.1
+# set cosign variables
+COSIGN_VERSION=v2.2.3+carbide.2
 
-.SILENT:
+# set build variables
+BIN_DIRECTORY=bin
+DIST_DIRECTORY=dist
+BINARIES_DIRECTORY=cmd/hauler/binaries
 
-all: fmt vet install test
+# builds hauler for current platform
+# references other targets
+build: install fmt vet test
+	goreleaser build --clean --snapshot --single-target
 
-build:
-	rm -rf cmd/hauler/binaries;\
-	mkdir -p cmd/hauler/binaries;\
-    wget -P cmd/hauler/binaries/ https://github.com/rancher-government-carbide/cosign/releases/download/$(COSIGN_VERSION)/cosign-$(shell go env GOOS)-$(shell go env GOARCH);\
-	mkdir bin;\
-	CGO_ENABLED=0 go build -o bin ./cmd/...;\
+# builds hauler for all platforms
+# references other targets
+build-all: install fmt vet test
+	goreleaser build --clean --snapshot
 
-build-all: fmt vet
-	goreleaser build --rm-dist --snapshot
-	
+# install depedencies
 install:
-	rm -rf cmd/hauler/binaries;\
-	mkdir -p cmd/hauler/binaries;\
-	wget -P cmd/hauler/binaries/ https://github.com/rancher-government-carbide/cosign/releases/download/$(COSIGN_VERSION)/cosign-$(shell go env GOOS)-$(shell go env GOARCH);\
-	CGO_ENABLED=0 go install ./cmd/...;\
-
-vet:
-	go vet $(GO_FILES)
+	rm -rf $(BINARIES_DIRECTORY)
+	mkdir -p $(BINARIES_DIRECTORY)
+	wget -P $(BINARIES_DIRECTORY) https://github.com/hauler-dev/cosign/releases/download/$(COSIGN_VERSION)/cosign-$(shell go env GOOS)-$(shell go env GOARCH)
+	go mod tidy
+	go mod download
+	CGO_ENABLED=0 go install ./cmd/...
 
+# format go code
 fmt:
 	go fmt $(GO_FILES)
 
+# vet go code
+vet:
+	go vet $(GO_FILES)
+
+# test go code
 test:
-	go test $(GO_FILES) -cover
-
-integration_test:
-	go test -tags=integration $(GO_FILES)
+	go test $(GO_FILES) -cover -race -covermode=atomic -coverprofile=$(GO_COVERPROFILE)
 
+# cleanup artifacts
 clean:
-	rm -rf bin 2> /dev/null
+	rm -rf $(BIN_DIRECTORY) $(BINARIES_DIRECTORY) $(DIST_DIRECTORY) $(GO_COVERPROFILE)

README.md

@@ -10,7 +10,7 @@
 
 `Hauler` does this by storing contents and collections as OCI Artifacts and allows operators to serve contents and collections with an embedded registry and fileserver. Additionally, `Hauler` has the ability to store and inspect various non-image OCI Artifacts.
 
-For more information, please review the **[Hauler Documentation](https://rancherfederal.github.io/hauler-docs)!**
+For more information, please review the **[Hauler Documentation](https://hauler.dev)!**
 
 ## Installation
 
@@ -25,7 +25,7 @@ curl -sfL https://get.hauler.dev | bash
 
 ```bash
 # installs latest release
-brew tap rancherfederal/homebrew-tap
+brew tap hauler-dev/homebrew-tap
 brew install hauler
 ```
 

VAGRANT.md

@@ -1,49 +0,0 @@
-## Hauler Vagrant machine
-
-A Vagrantfile is provided to allow easy provisioning of a local air-gapped CentOS environment. Some artifacts need to be collected from the internet; below are the steps required for successfully provisioning this machine, downloading all dependencies, and installing k3s (without hauler) into this machine.
-
-### First-time setup
-
-1. Install vagrant, if needed: <https://www.vagrantup.com/downloads>
-2. Install `vagrant-vbguest` plugin, as noted in the Vagrantfile:
-   ```shell
-   vagrant plugin install vagrant-vbguest
-   ```
-3. Deploy Vagrant machine, disabling SELinux:
-   ```shell
-   SELINUX=Disabled vagrant up
-   ```
-4. Access the Vagrant machine via SSH:
-   ```shell
-   vagrant ssh
-   ```
-5. Run all prep scripts inside of the Vagrant machine:
-    > This script temporarily enables internet access from within the VM to allow downloading all dependencies. Even so, the air-gapped network configuration IS restored before completion.
-   ```shell
-   sudo /opt/hauler/vagrant-scripts/prep-all.sh
-   ```
-
-All dependencies for all `vagrant-scripts/*-install.sh` scripts are now downloaded to the local
-repository under `local-artifacts`.
-
-### Installing k3s manually
-
-1. Access the Vagrant machine via SSH:
-  ```bash
-  vagrant ssh
-  ```
-2. Run the k3s install script inside of the Vagrant machine:
-  ```shell
-  sudo /opt/hauler/vagrant-scripts/k3s-install.sh
-  ```
-
-### Installing RKE2 manually
-
-1. Access the Vagrant machine via SSH:
-  ```shell
-  vagrant ssh
-  ```
-2. Run the RKE2 install script inside of the Vagrant machine:
-  ```shell
-  sudo /opt/hauler/vagrant-scripts/rke2-install.sh
-  ```

Vagrantfile

@@ -1,65 +0,0 @@
-##################################
-# The vagrant-vbguest plugin is required for CentOS 7.
-# Run the following command to install/update this plugin:
-# vagrant plugin install vagrant-vbguest
-##################################
-
-Vagrant.configure("2") do |config|
-  config.vm.box = "centos/8"
-  config.vm.hostname = "airgap"
-  config.vm.network "private_network", type: "dhcp"
-
-  config.vm.synced_folder ".", "/vagrant"
-
-  config.vm.provider "virtualbox" do |vb|
-    vb.memory = "2048"
-    vb.cpus = "2"
-  
-  config.vm.provision "airgap", type: "shell", run: "always",
-    inline: "/vagrant/vagrant-scripts/airgap.sh airgap"
-  end
-
-  # SELinux is Enforcing by default.
-  # To set SELinux as Disabled on a VM that has already been provisioned:
-  #   SELINUX=Disabled vagrant up --provision-with=selinux
-  # To set SELinux as Permissive on a VM that has already been provsioned
-  #   SELINUX=Permissive vagrant up --provision-with=selinux
-  config.vm.provision "selinux", type: "shell", run: "once" do |sh|
-    sh.upload_path = "/tmp/vagrant-selinux"
-    sh.env = {
-        'SELINUX': ENV['SELINUX'] || "Enforcing"
-    }
-    sh.inline = <<~SHELL
-        #!/usr/bin/env bash
-        set -eux -o pipefail
-
-        if ! type -p getenforce setenforce &>/dev/null; then
-          echo SELinux is Disabled
-          exit 0
-        fi
-
-        case "${SELINUX}" in
-          Disabled)
-            if mountpoint -q /sys/fs/selinux; then
-              setenforce 0
-              umount -v /sys/fs/selinux
-            fi
-            ;;
-          Enforcing)
-            mountpoint -q /sys/fs/selinux || mount -o rw,relatime -t selinuxfs selinuxfs /sys/fs/selinux
-            setenforce 1
-            ;;
-          Permissive)
-            mountpoint -q /sys/fs/selinux || mount -o rw,relatime -t selinuxfs selinuxfs /sys/fs/selinux
-            setenforce 0
-            ;;
-          *)
-            echo "SELinux mode not supported: ${SELINUX}" >&2
-            exit 1
-            ;;
-        esac
-
-        echo SELinux is $(getenforce)
-    SHELL
-  end
-end

cmd/hauler/cli/cli.go

@@ -3,14 +3,11 @@ package cli
 import (
 	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/log"
 )
 
-type rootOpts struct {
-	logLevel string
-}
-
-var ro = &rootOpts{}
+var ro = &flags.CliRootOpts{}
 
 func New() *cobra.Command {
 	cmd := &cobra.Command{
@@ -18,7 +15,7 @@ func New() *cobra.Command {
 		Short: "Airgap Swiss Army Knife",
 		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
 			l := log.FromContext(cmd.Context())
-			l.SetLevel(ro.logLevel)
+			l.SetLevel(ro.LogLevel)
 			l.Debugf("running cli command [%s]", cmd.CommandPath())
 			return nil
 		},
@@ -28,7 +25,7 @@ func New() *cobra.Command {
 	}
 
 	pf := cmd.PersistentFlags()
-	pf.StringVarP(&ro.logLevel, "log-level", "l", "info", "")
+	pf.StringVarP(&ro.LogLevel, "log-level", "l", "info", "")
 
 	// Add subcommands
 	addLogin(cmd)

cmd/hauler/cli/completion.go

@@ -3,29 +3,25 @@ package cli
 import (
 	"fmt"
 	"os"
+
 	"github.com/spf13/cobra"
 )
 
 func addCompletion(parent *cobra.Command) {
 	cmd := &cobra.Command{
-		Use:     "completion",
-		Short:   "Generates completion scripts for various shells",
+		Use:   "completion",
+		Short: "Generates completion scripts for various shells",
 		Long:  `The completion sub-command generates completion scripts for various shells.`,
 	}
-	
+
 	cmd.AddCommand(
 		addCompletionZsh(),
 		addCompletionBash(),
 		addCompletionFish(),
 		addCompletionPowershell(),
 	)
-	
-	parent.AddCommand(cmd)
-}
 
-func completionError(err error) ([]string, cobra.ShellCompDirective) {
-	cobra.CompError(err.Error())
-	return nil, cobra.ShellCompDirectiveError
+	parent.AddCommand(cmd)
 }
 
 func addCompletionZsh() *cobra.Command {
@@ -34,23 +30,23 @@ func addCompletionZsh() *cobra.Command {
 		Short: "Generates zsh completion scripts",
 		Long:  `The completion sub-command generates completion scripts for zsh.`,
 		Example: `To load completion run
-	
+
 	. <(hauler completion zsh)
-	
+
 	To configure your zsh shell to load completions for each session add to your zshrc
-	
+
 	# ~/.zshrc or ~/.profile
 	command -v hauler >/dev/null && . <(hauler completion zsh)
-	
+
 	or write a cached file in one of the completion directories in your ${fpath}:
-	
+
 	echo "${fpath// /\n}" | grep -i completion
 	hauler completion zsh > _hauler
-	
+
 	mv _hauler ~/.oh-my-zsh/completions  # oh-my-zsh
 	mv _hauler ~/.zprezto/modules/completion/external/src/  # zprezto`,
 		Run: func(cmd *cobra.Command, args []string) {
-			cmd.GenZshCompletion(os.Stdout)
+			cmd.Root().GenZshCompletion(os.Stdout)
 			// Cobra doesn't source zsh completion file, explicitly doing it here
 			fmt.Println("compdef _hauler hauler")
 		},
@@ -64,15 +60,15 @@ func addCompletionBash() *cobra.Command {
 		Short: "Generates bash completion scripts",
 		Long:  `The completion sub-command generates completion scripts for bash.`,
 		Example: `To load completion run
-	
+
 	. <(hauler completion bash)
-	
+
 	To configure your bash shell to load completions for each session add to your bashrc
-	
+
 	# ~/.bashrc or ~/.profile
 	command -v hauler >/dev/null && . <(hauler completion bash)`,
 		Run: func(cmd *cobra.Command, args []string) {
-			cmd.GenBashCompletion(os.Stdout)
+			cmd.Root().GenBashCompletion(os.Stdout)
 		},
 	}
 	return cmd
@@ -84,12 +80,12 @@ func addCompletionFish() *cobra.Command {
 		Short: "Generates fish completion scripts",
 		Long:  `The completion sub-command generates completion scripts for fish.`,
 		Example: `To configure your fish shell to load completions for each session write this script to your completions dir:
-	
+
 	hauler completion fish > ~/.config/fish/completions/hauler.fish
-	
+
 	See http://fishshell.com/docs/current/index.html#completion-own for more details`,
 		Run: func(cmd *cobra.Command, args []string) {
-			cmd.GenFishCompletion(os.Stdout, true)
+			cmd.Root().GenFishCompletion(os.Stdout, true)
 		},
 	}
 	return cmd
@@ -101,23 +97,23 @@ func addCompletionPowershell() *cobra.Command {
 		Short: "Generates powershell completion scripts",
 		Long:  `The completion sub-command generates completion scripts for powershell.`,
 		Example: `To load completion run
-	
+
 	. <(hauler completion powershell)
-	
+
 	To configure your powershell shell to load completions for each session add to your powershell profile
-	
+
 	Windows:
-	
+
 	cd "$env:USERPROFILE\Documents\WindowsPowerShell\Modules"
 	hauler completion powershell >> hauler-completion.ps1
-	
+
 	Linux:
-	
+
 	cd "${XDG_CONFIG_HOME:-"$HOME/.config/"}/powershell/modules"
 	hauler completion powershell >> hauler-completions.ps1`,
 		Run: func(cmd *cobra.Command, args []string) {
-			cmd.GenPowerShellCompletion(os.Stdout)
+			cmd.Root().GenPowerShellCompletion(os.Stdout)
 		},
 	}
 	return cmd
-}
+}

cmd/hauler/cli/login.go

@@ -2,32 +2,20 @@ package cli
 
 import (
 	"context"
-	"strings"
-	"os"
-	"io"
 	"fmt"
-	"github.com/spf13/cobra"
+	"io"
+	"os"
+	"strings"
 
+	"github.com/spf13/cobra"
 	"oras.land/oras-go/pkg/content"
 
-	"github.com/rancherfederal/hauler/pkg/cosign"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/cosign"
 )
 
-type Opts struct {
-	Username  string
-	Password  string
-	PasswordStdin bool
-}
-
-func (o *Opts) AddArgs(cmd *cobra.Command) {
-	f := cmd.Flags()
-	f.StringVarP(&o.Username, "username", "u", "", "Username")
-	f.StringVarP(&o.Password, "password", "p", "", "Password")
-	f.BoolVarP(&o.PasswordStdin, "password-stdin", "", false, "Take the password from stdin")
-}
-
 func addLogin(parent *cobra.Command) {
-	o := &Opts{}
+	o := &flags.LoginOpts{}
 
 	cmd := &cobra.Command{
 		Use:   "login",
@@ -35,7 +23,7 @@ func addLogin(parent *cobra.Command) {
 		Example: `
 # Log in to reg.example.com
 hauler login reg.example.com -u bob -p haulin`,
-		Args:    cobra.ExactArgs(1),
+		Args: cobra.ExactArgs(1),
 		RunE: func(cmd *cobra.Command, arg []string) error {
 			ctx := cmd.Context()
 
@@ -47,7 +35,7 @@ hauler login reg.example.com -u bob -p haulin`,
 				o.Password = strings.TrimSuffix(string(contents), "\n")
 				o.Password = strings.TrimSuffix(o.Password, "\r")
 			}
-			
+
 			if o.Username == "" && o.Password == "" {
 				return fmt.Errorf("username and password required")
 			}
@@ -55,21 +43,21 @@ hauler login reg.example.com -u bob -p haulin`,
 			return login(ctx, o, arg[0])
 		},
 	}
-	o.AddArgs(cmd)
+	o.AddFlags(cmd)
 
 	parent.AddCommand(cmd)
 }
 
-func login(ctx context.Context, o *Opts, registry string) error {
+func login(ctx context.Context, o *flags.LoginOpts, registry string) error {
 	ropts := content.RegistryOptions{
-		Username:  o.Username,
-		Password:  o.Password,
+		Username: o.Username,
+		Password: o.Password,
 	}
 
 	err := cosign.RegistryLogin(ctx, nil, registry, ropts)
 	if err != nil {
 		return err
 	}
-	
+
 	return nil
-}
+}

cmd/hauler/cli/store.go

@@ -1,14 +1,16 @@
 package cli
 
 import (
-	"github.com/spf13/cobra"
-	"helm.sh/helm/v3/pkg/action"
 	"fmt"
 
-	"github.com/rancherfederal/hauler/cmd/hauler/cli/store"
+	"github.com/spf13/cobra"
+	"helm.sh/helm/v3/pkg/action"
+
+	"hauler.dev/go/hauler/cmd/hauler/cli/store"
+	"hauler.dev/go/hauler/internal/flags"
 )
 
-var rootStoreOpts = &store.RootOpts{}
+var rootStoreOpts = &flags.StoreRootOpts{}
 
 func addStore(parent *cobra.Command) {
 	cmd := &cobra.Command{
@@ -19,7 +21,7 @@ func addStore(parent *cobra.Command) {
 			return cmd.Help()
 		},
 	}
-	rootStoreOpts.AddArgs(cmd)
+	rootStoreOpts.AddFlags(cmd)
 
 	cmd.AddCommand(
 		addStoreSync(),
@@ -38,7 +40,7 @@ func addStore(parent *cobra.Command) {
 }
 
 func addStoreExtract() *cobra.Command {
-	o := &store.ExtractOpts{RootOpts: rootStoreOpts}
+	o := &flags.ExtractOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:     "extract",
@@ -56,13 +58,13 @@ func addStoreExtract() *cobra.Command {
 			return store.ExtractCmd(ctx, o, s, args[0])
 		},
 	}
-	o.AddArgs(cmd)
+	o.AddFlags(cmd)
 
 	return cmd
 }
 
 func addStoreSync() *cobra.Command {
-	o := &store.SyncOpts{RootOpts: rootStoreOpts}
+	o := &flags.SyncOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "sync",
@@ -84,7 +86,7 @@ func addStoreSync() *cobra.Command {
 }
 
 func addStoreLoad() *cobra.Command {
-	o := &store.LoadOpts{RootOpts: rootStoreOpts}
+	o := &flags.LoadOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "load",
@@ -125,11 +127,11 @@ func addStoreServe() *cobra.Command {
 
 // RegistryCmd serves the embedded registry
 func addStoreServeRegistry() *cobra.Command {
-    o := &store.ServeRegistryOpts{RootOpts: rootStoreOpts}
+	o := &flags.ServeRegistryOpts{StoreRootOpts: rootStoreOpts}
 	cmd := &cobra.Command{
-        Use:   "registry",
-        Short: "Serve the embedded registry",
-        RunE: func(cmd *cobra.Command, args []string) error {
+		Use:   "registry",
+		Short: "Serve the embedded registry",
+		RunE: func(cmd *cobra.Command, args []string) error {
 			ctx := cmd.Context()
 
 			s, err := o.Store(ctx)
@@ -138,21 +140,21 @@ func addStoreServeRegistry() *cobra.Command {
 			}
 
 			return store.ServeRegistryCmd(ctx, o, s)
-        },
-    }
+		},
+	}
 
-    o.AddFlags(cmd)
+	o.AddFlags(cmd)
 
-    return cmd
+	return cmd
 }
 
 // FileServerCmd serves the file server
 func addStoreServeFiles() *cobra.Command {
-    o := &store.ServeFilesOpts{RootOpts: rootStoreOpts}
+	o := &flags.ServeFilesOpts{StoreRootOpts: rootStoreOpts}
 	cmd := &cobra.Command{
-        Use:   "fileserver",
-        Short: "Serve the file server",
-        RunE: func(cmd *cobra.Command, args []string) error {
+		Use:   "fileserver",
+		Short: "Serve the file server",
+		RunE: func(cmd *cobra.Command, args []string) error {
 			ctx := cmd.Context()
 
 			s, err := o.Store(ctx)
@@ -161,16 +163,16 @@ func addStoreServeFiles() *cobra.Command {
 			}
 
 			return store.ServeFilesCmd(ctx, o, s)
-        },
-    }
+		},
+	}
 
-    o.AddFlags(cmd)
+	o.AddFlags(cmd)
 
-    return cmd
+	return cmd
 }
 
 func addStoreSave() *cobra.Command {
-	o := &store.SaveOpts{RootOpts: rootStoreOpts}
+	o := &flags.SaveOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "save",
@@ -188,13 +190,13 @@ func addStoreSave() *cobra.Command {
 			return store.SaveCmd(ctx, o, o.FileName)
 		},
 	}
-	o.AddArgs(cmd)
+	o.AddFlags(cmd)
 
 	return cmd
 }
 
 func addStoreInfo() *cobra.Command {
-	o := &store.InfoOpts{RootOpts: rootStoreOpts}
+	o := &flags.InfoOpts{StoreRootOpts: rootStoreOpts}
 
 	var allowedValues = []string{"image", "chart", "file", "sigs", "atts", "sbom", "all"}
 
@@ -210,7 +212,7 @@ func addStoreInfo() *cobra.Command {
 			if err != nil {
 				return err
 			}
-			
+
 			for _, allowed := range allowedValues {
 				if o.TypeFilter == allowed {
 					return store.InfoCmd(ctx, o, s)
@@ -225,7 +227,7 @@ func addStoreInfo() *cobra.Command {
 }
 
 func addStoreCopy() *cobra.Command {
-	o := &store.CopyOpts{RootOpts: rootStoreOpts}
+	o := &flags.CopyOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "copy",
@@ -266,7 +268,7 @@ func addStoreAdd() *cobra.Command {
 }
 
 func addStoreAddFile() *cobra.Command {
-	o := &store.AddFileOpts{RootOpts: rootStoreOpts}
+	o := &flags.AddFileOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "file",
@@ -289,7 +291,7 @@ func addStoreAddFile() *cobra.Command {
 }
 
 func addStoreAddImage() *cobra.Command {
-	o := &store.AddImageOpts{RootOpts: rootStoreOpts}
+	o := &flags.AddImageOpts{StoreRootOpts: rootStoreOpts}
 
 	cmd := &cobra.Command{
 		Use:   "image",
@@ -312,9 +314,9 @@ func addStoreAddImage() *cobra.Command {
 }
 
 func addStoreAddChart() *cobra.Command {
-	o := &store.AddChartOpts{
-		RootOpts:  rootStoreOpts,
-		ChartOpts: &action.ChartPathOptions{},
+	o := &flags.AddChartOpts{
+		StoreRootOpts: rootStoreOpts,
+		ChartOpts:     &action.ChartPathOptions{},
 	}
 
 	cmd := &cobra.Command{

cmd/hauler/cli/store/add.go

@@ -4,32 +4,20 @@ import (
 	"context"
 
 	"github.com/google/go-containerregistry/pkg/name"
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
-	"github.com/spf13/cobra"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
 	"helm.sh/helm/v3/pkg/action"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts/file"
-
-	"github.com/rancherfederal/hauler/pkg/store"
-
-	"github.com/rancherfederal/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
-	"github.com/rancherfederal/hauler/pkg/content/chart"
-	"github.com/rancherfederal/hauler/pkg/cosign"
-	"github.com/rancherfederal/hauler/pkg/log"
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
+	"hauler.dev/go/hauler/pkg/artifacts/file"
+	"hauler.dev/go/hauler/pkg/content/chart"
+	"hauler.dev/go/hauler/pkg/cosign"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type AddFileOpts struct {
-	*RootOpts
-	Name string
-}
-
-func (o *AddFileOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-	f.StringVarP(&o.Name, "name", "n", "", "(Optional) Name to assign to file in store")
-}
-
-func AddFileCmd(ctx context.Context, o *AddFileOpts, s *store.Layout, reference string) error {
+func AddFileCmd(ctx context.Context, o *flags.AddFileOpts, s *store.Layout, reference string) error {
 	cfg := v1alpha1.File{
 		Path: reference,
 	}
@@ -63,20 +51,7 @@ func storeFile(ctx context.Context, s *store.Layout, fi v1alpha1.File) error {
 	return nil
 }
 
-type AddImageOpts struct {
-	*RootOpts
-	Name     string
-	Key      string
-	Platform string
-}
-
-func (o *AddImageOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-	f.StringVarP(&o.Key, "key", "k", "", "(Optional) Path to the key for digital signature verification")
-	f.StringVarP(&o.Platform, "platform", "p", "", "(Optional) Specific platform to save. i.e. linux/amd64. Defaults to all if flag is omitted.")
-}
-
-func AddImageCmd(ctx context.Context, o *AddImageOpts, s *store.Layout, reference string) error {
+func AddImageCmd(ctx context.Context, o *flags.AddImageOpts, s *store.Layout, reference string) error {
 	l := log.FromContext(ctx)
 	cfg := v1alpha1.Image{
 		Name: reference,
@@ -103,7 +78,7 @@ func storeImage(ctx context.Context, s *store.Layout, i v1alpha1.Image, platform
 	if err != nil {
 		return err
 	}
-	
+
 	err = cosign.SaveImage(ctx, s, r.Name(), platform)
 	if err != nil {
 		return err
@@ -113,27 +88,7 @@ func storeImage(ctx context.Context, s *store.Layout, i v1alpha1.Image, platform
 	return nil
 }
 
-type AddChartOpts struct {
-	*RootOpts
-
-	ChartOpts *action.ChartPathOptions
-}
-
-func (o *AddChartOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringVar(&o.ChartOpts.RepoURL, "repo", "", "chart repository url where to locate the requested chart")
-	f.StringVar(&o.ChartOpts.Version, "version", "", "specify a version constraint for the chart version to use. This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). If this is not specified, the latest version is used")
-	f.BoolVar(&o.ChartOpts.Verify, "verify", false, "verify the package before using it")
-	f.StringVar(&o.ChartOpts.Username, "username", "", "chart repository username where to locate the requested chart")
-	f.StringVar(&o.ChartOpts.Password, "password", "", "chart repository password where to locate the requested chart")
-	f.StringVar(&o.ChartOpts.CertFile, "cert-file", "", "identify HTTPS client using this SSL certificate file")
-	f.StringVar(&o.ChartOpts.KeyFile, "key-file", "", "identify HTTPS client using this SSL key file")
-	f.BoolVar(&o.ChartOpts.InsecureSkipTLSverify, "insecure-skip-tls-verify", false, "skip tls certificate checks for the chart download")
-	f.StringVar(&o.ChartOpts.CaFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle")
-}
-
-func AddChartCmd(ctx context.Context, o *AddChartOpts, s *store.Layout, chartName string) error {
+func AddChartCmd(ctx context.Context, o *flags.AddChartOpts, s *store.Layout, chartName string) error {
 	// TODO: Reduce duplicates between api chart and upstream helm opts
 	cfg := v1alpha1.Chart{
 		Name:    chartName,
@@ -147,7 +102,7 @@ func AddChartCmd(ctx context.Context, o *AddChartOpts, s *store.Layout, chartNam
 func storeChart(ctx context.Context, s *store.Layout, cfg v1alpha1.Chart, opts *action.ChartPathOptions) error {
 	l := log.FromContext(ctx)
 	l.Infof("adding 'chart' [%s] to the store", cfg.Name)
-	
+
 	// TODO: This shouldn't be necessary
 	opts.RepoURL = cfg.RepoURL
 	opts.Version = cfg.Version

cmd/hauler/cli/store/copy.go

@@ -5,34 +5,15 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/spf13/cobra"
 	"oras.land/oras-go/pkg/content"
 
-	"github.com/rancherfederal/hauler/pkg/cosign"
-	"github.com/rancherfederal/hauler/pkg/store"
-
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/cosign"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type CopyOpts struct {
-	*RootOpts
-
-	Username  string
-	Password  string
-	Insecure  bool
-	PlainHTTP bool
-}
-
-func (o *CopyOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringVarP(&o.Username, "username", "u", "", "Username when copying to an authenticated remote registry")
-	f.StringVarP(&o.Password, "password", "p", "", "Password when copying to an authenticated remote registry")
-	f.BoolVar(&o.Insecure, "insecure", false, "Toggle allowing insecure connections when copying to a remote registry")
-	f.BoolVar(&o.PlainHTTP, "plain-http", false, "Toggle allowing plain http connections when copying to a remote registry")
-}
-
-func CopyCmd(ctx context.Context, o *CopyOpts, s *store.Layout, targetRef string) error {
+func CopyCmd(ctx context.Context, o *flags.CopyOpts, s *store.Layout, targetRef string) error {
 	l := log.FromContext(ctx)
 
 	components := strings.SplitN(targetRef, "://", 2)
@@ -55,7 +36,7 @@ func CopyCmd(ctx context.Context, o *CopyOpts, s *store.Layout, targetRef string
 			Insecure:  o.Insecure,
 			PlainHTTP: o.PlainHTTP,
 		}
-		
+
 		if ropts.Username != "" {
 			err := cosign.RegistryLogin(ctx, s, components[1], ropts)
 			if err != nil {

cmd/hauler/cli/store/extract.go

@@ -2,32 +2,20 @@ package store
 
 import (
 	"context"
-	"strings"
 	"encoding/json"
 	"fmt"
+	"strings"
 
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
-	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/store"
-
-	"github.com/rancherfederal/hauler/internal/mapper"
-	"github.com/rancherfederal/hauler/pkg/log"
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/internal/mapper"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type ExtractOpts struct {
-	*RootOpts
-	DestinationDir string
-}
-
-func (o *ExtractOpts) AddArgs(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringVarP(&o.DestinationDir, "output", "o", "", "Directory to save contents to (defaults to current directory)")
-}
-
-func ExtractCmd(ctx context.Context, o *ExtractOpts, s *store.Layout, ref string) error {
+func ExtractCmd(ctx context.Context, o *flags.ExtractOpts, s *store.Layout, ref string) error {
 	l := log.FromContext(ctx)
 
 	r, err := reference.Parse(ref)
@@ -37,7 +25,7 @@ func ExtractCmd(ctx context.Context, o *ExtractOpts, s *store.Layout, ref string
 
 	found := false
 	if err := s.Walk(func(reference string, desc ocispec.Descriptor) error {
-	
+
 		if !strings.Contains(reference, r.Name()) {
 			return nil
 		}

cmd/hauler/cli/store/info.go

@@ -4,38 +4,19 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/olekukonko/tablewriter"
 	"os"
 	"sort"
 
+	"github.com/olekukonko/tablewriter"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
-	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
-
-	"github.com/rancherfederal/hauler/pkg/store"
-
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type InfoOpts struct {
-	*RootOpts
-
-	OutputFormat string
-	TypeFilter   string
-	SizeUnit     string
-}
-
-func (o *InfoOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringVarP(&o.OutputFormat, "output", "o", "table", "Output format (table, json)")
-	f.StringVarP(&o.TypeFilter, "type", "t", "all", "Filter on type (image, chart, file, sigs, atts, sbom)")
-
-	// TODO: Regex/globbing
-}
-
-func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
+func InfoCmd(ctx context.Context, o *flags.InfoOpts, s *store.Layout) error {
 	var items []item
 	if err := s.Walk(func(ref string, desc ocispec.Descriptor) error {
 		if _, ok := desc.Annotations[ocispec.AnnotationRefName]; !ok {
@@ -47,7 +28,7 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 		}
 		defer rc.Close()
 
-		// handle multi-arch images 
+		// handle multi-arch images
 		if desc.MediaType == consts.OCIImageIndexSchema || desc.MediaType == consts.DockerManifestListSchema2 {
 			var idx ocispec.Index
 			if err := json.NewDecoder(rc).Decode(&idx); err != nil {
@@ -72,13 +53,13 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 					items = append(items, i)
 				}
 			}
-		// handle "non" multi-arch images
+			// handle "non" multi-arch images
 		} else if desc.MediaType == consts.DockerManifestSchema2 || desc.MediaType == consts.OCIManifestSchema1 {
 			var m ocispec.Manifest
 			if err := json.NewDecoder(rc).Decode(&m); err != nil {
 				return err
 			}
-			
+
 			rc, err := s.FetchManifest(ctx, m)
 			if err != nil {
 				return err
@@ -90,7 +71,7 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 			if err := json.NewDecoder(rc).Decode(&internalManifest); err != nil {
 				return err
 			}
-			
+
 			if internalManifest.Architecture != "" {
 				i := newItem(s, desc, m, fmt.Sprintf("%s/%s", internalManifest.OS, internalManifest.Architecture), o)
 				var emptyItem item
@@ -104,8 +85,8 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 					items = append(items, i)
 				}
 			}
-		// handle the rest
-		} else {  
+			// handle the rest
+		} else {
 			var m ocispec.Manifest
 			if err := json.NewDecoder(rc).Decode(&m); err != nil {
 				return err
@@ -123,6 +104,11 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 		return err
 	}
 
+	if o.ListRepos {
+		buildListRepos(items...)
+		return nil
+	}
+
 	// sort items by ref and arch
 	sort.Sort(byReferenceAndArch(items))
 
@@ -137,6 +123,30 @@ func InfoCmd(ctx context.Context, o *InfoOpts, s *store.Layout) error {
 	return nil
 }
 
+func buildListRepos(items ...item) {
+	// Create map to track unique repository names
+	repos := make(map[string]bool)
+
+	for _, i := range items {
+		repoName := ""
+		for j := 0; j < len(i.Reference); j++ {
+			if i.Reference[j] == '/' {
+				repoName = i.Reference[:j]
+				break
+			}
+		}
+		if repoName == "" {
+			repoName = i.Reference
+		}
+		repos[repoName] = true
+	}
+
+	// Collect and print unique repository names
+	for repoName := range repos {
+		fmt.Println(repoName)
+	}
+}
+
 func buildTable(items ...item) {
 	// Create a table for the results
 	table := tablewriter.NewWriter(os.Stdout)
@@ -144,7 +154,7 @@ func buildTable(items ...item) {
 	table.SetHeaderAlignment(tablewriter.ALIGN_LEFT)
 	table.SetRowLine(false)
 	table.SetAutoMergeCellsByColumnIndex([]int{0})
-	
+
 	totalSize := int64(0)
 	for _, i := range items {
 		if i.Type != "" {
@@ -173,11 +183,11 @@ func buildJson(item ...item) string {
 }
 
 type item struct {
-	Reference    string
-	Type         string
-	Platform     string
-	Layers       int
-	Size         int64
+	Reference string
+	Type      string
+	Platform  string
+	Layers    int
+	Size      int64
 }
 
 type byReferenceAndArch []item
@@ -200,7 +210,7 @@ func (a byReferenceAndArch) Less(i, j int) bool {
 	return a[i].Reference < a[j].Reference
 }
 
-func newItem(s *store.Layout, desc ocispec.Descriptor, m ocispec.Manifest, plat string, o *InfoOpts) item {
+func newItem(s *store.Layout, desc ocispec.Descriptor, m ocispec.Manifest, plat string, o *flags.InfoOpts) item {
 	var size int64 = 0
 	for _, l := range m.Layers {
 		size += l.Size
@@ -227,7 +237,7 @@ func newItem(s *store.Layout, desc ocispec.Descriptor, m ocispec.Manifest, plat
 	case "dev.cosignproject.cosign/sboms":
 		ctype = "sbom"
 	}
-	
+
 	ref, err := reference.Parse(desc.Annotations[ocispec.AnnotationRefName])
 	if err != nil {
 		return item{}
@@ -238,11 +248,11 @@ func newItem(s *store.Layout, desc ocispec.Descriptor, m ocispec.Manifest, plat
 	}
 
 	return item{
-		Reference:    ref.Name(),
-		Type:         ctype,
-		Platform:     plat,
-		Layers:       len(m.Layers),
-		Size:         size,
+		Reference: ref.Name(),
+		Type:      ctype,
+		Platform:  plat,
+		Layers:    len(m.Layers),
+		Size:      size,
 	}
 }
 

cmd/hauler/cli/store/load.go

@@ -5,31 +5,16 @@ import (
 	"os"
 
 	"github.com/mholt/archiver/v3"
-	"github.com/rancherfederal/hauler/pkg/content"
-	"github.com/rancherfederal/hauler/pkg/store"
-	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/content"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type LoadOpts struct {
-	*RootOpts
-	TempOverride string
-}
-
-func (o *LoadOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	// On Unix systems, the default is $TMPDIR if non-empty, else /tmp.
-	// On Windows, the default is GetTempPath, returning the first non-empty
-	// value from %TMP%, %TEMP%, %USERPROFILE%, or the Windows directory.
-	// On Plan 9, the default is /tmp.
-	f.StringVarP(&o.TempOverride, "tempdir", "t", "", "overrides the default directory for temporary files, as returned by your OS.")
-}
-
 // LoadCmd
 // TODO: Just use mholt/archiver for now, even though we don't need most of it
-func LoadCmd(ctx context.Context, o *LoadOpts, archiveRefs ...string) error {
+func LoadCmd(ctx context.Context, o *flags.LoadOpts, archiveRefs ...string) error {
 	l := log.FromContext(ctx)
 
 	for _, archiveRef := range archiveRefs {

cmd/hauler/cli/store/save.go

@@ -6,25 +6,14 @@ import (
 	"path/filepath"
 
 	"github.com/mholt/archiver/v3"
-	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/log"
 )
 
-type SaveOpts struct {
-	*RootOpts
-	FileName string
-}
-
-func (o *SaveOpts) AddArgs(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringVarP(&o.FileName, "filename", "f", "haul.tar.zst", "Name of archive")
-}
-
 // SaveCmd
 // TODO: Just use mholt/archiver for now, even though we don't need most of it
-func SaveCmd(ctx context.Context, o *SaveOpts, outputFile string) error {
+func SaveCmd(ctx context.Context, o *flags.SaveOpts, outputFile string) error {
 	l := log.FromContext(ctx)
 
 	// TODO: Support more formats?

cmd/hauler/cli/store/serve.go

@@ -2,8 +2,6 @@ package store
 
 import (
 	"context"
-	"fmt"
-	"net/http"
 	"os"
 
 	"github.com/distribution/distribution/v3/configuration"
@@ -12,33 +10,14 @@ import (
 	_ "github.com/distribution/distribution/v3/registry/storage/driver/filesystem"
 	_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
 	"github.com/distribution/distribution/v3/version"
-	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/pkg/store"
-
-	"github.com/rancherfederal/hauler/internal/server"
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/internal/server"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type ServeRegistryOpts struct {
-	*RootOpts
-
-	Port       int
-	RootDir    string
-	ConfigFile string
-
-	storedir string
-}
-
-func (o *ServeRegistryOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.IntVarP(&o.Port, "port", "p", 5000, "Port to listen on.")
-	f.StringVar(&o.RootDir, "directory", "registry", "Directory to use for backend.  Defaults to $PWD/registry")
-	f.StringVarP(&o.ConfigFile, "config", "c", "", "Path to a config file, will override all other configs")
-}
-
-func ServeRegistryCmd(ctx context.Context, o *ServeRegistryOpts, s *store.Layout) error {
+func ServeRegistryCmd(ctx context.Context, o *flags.ServeRegistryOpts, s *store.Layout) error {
 	l := log.FromContext(ctx)
 	ctx = dcontext.WithVersion(ctx, version.Version)
 
@@ -47,14 +26,14 @@ func ServeRegistryCmd(ctx context.Context, o *ServeRegistryOpts, s *store.Layout
 		return err
 	}
 
-	opts := &CopyOpts{}
+	opts := &flags.CopyOpts{}
 	if err := CopyCmd(ctx, opts, s, "registry://"+tr.Registry()); err != nil {
 		return err
 	}
 
 	tr.Close()
 
-	cfg := o.defaultRegistryConfig()
+	cfg := o.DefaultRegistryConfig()
 	if o.ConfigFile != "" {
 		ucfg, err := loadConfig(o.ConfigFile)
 		if err != nil {
@@ -76,44 +55,30 @@ func ServeRegistryCmd(ctx context.Context, o *ServeRegistryOpts, s *store.Layout
 	return nil
 }
 
-type ServeFilesOpts struct {
-	*RootOpts
-
-	Port    int
-	RootDir string
-
-	storedir string
-}
-
-func (o *ServeFilesOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.IntVarP(&o.Port, "port", "p", 8080, "Port to listen on.")
-	f.StringVar(&o.RootDir, "directory", "fileserver", "Directory to use for backend.  Defaults to $PWD/fileserver")
-}
-
-func ServeFilesCmd(ctx context.Context, o *ServeFilesOpts, s *store.Layout) error {
+func ServeFilesCmd(ctx context.Context, o *flags.ServeFilesOpts, s *store.Layout) error {
 	l := log.FromContext(ctx)
 	ctx = dcontext.WithVersion(ctx, version.Version)
 
-	opts := &CopyOpts{}
+	opts := &flags.CopyOpts{}
 	if err := CopyCmd(ctx, opts, s, "dir://"+o.RootDir); err != nil {
 		return err
 	}
 
-	cfg := server.FileConfig{
-		Root: o.RootDir,
-		Port: o.Port,
-	}
-
-	f, err := server.NewFile(ctx, cfg)
+	f, err := server.NewFile(ctx, *o)
 	if err != nil {
 		return err
 	}
 
-	l.Infof("starting file server on port [%d]", o.Port)
-	if err := f.ListenAndServe(); err != nil {
-		return err
+	if o.TLSCert != "" && o.TLSKey != "" {
+		l.Infof("starting file server with tls on port [%d]", o.Port)
+		if err := f.ListenAndServeTLS(o.TLSCert, o.TLSKey); err != nil {
+			return err
+		}
+	} else {
+		l.Infof("starting file server on port [%d]", o.Port)
+		if err := f.ListenAndServe(); err != nil {
+			return err
+		}
 	}
 
 	return nil
@@ -127,27 +92,3 @@ func loadConfig(filename string) (*configuration.Configuration, error) {
 
 	return configuration.Parse(f)
 }
-
-func (o *ServeRegistryOpts) defaultRegistryConfig() *configuration.Configuration {
-	cfg := &configuration.Configuration{
-		Version: "0.1",
-		Storage: configuration.Storage{
-			"cache":      configuration.Parameters{"blobdescriptor": "inmemory"},
-			"filesystem": configuration.Parameters{"rootdirectory": o.RootDir},
-
-			// TODO: Ensure this is toggleable via cli arg if necessary
-			// "maintenance": configuration.Parameters{"readonly.enabled": false},
-		},
-	}
-
-	// Add validation configuration
-	cfg.Validation.Manifests.URLs.Allow = []string{".+"}
-
-	cfg.Log.Level = "info"
-	cfg.HTTP.Addr = fmt.Sprintf(":%d", o.Port)
-	cfg.HTTP.Headers = http.Header{
-		"X-Content-Type-Options": []string{"nosniff"},
-	}
-
-	return cfg
-}

cmd/hauler/cli/store/sync.go

@@ -9,44 +9,23 @@ import (
 	"strings"
 
 	"github.com/mitchellh/go-homedir"
-	"github.com/spf13/cobra"
 	"helm.sh/helm/v3/pkg/action"
 	"k8s.io/apimachinery/pkg/util/yaml"
 
-	"github.com/rancherfederal/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
-	tchart "github.com/rancherfederal/hauler/pkg/collection/chart"
-	"github.com/rancherfederal/hauler/pkg/collection/imagetxt"
-	"github.com/rancherfederal/hauler/pkg/collection/k3s"
-	"github.com/rancherfederal/hauler/pkg/consts"
-	"github.com/rancherfederal/hauler/pkg/content"
-	"github.com/rancherfederal/hauler/pkg/cosign"
-	"github.com/rancherfederal/hauler/pkg/log"
-	"github.com/rancherfederal/hauler/pkg/reference"
-	"github.com/rancherfederal/hauler/pkg/store"
+	"hauler.dev/go/hauler/internal/flags"
+	"hauler.dev/go/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
+	tchart "hauler.dev/go/hauler/pkg/collection/chart"
+	"hauler.dev/go/hauler/pkg/collection/imagetxt"
+	"hauler.dev/go/hauler/pkg/collection/k3s"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/content"
+	"hauler.dev/go/hauler/pkg/cosign"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-type SyncOpts struct {
-	*RootOpts
-	ContentFiles []string
-	Key          string
-	Products	 []string
-	Platform	 string
-	Registry	 string
-	ProductRegistry string
-}
-
-func (o *SyncOpts) AddFlags(cmd *cobra.Command) {
-	f := cmd.Flags()
-
-	f.StringSliceVarP(&o.ContentFiles, "files", "f", []string{}, "Path to content files")
-	f.StringVarP(&o.Key, "key", "k", "", "(Optional) Path to the key for signature verification")
-	f.StringSliceVar(&o.Products, "products", []string{}, "Used for RGS Carbide customers to supply a product and version and Hauler will retrieve the images. i.e. '--product rancher=v2.7.6'")
-	f.StringVarP(&o.Platform, "platform", "p", "", "(Optional) Specific platform to save. i.e. linux/amd64. Defaults to all if flag is omitted.")
-	f.StringVarP(&o.Registry, "registry", "r", "", "(Optional) Default pull registry for image refs that are not specifying a registry name.")
-	f.StringVarP(&o.ProductRegistry, "product-registry", "c", "", "(Optional) Specific Product Registry to use. Defaults to RGS Carbide Registry (rgcrprod.azurecr.us).")
-}
-
-func SyncCmd(ctx context.Context, o *SyncOpts, s *store.Layout) error {
+func SyncCmd(ctx context.Context, o *flags.SyncOpts, s *store.Layout) error {
 	l := log.FromContext(ctx)
 
 	// if passed products, check for a remote manifest to retrieve and use.
@@ -70,7 +49,7 @@ func SyncCmd(ctx context.Context, o *SyncOpts, s *store.Layout) error {
 		if err != nil {
 			return err
 		}
-		err = ExtractCmd(ctx, &ExtractOpts{RootOpts: o.RootOpts}, s, fmt.Sprintf("hauler/%s-manifest.yaml:%s", parts[0],tag))
+		err = ExtractCmd(ctx, &flags.ExtractOpts{StoreRootOpts: o.StoreRootOpts}, s, fmt.Sprintf("hauler/%s-manifest.yaml:%s", parts[0], tag))
 		if err != nil {
 			return err
 		}
@@ -102,7 +81,7 @@ func SyncCmd(ctx context.Context, o *SyncOpts, s *store.Layout) error {
 	return nil
 }
 
-func processContent(ctx context.Context, fi *os.File, o *SyncOpts, s *store.Layout) error {
+func processContent(ctx context.Context, fi *os.File, o *flags.SyncOpts, s *store.Layout) error {
 	l := log.FromContext(ctx)
 
 	reader := yaml.NewYAMLReader(bufio.NewReader(fi))
@@ -151,19 +130,19 @@ func processContent(ctx context.Context, fi *os.File, o *SyncOpts, s *store.Layo
 			}
 			a := cfg.GetAnnotations()
 			for _, i := range cfg.Spec.Images {
-	
+
 				// Check if the user provided a registry.  If a registry is provided in the annotation, use it for the images that don't have a registry in their ref name.
-				if a[consts.ImageAnnotationRegistry] != "" || o.Registry != ""{
-					newRef,_ := reference.Parse(i.Name)
-					
+				if a[consts.ImageAnnotationRegistry] != "" || o.Registry != "" {
+					newRef, _ := reference.Parse(i.Name)
+
 					newReg := o.Registry // cli flag
 					// if no cli flag but there was an annotation, use the annotation.
 					if o.Registry == "" && a[consts.ImageAnnotationRegistry] != "" {
 						newReg = a[consts.ImageAnnotationRegistry]
 					}
-					
+
 					if newRef.Context().RegistryStr() == "" {
-						newRef,err = reference.Relocate(i.Name, newReg)
+						newRef, err = reference.Relocate(i.Name, newReg)
 						if err != nil {
 							return err
 						}
@@ -189,7 +168,7 @@ func processContent(ctx context.Context, fi *os.File, o *SyncOpts, s *store.Layo
 						}
 					}
 					l.Debugf("key for image [%s]", key)
-					
+
 					// verify signature using the provided key.
 					err := cosign.VerifySignature(ctx, s, key, i.Name)
 					if err != nil {
@@ -209,7 +188,7 @@ func processContent(ctx context.Context, fi *os.File, o *SyncOpts, s *store.Layo
 				if i.Platform != "" {
 					platform = i.Platform
 				}
-								
+
 				err = storeImage(ctx, s, i, platform)
 				if err != nil {
 					return err

cmd/hauler/cli/version.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/spf13/cobra"
 
-	"github.com/rancherfederal/hauler/internal/version"
+	"hauler.dev/go/hauler/internal/version"
 )
 
 func addVersion(parent *cobra.Command) {

cmd/hauler/main.go

@@ -5,9 +5,9 @@ import (
 	"embed"
 	"os"
 
-	"github.com/rancherfederal/hauler/cmd/hauler/cli"
-	"github.com/rancherfederal/hauler/pkg/cosign"
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/cmd/hauler/cli"
+	"hauler.dev/go/hauler/pkg/cosign"
+	"hauler.dev/go/hauler/pkg/log"
 )
 
 //go:embed binaries/*

go.mod

@@ -1,4 +1,4 @@
-module github.com/rancherfederal/hauler
+module hauler.dev/go/hauler
 
 go 1.21
 
@@ -54,7 +54,7 @@ require (
 	github.com/distribution/reference v0.5.0 // indirect
 	github.com/docker/cli v25.0.1+incompatible // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
-	github.com/docker/docker v25.0.5+incompatible // indirect
+	github.com/docker/docker v25.0.6+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.7.0 // indirect
 	github.com/docker/go-connections v0.5.0 // indirect
 	github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
@@ -144,11 +144,11 @@ require (
 	go.opentelemetry.io/otel/metric v1.19.0 // indirect
 	go.opentelemetry.io/otel/trace v1.19.0 // indirect
 	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
-	golang.org/x/crypto v0.18.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/crypto v0.21.0 // indirect
+	golang.org/x/net v0.23.0 // indirect
 	golang.org/x/oauth2 v0.10.0 // indirect
-	golang.org/x/sys v0.16.0 // indirect
-	golang.org/x/term v0.16.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect

go.sum

@@ -129,8 +129,8 @@ github.com/docker/cli v25.0.1+incompatible h1:mFpqnrS6Hsm3v1k7Wa/BO23oz0k121MTbT
 github.com/docker/cli v25.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE=
-github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v25.0.6+incompatible h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg=
+github.com/docker/docker v25.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
 github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
 github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
@@ -564,8 +564,8 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
-golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
-golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -638,8 +638,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -713,14 +713,14 @@ golang.org/x/sys v0.0.0-20220906165534-d0df966e6959/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
-golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
-golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

install.sh

@@ -13,15 +13,23 @@
 #     - curl -sfL https://get.hauler.dev | HAULER_VERSION=1.0.0 bash
 #     - HAULER_VERSION=1.0.0 ./install.sh
 #
+#   Set Install Directory
+#     - curl -sfL https://get.hauler.dev | HAULER_INSTALL_DIR=/usr/local/bin bash
+#     - HAULER_INSTALL_DIR=/usr/local/bin ./install.sh
+#
+# Debug Usage:
+#   - curl -sfL https://get.hauler.dev | HAULER_DEBUG=true bash
+#   - HAULER_DEBUG=true ./install.sh
+#
 # Uninstall Usage:
 #   - curl -sfL https://get.hauler.dev | HAULER_UNINSTALL=true bash
 #   - HAULER_UNINSTALL=true ./install.sh
 #
 # Documentation:
 #   - https://hauler.dev
-#   - https://github.com/rancherfederal/hauler
+#   - https://github.com/hauler-dev/hauler
 
-# set functions for debugging/logging
+# set functions for logging
 function verbose {
     echo "$1"
 }
@@ -36,60 +44,87 @@ function warn {
 
 function fatal {
     echo && echo "[ERROR] Hauler: $1"
-    exit 0
+    exit 1
 }
 
-# check for required dependencies
-for cmd in sudo rm curl grep mkdir sed awk openssl tar; do
+# debug hauler from argument or environment variable
+if [ "${HAULER_DEBUG}" = "true" ]; then
+    set -x
+fi
+
+# start hauler preflight checks
+info "Starting Preflight Checks..."
+
+# check for required packages and dependencies
+for cmd in echo curl grep sed rm mkdir awk openssl tar install source; do
     if ! command -v "$cmd" &> /dev/null; then
-        fatal "$cmd is not installed"
+        fatal "$cmd is required to install Hauler"
     fi
 done
 
-# set version environment variable
-if [ -z "${HAULER_VERSION}" ]; then
-    version="${HAULER_VERSION:-$(curl -s https://api.github.com/repos/rancherfederal/hauler/releases/latest | grep '"tag_name":' | sed 's/.*"v\([^"]*\)".*/\1/')}"
-else
-    version="${HAULER_VERSION}"
+# set install directory from argument or environment variable
+HAULER_INSTALL_DIR=${HAULER_INSTALL_DIR:-/usr/local/bin}
+
+# ensure install directory exists
+if [ ! -d "${HAULER_INSTALL_DIR}" ]; then
+    mkdir -p "${HAULER_INSTALL_DIR}" || fatal "Failed to Create Install Directory: ${HAULER_INSTALL_DIR}"
 fi
 
-# set uninstall environment variable from argument or environment
+# ensure install directory is writable (by user or root privileges)
+if [ ! -w "${HAULER_INSTALL_DIR}" ]; then
+    if [ "$(id -u)" -ne 0 ]; then
+        fatal "Root privileges are required to install Hauler to Directory: ${HAULER_INSTALL_DIR}"
+    fi
+fi
+
+# uninstall hauler from argument or environment variable
 if [ "${HAULER_UNINSTALL}" = "true" ]; then
     # remove the hauler binary
-    sudo rm -f /usr/local/bin/hauler || fatal "Failed to Remove Hauler from /usr/local/bin"
+    rm -rf "${HAULER_INSTALL_DIR}/hauler" || fatal "Failed to Remove Hauler from ${HAULER_INSTALL_DIR}"
 
-    # remove the installation directory
-    rm -rf "$HOME/.hauler" || fatal "Failed to Remove Directory: $HOME/.hauler"
+    # remove the working directory
+    rm -rf "$HOME/.hauler" || fatal "Failed to Remove Hauler Directory: $HOME/.hauler"
 
-    info "Hauler Uninstalled Successfully"
+    info "Successfully Uninstalled Hauler" && echo
     exit 0
 fi
 
+# set version environment variable
+if [ -z "${HAULER_VERSION}" ]; then
+    # attempt to retrieve the latest version from GitHub
+    HAULER_VERSION=$(curl -sI https://github.com/hauler-dev/hauler/releases/latest | grep -i location | sed -e 's#.*tag/v##' -e 's/^[[:space:]]*//g' -e 's/[[:space:]]*$//g')
+
+    # exit if the version could not be detected
+    if [ -z "${HAULER_VERSION}" ]; then
+        fatal "HAULER_VERSION is unable to be detected and/or retrieved from GitHub. Please set: HAULER_VERSION"
+    fi
+fi
+
 # detect the operating system
-platform=$(uname -s | tr '[:upper:]' '[:lower:]')
-case $platform in
+PLATFORM=$(uname -s | tr '[:upper:]' '[:lower:]')
+case $PLATFORM in
     linux)
-        platform="linux"
+        PLATFORM="linux"
         ;;
     darwin)
-        platform="darwin"
+        PLATFORM="darwin"
         ;;
     *)
-        fatal "Unsupported Platform: $platform"
+        fatal "Unsupported Platform: $PLATFORM"
         ;;
 esac
 
 # detect the architecture
-arch=$(uname -m)
-case $arch in
+ARCH=$(uname -m)
+case $ARCH in
     x86_64 | x86-32 | x64 | x32 | amd64)
-        arch="amd64"
+        ARCH="amd64"
         ;;
     aarch64 | arm64)
-        arch="arm64"
+        ARCH="arm64"
         ;;
     *)
-        fatal "Unsupported Architecture: $arch"
+        fatal "Unsupported Architecture: $ARCH"
         ;;
 esac
 
@@ -97,85 +132,84 @@ esac
 info "Starting Installation..."
 
 # display the version, platform, and architecture
-verbose "- Version: v$version"
-verbose "- Platform: $platform"
-verbose "- Architecture: $arch"
+verbose "- Version: v${HAULER_VERSION}"
+verbose "- Platform: $PLATFORM"
+verbose "- Architecture: $ARCH"
+verbose "- Install Directory: ${HAULER_INSTALL_DIR}"
 
-# check if install directory exists, create it if not
+# check working directory and/or create it
 if [ ! -d "$HOME/.hauler" ]; then
-    mkdir -p "$HOME/.hauler" || fatal "Failed to Create Directory: ~/.hauler"
+    mkdir -p "$HOME/.hauler" || fatal "Failed to Create Directory: $HOME/.hauler"
 fi
 
-# change to install directory
-cd "$HOME/.hauler" || fatal "Failed to Change Directory: ~/.hauler"
+# update permissions of working directory
+chmod -R 777 "$HOME/.hauler" || fatal "Failed to Update Permissions of Directory: $HOME/.hauler"
+
+# change to working directory
+cd "$HOME/.hauler" || fatal "Failed to Change Directory: $HOME/.hauler"
+
+# start hauler artifacts download
+info "Starting Download..."
 
 # download the checksum file
-if ! curl -sfOL "https://github.com/rancherfederal/hauler/releases/download/v${version}/hauler_${version}_checksums.txt"; then
-    fatal "Failed to Download: hauler_${version}_checksums.txt"
+if ! curl -sfOL "https://github.com/hauler-dev/hauler/releases/download/v${HAULER_VERSION}/hauler_${HAULER_VERSION}_checksums.txt"; then
+    fatal "Failed to Download: hauler_${HAULER_VERSION}_checksums.txt"
 fi
 
 # download the archive file
-if ! curl -sfOL "https://github.com/rancherfederal/hauler/releases/download/v${version}/hauler_${version}_${platform}_${arch}.tar.gz"; then
-    fatal "Failed to Download: hauler_${version}_${platform}_${arch}.tar.gz"
+if ! curl -sfOL "https://github.com/hauler-dev/hauler/releases/download/v${HAULER_VERSION}/hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"; then
+    fatal "Failed to Download: hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"
 fi
 
 # start hauler checksum verification
 info "Starting Checksum Verification..."
 
 # verify the Hauler checksum
-expected_checksum=$(awk -v version="$version" -v platform="$platform" -v arch="$arch" '$2 == "hauler_"version"_"platform"_"arch".tar.gz" {print $1}' "hauler_${version}_checksums.txt")
-determined_checksum=$(openssl dgst -sha256 "hauler_${version}_${platform}_${arch}.tar.gz" | awk '{print $2}')
+EXPECTED_CHECKSUM=$(awk -v HAULER_VERSION="${HAULER_VERSION}" -v PLATFORM="${PLATFORM}" -v ARCH="${ARCH}" '$2 == "hauler_"HAULER_VERSION"_"PLATFORM"_"ARCH".tar.gz" {print $1}' "hauler_${HAULER_VERSION}_checksums.txt")
+DETERMINED_CHECKSUM=$(openssl dgst -sha256 "hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz" | awk '{print $2}')
 
-if [ -z "$expected_checksum" ]; then
-    fatal "Failed to Locate Checksum: hauler_${version}_${platform}_${arch}.tar.gz"
-elif [ "$determined_checksum" = "$expected_checksum" ]; then
-    verbose "- Expected Checksum: $expected_checksum"
-    verbose "- Determined Checksum: $determined_checksum"
-    verbose "- Successfully Verified Checksum: hauler_${version}_${platform}_${arch}.tar.gz"
+if [ -z "${EXPECTED_CHECKSUM}" ]; then
+    fatal "Failed to Locate Checksum: hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"
+elif [ "${DETERMINED_CHECKSUM}" = "${EXPECTED_CHECKSUM}" ]; then
+    verbose "- Expected Checksum: ${EXPECTED_CHECKSUM}"
+    verbose "- Determined Checksum: ${DETERMINED_CHECKSUM}"
+    verbose "- Successfully Verified Checksum: hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"
 else
-    verbose "- Expected: $expected_checksum"
-    verbose "- Determined: $determined_checksum"
-    fatal "Failed Checksum Verification: hauler_${version}_${platform}_${arch}.tar.gz"
+    verbose "- Expected: ${EXPECTED_CHECKSUM}"
+    verbose "- Determined: ${DETERMINED_CHECKSUM}"
+    fatal "Failed Checksum Verification: hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"
 fi
 
-# uncompress the archive
-tar -xzf "hauler_${version}_${platform}_${arch}.tar.gz" || fatal "Failed to Extract: hauler_${version}_${platform}_${arch}.tar.gz"
+# uncompress the hauler archive
+tar -xzf "hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz" || fatal "Failed to Extract: hauler_${HAULER_VERSION}_${PLATFORM}_${ARCH}.tar.gz"
 
-# install the binary
-case "$platform" in
-    linux)
-        sudo install -m 755 hauler /usr/local/bin || fatal "Failed to Install Hauler to /usr/local/bin"
-        ;;
-    darwin)
-        sudo install -m 755 hauler /usr/local/bin || fatal "Failed to Install Hauler to /usr/local/bin"
-        ;;
-    *)
-        fatal "Unsupported Platform or Architecture: $platform/$arch"
-        ;;
-esac
+# install the hauler binary
+install -m 755 hauler "${HAULER_INSTALL_DIR}" || fatal "Failed to Install Hauler: ${HAULER_INSTALL_DIR}"
 
 # add hauler to the path
-if [ -f "$HOME/.bashrc" ]; then
-    echo "export PATH=$PATH:/usr/local/bin/" >> "$HOME/.bashrc"
-    source "$HOME/.bashrc"
-elif [ -f "$HOME/.bash_profile" ]; then
-    echo "export PATH=$PATH:/usr/local/bin/" >> "$HOME/.bash_profile"
-    source "$HOME/.bash_profile"
-elif [ -f "$HOME/.zshrc" ]; then
-    echo "export PATH=$PATH:/usr/local/bin/" >> "$HOME/.zshrc"
-    source "$HOME/.zshrc"
-elif [ -f "$HOME/.profile" ]; then
-    echo "export PATH=$PATH:/usr/local/bin/" >> "$HOME/.profile"
-    source "$HOME/.profile"
-else
-    echo "Failed to add /usr/local/bin to PATH: Unsupported Shell"
+if [[ ":$PATH:" != *":${HAULER_INSTALL_DIR}:"* ]]; then
+    if [ -f "$HOME/.bashrc" ]; then
+        echo "export PATH=\$PATH:${HAULER_INSTALL_DIR}" >> "$HOME/.bashrc"
+        source "$HOME/.bashrc"
+    elif [ -f "$HOME/.bash_profile" ]; then
+        echo "export PATH=\$PATH:${HAULER_INSTALL_DIR}" >> "$HOME/.bash_profile"
+        source "$HOME/.bash_profile"
+    elif [ -f "$HOME/.zshrc" ]; then
+        echo "export PATH=\$PATH:${HAULER_INSTALL_DIR}" >> "$HOME/.zshrc"
+        source "$HOME/.zshrc"
+    elif [ -f "$HOME/.profile" ]; then
+        echo "export PATH=\$PATH:${HAULER_INSTALL_DIR}" >> "$HOME/.profile"
+        source "$HOME/.profile"
+    else
+        warn "Failed to add ${HAULER_INSTALL_DIR} to PATH: Unsupported Shell"
+    fi
 fi
 
 # display success message
-info "Successfully Installed at /usr/local/bin/hauler"
+info "Successfully Installed Hauler at ${HAULER_INSTALL_DIR}/hauler"
 
 # display availability message
-verbose "- Hauler v${version} is now available for use!"
+info "Hauler v${HAULER_VERSION} is now available for use!"
 
 # display hauler docs message
 verbose "- Documentation: https://hauler.dev" && echo

internal/flags/add.go

@@ -0,0 +1,49 @@
+package flags
+
+import (
+	"github.com/spf13/cobra"
+	"helm.sh/helm/v3/pkg/action"
+)
+
+type AddImageOpts struct {
+	*StoreRootOpts
+	Name     string
+	Key      string
+	Platform string
+}
+
+func (o *AddImageOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+	f.StringVarP(&o.Key, "key", "k", "", "(Optional) Path to the key for digital signature verification")
+	f.StringVarP(&o.Platform, "platform", "p", "", "(Optional) Specific platform to save. i.e. linux/amd64. Defaults to all if flag is omitted.")
+}
+
+type AddFileOpts struct {
+	*StoreRootOpts
+	Name string
+}
+
+func (o *AddFileOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+	f.StringVarP(&o.Name, "name", "n", "", "(Optional) Name to assign to file in store")
+}
+
+type AddChartOpts struct {
+	*StoreRootOpts
+
+	ChartOpts *action.ChartPathOptions
+}
+
+func (o *AddChartOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringVar(&o.ChartOpts.RepoURL, "repo", "", "chart repository url where to locate the requested chart")
+	f.StringVar(&o.ChartOpts.Version, "version", "", "specify a version constraint for the chart version to use. This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). If this is not specified, the latest version is used")
+	f.BoolVar(&o.ChartOpts.Verify, "verify", false, "verify the package before using it")
+	f.StringVar(&o.ChartOpts.Username, "username", "", "chart repository username where to locate the requested chart")
+	f.StringVar(&o.ChartOpts.Password, "password", "", "chart repository password where to locate the requested chart")
+	f.StringVar(&o.ChartOpts.CertFile, "cert-file", "", "identify HTTPS client using this SSL certificate file")
+	f.StringVar(&o.ChartOpts.KeyFile, "key-file", "", "identify HTTPS client using this SSL key file")
+	f.BoolVar(&o.ChartOpts.InsecureSkipTLSverify, "insecure-skip-tls-verify", false, "skip tls certificate checks for the chart download")
+	f.StringVar(&o.ChartOpts.CaFile, "ca-file", "", "verify certificates of HTTPS-enabled servers using this CA bundle")
+}

internal/flags/cli.go

@@ -0,0 +1,5 @@
+package flags
+
+type CliRootOpts struct {
+	LogLevel string
+}

internal/flags/copy.go

@@ -0,0 +1,21 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type CopyOpts struct {
+	*StoreRootOpts
+
+	Username  string
+	Password  string
+	Insecure  bool
+	PlainHTTP bool
+}
+
+func (o *CopyOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringVarP(&o.Username, "username", "u", "", "Username when copying to an authenticated remote registry")
+	f.StringVarP(&o.Password, "password", "p", "", "Password when copying to an authenticated remote registry")
+	f.BoolVar(&o.Insecure, "insecure", false, "Toggle allowing insecure connections when copying to a remote registry")
+	f.BoolVar(&o.PlainHTTP, "plain-http", false, "Toggle allowing plain http connections when copying to a remote registry")
+}

internal/flags/extract.go

@@ -0,0 +1,14 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type ExtractOpts struct {
+	*StoreRootOpts
+	DestinationDir string
+}
+
+func (o *ExtractOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringVarP(&o.DestinationDir, "output", "o", "", "Directory to save contents to (defaults to current directory)")
+}

internal/flags/info.go

@@ -0,0 +1,22 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type InfoOpts struct {
+	*StoreRootOpts
+
+	OutputFormat string
+	TypeFilter   string
+	SizeUnit     string
+	ListRepos    bool
+}
+
+func (o *InfoOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringVarP(&o.OutputFormat, "output", "o", "table", "Output format (table, json)")
+	f.StringVarP(&o.TypeFilter, "type", "t", "all", "Filter on type (image, chart, file, sigs, atts, sbom)")
+	f.BoolVar(&o.ListRepos, "list-repos", false, "List all repository names")
+
+	// TODO: Regex/globbing
+}

internal/flags/load.go

@@ -0,0 +1,18 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type LoadOpts struct {
+	*StoreRootOpts
+	TempOverride string
+}
+
+func (o *LoadOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	// On Unix systems, the default is $TMPDIR if non-empty, else /tmp.
+	// On Windows, the default is GetTempPath, returning the first non-empty
+	// value from %TMP%, %TEMP%, %USERPROFILE%, or the Windows directory.
+	// On Plan 9, the default is /tmp.
+	f.StringVarP(&o.TempOverride, "tempdir", "t", "", "overrides the default directory for temporary files, as returned by your OS.")
+}

internal/flags/login.go

@@ -0,0 +1,16 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type LoginOpts struct {
+	Username      string
+	Password      string
+	PasswordStdin bool
+}
+
+func (o *LoginOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+	f.StringVarP(&o.Username, "username", "u", "", "Username to use for authentication")
+	f.StringVarP(&o.Password, "password", "p", "", "Password to use for authentication")
+	f.BoolVar(&o.PasswordStdin, "password-stdin", false, "Password to use for authentication (from stdin)")
+}

internal/flags/save.go

@@ -0,0 +1,14 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type SaveOpts struct {
+	*StoreRootOpts
+	FileName string
+}
+
+func (o *SaveOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringVarP(&o.FileName, "filename", "f", "haul.tar.zst", "Name of archive")
+}

internal/flags/serve.go

@@ -0,0 +1,87 @@
+package flags
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/distribution/distribution/v3/configuration"
+	"github.com/spf13/cobra"
+)
+
+type ServeRegistryOpts struct {
+	*StoreRootOpts
+
+	Port       int
+	RootDir    string
+	ConfigFile string
+	ReadOnly   bool
+
+	TLSCert string
+	TLSKey  string
+}
+
+func (o *ServeRegistryOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.IntVarP(&o.Port, "port", "p", 5000, "Port used to accept incoming connections")
+	f.StringVar(&o.RootDir, "directory", "registry", "Directory to use for backend. Defaults to $PWD/registry")
+	f.StringVarP(&o.ConfigFile, "config", "c", "", "Path to config file, overrides all other flags")
+	f.BoolVar(&o.ReadOnly, "readonly", true, "Run the registry as readonly")
+
+	f.StringVar(&o.TLSCert, "tls-cert", "", "Location of the TLS Certificate")
+	f.StringVar(&o.TLSKey, "tls-key", "", "Location of the TLS Key")
+
+	cmd.MarkFlagsRequiredTogether("tls-cert", "tls-key")
+}
+
+func (o *ServeRegistryOpts) DefaultRegistryConfig() *configuration.Configuration {
+	cfg := &configuration.Configuration{
+		Version: "0.1",
+		Storage: configuration.Storage{
+			"cache":      configuration.Parameters{"blobdescriptor": "inmemory"},
+			"filesystem": configuration.Parameters{"rootdirectory": o.RootDir},
+			"maintenance": configuration.Parameters{
+				"readonly": map[any]any{"enabled": o.ReadOnly},
+			},
+		},
+	}
+
+	if o.TLSCert != "" && o.TLSKey != "" {
+		cfg.HTTP.TLS.Certificate = o.TLSCert
+		cfg.HTTP.TLS.Key = o.TLSKey
+	}
+
+	cfg.HTTP.Addr = fmt.Sprintf(":%d", o.Port)
+	cfg.HTTP.Headers = http.Header{
+		"X-Content-Type-Options": []string{"nosniff"},
+	}
+
+	cfg.Log.Level = "info"
+	cfg.Validation.Manifests.URLs.Allow = []string{".+"}
+
+	return cfg
+}
+
+type ServeFilesOpts struct {
+	*StoreRootOpts
+
+	Port    int
+	Timeout int
+	RootDir string
+
+	TLSCert string
+	TLSKey  string
+}
+
+func (o *ServeFilesOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.IntVarP(&o.Port, "port", "p", 8080, "Port used to accept incoming connections")
+	f.IntVarP(&o.Timeout, "timeout", "t", 60, "Timeout duration for HTTP Requests in seconds for both reads/writes")
+	f.StringVar(&o.RootDir, "directory", "fileserver", "Directory to use for backend. Defaults to $PWD/fileserver")
+
+	f.StringVar(&o.TLSCert, "tls-cert", "", "Location of the TLS Certificate")
+	f.StringVar(&o.TLSKey, "tls-key", "", "Location of the TLS Key")
+
+	cmd.MarkFlagsRequiredTogether("tls-cert", "tls-key")
+}

internal/flags/store.go

@@ -1,4 +1,4 @@
-package store
+package flags
 
 import (
 	"context"
@@ -6,28 +6,24 @@ import (
 	"os"
 	"path/filepath"
 
-	"github.com/rancherfederal/hauler/pkg/store"
 	"github.com/spf13/cobra"
-
-	"github.com/rancherfederal/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
-const (
-	DefaultStoreName = "store"
-)
-
-type RootOpts struct {
+type StoreRootOpts struct {
 	StoreDir string
 	CacheDir string
 }
 
-func (o *RootOpts) AddArgs(cmd *cobra.Command) {
+func (o *StoreRootOpts) AddFlags(cmd *cobra.Command) {
 	pf := cmd.PersistentFlags()
-	pf.StringVarP(&o.StoreDir, "store", "s", DefaultStoreName, "Location to create store at")
+	pf.StringVarP(&o.StoreDir, "store", "s", consts.DefaultStoreName, "Location to create store at")
 	pf.StringVar(&o.CacheDir, "cache", "", "(deprecated flag and currently not used)")
 }
 
-func (o *RootOpts) Store(ctx context.Context) (*store.Layout, error) {
+func (o *StoreRootOpts) Store(ctx context.Context) (*store.Layout, error) {
 	l := log.FromContext(ctx)
 	dir := o.StoreDir
 

internal/flags/sync.go

@@ -0,0 +1,24 @@
+package flags
+
+import "github.com/spf13/cobra"
+
+type SyncOpts struct {
+	*StoreRootOpts
+	ContentFiles    []string
+	Key             string
+	Products        []string
+	Platform        string
+	Registry        string
+	ProductRegistry string
+}
+
+func (o *SyncOpts) AddFlags(cmd *cobra.Command) {
+	f := cmd.Flags()
+
+	f.StringSliceVarP(&o.ContentFiles, "files", "f", []string{}, "Path(s) to local content files (Manifests). i.e. '--files ./rke2-files.yml")
+	f.StringVarP(&o.Key, "key", "k", "", "(Optional) Path to the key for signature verification")
+	f.StringSliceVar(&o.Products, "products", []string{}, "(Optional) Feature for RGS Carbide customers to fetch collections and content from the Carbide Registry. i.e. '--product rancher=v2.8.5,rke2=v1.28.11+rke2r1'")
+	f.StringVarP(&o.Platform, "platform", "p", "", "(Optional) Specific platform to save. i.e. linux/amd64. Defaults to all if flag is omitted.")
+	f.StringVarP(&o.Registry, "registry", "r", "", "(Optional) Default pull registry for image refs that are not specifying a registry name.")
+	f.StringVarP(&o.ProductRegistry, "product-registry", "c", "", "(Optional) Specific Product Registry to use. Defaults to RGS Carbide Registry (rgcrprod.azurecr.us).")
+}

internal/mapper/filestore.go

@@ -2,7 +2,7 @@ package mapper
 
 import (
 	"context"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"strings"
@@ -15,7 +15,8 @@ import (
 )
 
 // NewMapperFileStore creates a new file store that uses mapper functions for each detected descriptor.
-// 		This extends content.File, and differs in that it allows much more functionality into how each descriptor is written.
+//
+//	This extends content.File, and differs in that it allows much more functionality into how each descriptor is written.
 func NewMapperFileStore(root string, mapper map[string]Fn) *store {
 	fs := content.NewFile(root)
 	return &store{
@@ -58,7 +59,7 @@ func (s *pusher) Push(ctx context.Context, desc ocispec.Descriptor) (ccontent.Wr
 
 	// If no custom mapper found, fall back to content.File mapper
 	if _, ok := s.mapper[desc.MediaType]; !ok {
-		return content.NewIoContentWriter(ioutil.Discard, content.WithOutputHash(desc.Digest)), nil
+		return content.NewIoContentWriter(io.Discard, content.WithOutputHash(desc.Digest)), nil
 	}
 
 	filename, err := s.mapper[desc.MediaType](desc)

internal/mapper/mappers.go

@@ -6,7 +6,7 @@ import (
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"oras.land/oras-go/pkg/target"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 type Fn func(desc ocispec.Descriptor) (string, error)

internal/server/file.go

@@ -9,32 +9,31 @@ import (
 
 	"github.com/gorilla/handlers"
 	"github.com/gorilla/mux"
+	"hauler.dev/go/hauler/internal/flags"
 )
 
-type FileConfig struct {
-	Root string
-	Host string
-	Port int
-}
-
 // NewFile returns a fileserver
 // TODO: Better configs
-func NewFile(ctx context.Context, cfg FileConfig) (Server, error) {
+func NewFile(ctx context.Context, cfg flags.ServeFilesOpts) (Server, error) {
 	r := mux.NewRouter()
-	r.PathPrefix("/").Handler(handlers.LoggingHandler(os.Stdout, http.StripPrefix("/", http.FileServer(http.Dir(cfg.Root)))))
-	if cfg.Root == "" {
-		cfg.Root = "."
+	r.PathPrefix("/").Handler(handlers.LoggingHandler(os.Stdout, http.StripPrefix("/", http.FileServer(http.Dir(cfg.RootDir)))))
+	if cfg.RootDir == "" {
+		cfg.RootDir = "."
 	}
 
 	if cfg.Port == 0 {
 		cfg.Port = 8080
 	}
 
+	if cfg.Timeout == 0 {
+		cfg.Timeout = 60
+	}
+
 	srv := &http.Server{
 		Handler:      r,
 		Addr:         fmt.Sprintf(":%d", cfg.Port),
-		WriteTimeout: 15 * time.Second,
-		ReadTimeout:  15 * time.Second,
+		WriteTimeout: time.Duration(cfg.Timeout) * time.Second,
+		ReadTimeout:  time.Duration(cfg.Timeout) * time.Second,
 	}
 
 	return srv, nil

internal/server/registry.go

@@ -47,7 +47,7 @@ func NewTempRegistry(ctx context.Context, root string) *tmpRegistryServer {
 	}
 	// Add validation configuration
 	cfg.Validation.Manifests.URLs.Allow = []string{".+"}
-	
+
 	cfg.Log.Level = "error"
 	cfg.HTTP.Headers = http.Header{
 		"X-Content-Type-Options": []string{"nosniff"},

internal/server/server.go

@@ -2,4 +2,5 @@ package server
 
 type Server interface {
 	ListenAndServe() error
+	ListenAndServeTLS(string, string) error
 }

internal/version/version.go

@@ -226,4 +226,4 @@ func (i *Info) CheckFontName(fontName string) bool {
 
 	fmt.Fprintln(os.Stderr, "font not valid, using default")
 	return false
-}
+}

pkg/apis/hauler.cattle.io/v1alpha1/image.go

@@ -20,7 +20,7 @@ type ImageSpec struct {
 type Image struct {
 	// Name is the full location for the image, can be referenced by tags or digests
 	Name string `json:"name"`
-	
+
 	// Path is the path to the cosign public key used for verifying image signatures
 	//Key string `json:"key,omitempty"`
 	Key string `json:"key"`

pkg/apis/hauler.cattle.io/v1alpha1/k3s.go

@@ -1,6 +1,8 @@
 package v1alpha1
 
-import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
 
 const K3sCollectionKind = "K3s"
 

pkg/artifacts/config.go

@@ -8,7 +8,7 @@ import (
 	"github.com/google/go-containerregistry/pkg/v1/partial"
 	"github.com/google/go-containerregistry/pkg/v1/types"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 var _ partial.Describable = (*marshallableConfig)(nil)

pkg/artifacts/file/file.go

@@ -7,9 +7,9 @@ import (
 	"github.com/google/go-containerregistry/pkg/v1/partial"
 	gtypes "github.com/google/go-containerregistry/pkg/v1/types"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 // interface guard

pkg/artifacts/file/file_test.go

@@ -13,9 +13,9 @@ import (
 
 	"github.com/spf13/afero"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts/file"
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts/file"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 var (

pkg/artifacts/file/getter/directory.go

@@ -13,8 +13,8 @@ import (
 	"github.com/opencontainers/go-digest"
 	"github.com/pkg/errors"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 type directory struct {

pkg/artifacts/file/getter/file.go

@@ -7,8 +7,8 @@ import (
 	"os"
 	"path/filepath"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 type File struct{}

pkg/artifacts/file/getter/getter.go

@@ -11,9 +11,9 @@ import (
 	"github.com/pkg/errors"
 	"oras.land/oras-go/pkg/content"
 
-	content2 "github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
-	"github.com/rancherfederal/hauler/pkg/layer"
+	content2 "hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/layer"
 )
 
 type Client struct {

pkg/artifacts/file/getter/getter_test.go

@@ -6,7 +6,7 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
 )
 
 func TestClient_Detect(t *testing.T) {

pkg/artifacts/file/getter/https.go

@@ -9,8 +9,8 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 type Http struct{}

pkg/artifacts/file/options.go

@@ -1,8 +1,8 @@
 package file
 
 import (
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
 )
 
 type Option func(*File)

pkg/artifacts/image/image.go

@@ -7,7 +7,7 @@ import (
 	gv1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts"
 )
 
 var _ artifacts.OCI = (*Image)(nil)
@@ -54,27 +54,27 @@ func NewImage(name string, opts ...remote.Option) (*Image, error) {
 }
 
 func IsMultiArchImage(name string, opts ...remote.Option) (bool, error) {
-    ref, err := gname.ParseReference(name)
-    if err != nil {
-        return false, fmt.Errorf("parsing reference %q: %v", name, err)
-    }
+	ref, err := gname.ParseReference(name)
+	if err != nil {
+		return false, fmt.Errorf("parsing reference %q: %v", name, err)
+	}
 
 	defaultOpts := []remote.Option{
 		remote.WithAuthFromKeychain(authn.DefaultKeychain),
 	}
 	opts = append(opts, defaultOpts...)
 
-    desc, err := remote.Get(ref, opts...)
-    if err != nil {
-        return false, fmt.Errorf("getting image %q: %v", name, err)
-    }
+	desc, err := remote.Get(ref, opts...)
+	if err != nil {
+		return false, fmt.Errorf("getting image %q: %v", name, err)
+	}
 
-    _, err = desc.ImageIndex()
-    if err != nil {
-        // If the descriptor could not be converted to an image index, it's not a multi-arch image
-        return false, nil
-    }
+	_, err = desc.ImageIndex()
+	if err != nil {
+		// If the descriptor could not be converted to an image index, it's not a multi-arch image
+		return false, nil
+	}
 
-    // If the descriptor could be converted to an image index, it's a multi-arch image
-    return true, nil
-}
+	// If the descriptor could be converted to an image index, it's a multi-arch image
+	return true, nil
+}

pkg/artifacts/memory/memory.go

@@ -6,8 +6,8 @@ import (
 	"github.com/google/go-containerregistry/pkg/v1/static"
 	"github.com/google/go-containerregistry/pkg/v1/types"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 var _ artifacts.OCI = (*Memory)(nil)

pkg/artifacts/memory/memory_test.go

@@ -7,7 +7,7 @@ import (
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/opencontainers/go-digest"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts/memory"
+	"hauler.dev/go/hauler/pkg/artifacts/memory"
 )
 
 func TestMemory_Layers(t *testing.T) {

pkg/artifacts/memory/options.go

@@ -1,6 +1,6 @@
 package memory
 
-import "github.com/rancherfederal/hauler/pkg/artifacts"
+import "hauler.dev/go/hauler/pkg/artifacts"
 
 type Option func(*Memory)
 

pkg/artifacts/ocis.go

@@ -3,8 +3,9 @@ package artifacts
 import "github.com/google/go-containerregistry/pkg/v1"
 
 // OCI is the bare minimum we need to represent an artifact in an oci layout
-//  At a high level, it is not constrained by an Image's config, manifests, and layer ordinality
-//  This specific implementation fully encapsulates v1.Layer's within a more generic form
+//
+//	At a high level, it is not constrained by an Image's config, manifests, and layer ordinality
+//	This specific implementation fully encapsulates v1.Layer's within a more generic form
 type OCI interface {
 	MediaType() string
 

pkg/collection/chart/chart.go

@@ -1,13 +1,13 @@
 package chart
 
 import (
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/image"
 	"helm.sh/helm/v3/pkg/action"
 
-	"github.com/rancherfederal/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
-	"github.com/rancherfederal/hauler/pkg/content/chart"
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/image"
+	"hauler.dev/go/hauler/pkg/content/chart"
+	"hauler.dev/go/hauler/pkg/reference"
 )
 
 var _ artifacts.OCICollection = (*tchart)(nil)

pkg/collection/chart/dependents.go

@@ -15,7 +15,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/yaml"
 	"k8s.io/client-go/util/jsonpath"
 
-	"github.com/rancherfederal/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
+	"hauler.dev/go/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
 )
 
 var defaultKnownImagePaths = []string{

pkg/collection/imagetxt/imagetxt.go

@@ -9,12 +9,12 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/rancherfederal/hauler/pkg/log"
-
 	"github.com/google/go-containerregistry/pkg/name"
-	artifact "github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
-	"github.com/rancherfederal/hauler/pkg/artifacts/image"
+
+	artifact "hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/artifacts/image"
+	"hauler.dev/go/hauler/pkg/log"
 )
 
 type ImageTxt struct {

pkg/collection/imagetxt/imagetxt_test.go

@@ -8,8 +8,8 @@ import (
 	"os"
 	"testing"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/image"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/image"
 )
 
 var (

pkg/collection/k3s/k3s.go

@@ -10,14 +10,11 @@ import (
 	"path"
 	"strings"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/artifacts/image"
-
-	"github.com/rancherfederal/hauler/pkg/artifacts/file"
-
-	"github.com/rancherfederal/hauler/pkg/artifacts/file/getter"
-
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts/file"
+	"hauler.dev/go/hauler/pkg/artifacts/file/getter"
+	"hauler.dev/go/hauler/pkg/artifacts/image"
+	"hauler.dev/go/hauler/pkg/reference"
 )
 
 var _ artifacts.OCICollection = (*k3s)(nil)

pkg/consts/consts.go

@@ -50,8 +50,10 @@ const (
 	KindAnnotationName = "kind"
 	KindAnnotation     = "dev.cosignproject.cosign/image"
 
-	CarbideRegistry = "rgcrprod.azurecr.us"
-	ImageAnnotationKey = "hauler.dev/key"
+	CarbideRegistry         = "rgcrprod.azurecr.us"
+	ImageAnnotationKey      = "hauler.dev/key"
 	ImageAnnotationPlatform = "hauler.dev/platform"
 	ImageAnnotationRegistry = "hauler.dev/registry"
+
+	DefaultStoreName = "store"
 )

pkg/content/chart/chart.go

@@ -5,8 +5,10 @@ import (
 	"bytes"
 	"compress/gzip"
 	"encoding/json"
+	"fmt"
 	"io"
 	"io/fs"
+	"net/url"
 	"os"
 	"path/filepath"
 
@@ -14,18 +16,22 @@ import (
 	"github.com/google/go-containerregistry/pkg/v1/partial"
 	gtypes "github.com/google/go-containerregistry/pkg/v1/types"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
-	"github.com/rancherfederal/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/log"
 	"helm.sh/helm/v3/pkg/action"
 	"helm.sh/helm/v3/pkg/chart"
 	"helm.sh/helm/v3/pkg/chart/loader"
 	"helm.sh/helm/v3/pkg/cli"
+	"helm.sh/helm/v3/pkg/registry"
 
-	"github.com/rancherfederal/hauler/pkg/layer"
-
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/layer"
 )
 
-var _ artifacts.OCI = (*Chart)(nil)
+var (
+	_        artifacts.OCI = (*Chart)(nil)
+	settings               = cli.New()
+)
 
 // Chart implements the  OCI interface for Chart API objects. API spec values are
 // stored into the Repo, Name, and Version fields.
@@ -36,22 +42,31 @@ type Chart struct {
 
 // NewChart is a helper method that returns NewLocalChart or NewRemoteChart depending on v1alpha1.Chart contents
 func NewChart(name string, opts *action.ChartPathOptions) (*Chart, error) {
-	cpo := action.ChartPathOptions{
-		RepoURL: opts.RepoURL,
-		Version: opts.Version,
-
-		CaFile:                opts.CaFile,
-		CertFile:              opts.CertFile,
-		KeyFile:               opts.KeyFile,
-		InsecureSkipTLSverify: opts.InsecureSkipTLSverify,
-		Keyring:               opts.Keyring,
-		Password:              opts.Password,
-		PassCredentialsAll:    opts.PassCredentialsAll,
-		Username:              opts.Username,
-		Verify:                opts.Verify,
+	chartRef := name
+	actionConfig := new(action.Configuration)
+	if err := actionConfig.Init(settings.RESTClientGetter(), settings.Namespace(), os.Getenv("HELM_DRIVER"), log.NewLogger(os.Stdout).Debugf); err != nil {
+		return nil, err
 	}
 
-	chartPath, err := cpo.LocateChart(name, cli.New())
+	client := action.NewInstall(actionConfig)
+	client.ChartPathOptions.Version = opts.Version
+
+	registryClient, err := newRegistryClient(client.CertFile, client.KeyFile, client.CaFile,
+		client.InsecureSkipTLSverify, client.PlainHTTP)
+	if err != nil {
+		return nil, fmt.Errorf("missing registry client: %w", err)
+	}
+
+	client.SetRegistryClient(registryClient)
+	if registry.IsOCI(opts.RepoURL) {
+		chartRef = opts.RepoURL + "/" + name
+	} else if isUrl(opts.RepoURL) { // OCI Protocol registers as a valid URL
+		client.ChartPathOptions.RepoURL = opts.RepoURL
+	} else { // Handles cases like grafana/loki
+		chartRef = opts.RepoURL + "/" + name
+	}
+
+	chartPath, err := client.ChartPathOptions.LocateChart(chartRef, settings)
 	if err != nil {
 		return nil, err
 	}
@@ -217,3 +232,52 @@ func (h *Chart) chartData() (gv1.Layer, error) {
 
 	return chartDataLayer, err
 }
+func isUrl(name string) bool {
+	_, err := url.ParseRequestURI(name)
+	return err == nil
+}
+
+func newRegistryClient(certFile, keyFile, caFile string, insecureSkipTLSverify, plainHTTP bool) (*registry.Client, error) {
+	if certFile != "" && keyFile != "" || caFile != "" || insecureSkipTLSverify {
+		registryClient, err := newRegistryClientWithTLS(certFile, keyFile, caFile, insecureSkipTLSverify)
+		if err != nil {
+			return nil, err
+		}
+		return registryClient, nil
+	}
+	registryClient, err := newDefaultRegistryClient(plainHTTP)
+	if err != nil {
+		return nil, err
+	}
+	return registryClient, nil
+}
+
+func newDefaultRegistryClient(plainHTTP bool) (*registry.Client, error) {
+	opts := []registry.ClientOption{
+		registry.ClientOptDebug(settings.Debug),
+		registry.ClientOptEnableCache(true),
+		registry.ClientOptWriter(os.Stderr),
+		registry.ClientOptCredentialsFile(settings.RegistryConfig),
+	}
+	if plainHTTP {
+		opts = append(opts, registry.ClientOptPlainHTTP())
+	}
+
+	// Create a new registry client
+	registryClient, err := registry.NewClient(opts...)
+	if err != nil {
+		return nil, err
+	}
+	return registryClient, nil
+}
+
+func newRegistryClientWithTLS(certFile, keyFile, caFile string, insecureSkipTLSverify bool) (*registry.Client, error) {
+	// Create a new registry client
+	registryClient, err := registry.NewRegistryClientWithTLS(os.Stderr, certFile, keyFile, caFile, insecureSkipTLSverify,
+		settings.RegistryConfig, settings.Debug,
+	)
+	if err != nil {
+		return nil, err
+	}
+	return registryClient, nil
+}

pkg/content/chart/chart_test.go

@@ -6,17 +6,11 @@ import (
 	"testing"
 
 	v1 "github.com/google/go-containerregistry/pkg/v1"
-	"github.com/mholt/archiver/v3"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"helm.sh/helm/v3/pkg/action"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
-
-	"github.com/rancherfederal/hauler/pkg/content/chart"
-)
-
-var (
-	chartpath = "../../../testdata/podinfo-6.0.3.tgz"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/content/chart"
 )
 
 func TestNewChart(t *testing.T) {
@@ -26,10 +20,6 @@ func TestNewChart(t *testing.T) {
 	}
 	defer os.RemoveAll(tmpdir)
 
-	if err := archiver.Unarchive(chartpath, tmpdir); err != nil {
-		t.Fatal(err)
-	}
-
 	type args struct {
 		name string
 		opts *action.ChartPathOptions
@@ -43,18 +33,18 @@ func TestNewChart(t *testing.T) {
 		{
 			name: "should create from a chart archive",
 			args: args{
-				name: chartpath,
-				opts: &action.ChartPathOptions{},
+				name: "rancher-cluster-templates-0.5.2.tgz",
+				opts: &action.ChartPathOptions{RepoURL: "../../../testdata"},
 			},
 			want: v1.Descriptor{
 				MediaType: consts.ChartLayerMediaType,
-				Size:      13524,
+				Size:      14970,
 				Digest: v1.Hash{
 					Algorithm: "sha256",
-					Hex:       "e30b95a08787de69ffdad3c232d65cfb131b5b50c6fd44295f48a078fceaa44e",
+					Hex:       "0905de044a6e57cf3cd27bfc8482753049920050b10347ae2315599bd982a0e3",
 				},
 				Annotations: map[string]string{
-					ocispec.AnnotationTitle: "podinfo-6.0.3.tgz",
+					ocispec.AnnotationTitle: "rancher-cluster-templates-0.5.2.tgz",
 				},
 			},
 			wantErr: false,
@@ -72,18 +62,18 @@ func TestNewChart(t *testing.T) {
 			// TODO: Use a mock helm server
 			name: "should fetch a remote chart",
 			args: args{
-				name: "ingress-nginx",
-				opts: &action.ChartPathOptions{RepoURL: "https://kubernetes.github.io/ingress-nginx", Version: "4.0.16"},
+				name: "cert-manager",
+				opts: &action.ChartPathOptions{RepoURL: "https://charts.jetstack.io", Version: "1.15.3"},
 			},
 			want: v1.Descriptor{
 				MediaType: consts.ChartLayerMediaType,
-				Size:      38591,
+				Size:      94751,
 				Digest: v1.Hash{
 					Algorithm: "sha256",
-					Hex:       "b0ea91f7febc6708ad9971871d2de6e8feb2072110c3add6dd7082d90753caa2",
+					Hex:       "016e68d9f7083d2c4fd302f951ee6490dbf4cb1ef44cfc06914c39cbfb01d858",
 				},
 				Annotations: map[string]string{
-					ocispec.AnnotationTitle: "ingress-nginx-4.0.16.tgz",
+					ocispec.AnnotationTitle: "cert-manager-v1.15.3.tgz",
 				},
 			},
 			wantErr: false,

pkg/content/content.go

@@ -7,7 +7,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/yaml"
 
-	"github.com/rancherfederal/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
+	"hauler.dev/go/hauler/pkg/apis/hauler.cattle.io/v1alpha1"
 )
 
 func Load(data []byte) (schema.ObjectKind, error) {

pkg/content/oci.go

@@ -4,8 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/google/go-containerregistry/pkg/name"
 	"io"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"sort"
@@ -19,7 +19,8 @@ import (
 	"oras.land/oras-go/pkg/content"
 	"oras.land/oras-go/pkg/target"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/reference"
 )
 
 var _ target.Target = (*OCI)(nil)
@@ -45,8 +46,20 @@ func (o *OCI) AddIndex(desc ocispec.Descriptor) error {
 	if _, ok := desc.Annotations[ocispec.AnnotationRefName]; !ok {
 		return fmt.Errorf("descriptor must contain a reference from the annotation: %s", ocispec.AnnotationRefName)
 	}
-	key := fmt.Sprintf("%s-%s-%s", desc.Digest.String(), desc.Annotations[ocispec.AnnotationRefName], desc.Annotations[consts.KindAnnotationName])
-	o.nameMap.Store(key, desc)
+
+	key, err := reference.Parse(desc.Annotations[ocispec.AnnotationRefName])
+	if err != nil {
+		return err
+	}
+
+	if strings.TrimSpace(key.String()) != "--" {
+		switch key.(type) {
+		case name.Digest:
+			o.nameMap.Store(fmt.Sprintf("%s-%s", key.Context().String(), desc.Annotations[consts.KindAnnotationName]), desc)
+		case name.Tag:
+			o.nameMap.Store(fmt.Sprintf("%s-%s", key.String(), desc.Annotations[consts.KindAnnotationName]), desc)
+		}
+	}
 	return o.SaveIndex()
 }
 
@@ -72,11 +85,21 @@ func (o *OCI) LoadIndex() error {
 	}
 
 	for _, desc := range o.index.Manifests {
-		key := fmt.Sprintf("%s-%s-%s", desc.Digest.String(), desc.Annotations[ocispec.AnnotationRefName], desc.Annotations[consts.KindAnnotationName])
-		if strings.TrimSpace(key) != "--" {
-			o.nameMap.Store(key, desc)
+		key, err := reference.Parse(desc.Annotations[ocispec.AnnotationRefName])
+		if err != nil {
+			return err
+		}
+
+		if strings.TrimSpace(key.String()) != "--" {
+			switch key.(type) {
+			case name.Digest:
+				o.nameMap.Store(fmt.Sprintf("%s-%s", key.Context().String(), desc.Annotations[consts.KindAnnotationName]), desc)
+			case name.Tag:
+				o.nameMap.Store(fmt.Sprintf("%s-%s", key.String(), desc.Annotations[consts.KindAnnotationName]), desc)
+			}
 		}
 	}
+
 	return nil
 }
 
@@ -180,9 +203,11 @@ func (o *OCI) Pusher(ctx context.Context, ref string) (remotes.Pusher, error) {
 	var baseRef, hash string
 	parts := strings.SplitN(ref, "@", 2)
 	baseRef = parts[0]
+
 	if len(parts) > 1 {
 		hash = parts[1]
 	}
+
 	return &ociPusher{
 		oci:    o,
 		ref:    baseRef,
@@ -275,7 +300,7 @@ func (p *ociPusher) Push(ctx context.Context, d ocispec.Descriptor) (ccontent.Wr
 
 	if _, err := os.Stat(blobPath); err == nil {
 		// file already exists, discard (but validate digest)
-		return content.NewIoContentWriter(ioutil.Discard, content.WithOutputHash(d.Digest)), nil
+		return content.NewIoContentWriter(io.Discard, content.WithOutputHash(d.Digest)), nil
 	}
 
 	f, err := os.Create(blobPath)

pkg/cosign/cosign.go

@@ -13,10 +13,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts/image"
-	"github.com/rancherfederal/hauler/pkg/log"
-	"github.com/rancherfederal/hauler/pkg/store"
 	"oras.land/oras-go/pkg/content"
+
+	"hauler.dev/go/hauler/pkg/artifacts/image"
+	"hauler.dev/go/hauler/pkg/log"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
 const maxRetries = 3
@@ -276,4 +277,4 @@ func getCosignPath() (string, error) {
 	binaryPath := filepath.Join(haulerDir, binaryName)
 
 	return binaryPath, nil
-}
+}

pkg/layer/cache.go

@@ -7,7 +7,7 @@ import (
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/types"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/artifacts"
 )
 
 /*

pkg/layer/layer.go

@@ -6,7 +6,7 @@ import (
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	gtypes "github.com/google/go-containerregistry/pkg/v1/types"
 
-	"github.com/rancherfederal/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/consts"
 )
 
 type Opener func() (io.ReadCloser, error)

pkg/log/log.go

@@ -30,13 +30,13 @@ type Fields map[string]string
 
 // NewLogger returns a new Logger
 func NewLogger(out io.Writer) Logger {
-    customTimeFormat := "2006-01-02 15:04:05"
-    zerolog.TimeFieldFormat = customTimeFormat
-    output := zerolog.ConsoleWriter{Out: os.Stdout, TimeFormat: customTimeFormat}
-    l := log.Output(output)
-    return &logger{
-        zl: l.With().Timestamp().Logger(),
-    }
+	customTimeFormat := "2006-01-02 15:04:05"
+	zerolog.TimeFieldFormat = customTimeFormat
+	output := zerolog.ConsoleWriter{Out: os.Stdout, TimeFormat: customTimeFormat}
+	l := log.Output(output)
+	return &logger{
+		zl: l.With().Timestamp().Logger(),
+	}
 }
 
 // FromContext returns a Logger from a context if it exists

pkg/reference/reference.go

@@ -1,7 +1,7 @@
 // Package reference provides general types to represent oci content within a registry or local oci layout
 // Grammar (stolen mostly from containerd's grammar)
 //
-// 	reference :=
+//	reference :=
 package reference
 
 import (

pkg/reference/reference_test.go

@@ -4,7 +4,7 @@ import (
 	"reflect"
 	"testing"
 
-	"github.com/rancherfederal/hauler/pkg/reference"
+	"hauler.dev/go/hauler/pkg/reference"
 )
 
 func TestParse(t *testing.T) {

pkg/store/store.go

@@ -15,10 +15,10 @@ import (
 	"oras.land/oras-go/pkg/oras"
 	"oras.land/oras-go/pkg/target"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/consts"
-	"github.com/rancherfederal/hauler/pkg/content"
-	"github.com/rancherfederal/hauler/pkg/layer"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/consts"
+	"hauler.dev/go/hauler/pkg/content"
+	"hauler.dev/go/hauler/pkg/layer"
 )
 
 type Layout struct {

pkg/store/store_test.go

@@ -8,8 +8,8 @@ import (
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/random"
 
-	"github.com/rancherfederal/hauler/pkg/artifacts"
-	"github.com/rancherfederal/hauler/pkg/store"
+	"hauler.dev/go/hauler/pkg/artifacts"
+	"hauler.dev/go/hauler/pkg/store"
 )
 
 var (

static/CNAME

@@ -0,0 +1 @@
+hauler.dev

static/go/hauler/index.html

@@ -0,0 +1,9 @@
+<html>
+<head>
+    <meta name="go-import" content="hauler.dev/go/hauler git https://github.com/hauler-dev/hauler">
+    <meta http-equiv="refresh" content="0;URL='https://github.com/hauler-dev/hauler'">
+</head>
+<body>
+Redirecting to the <a href="https://github.com/hauler-dev/hauler">hauler source</a>.
+</body>
+</html>

static/index.html

@@ -0,0 +1,9 @@
+<html>
+<head>
+    <meta name="go-import" content="hauler.dev/go/hauler git https://github.com/hauler-dev/hauler">
+    <meta http-equiv="refresh" content="0;URL='https://docs.hauler.dev/docs/intro'">
+</head>
+<body>
+Redirecting you to the <a href="https://docs.hauler.dev/docs/intro">hauler docs</a>
+</body>
+</html>

testdata/certificate-script.sh

@@ -0,0 +1,179 @@
+#!/bin/bash
+
+set -e
+
+# setup directories
+mkdir -p testdata/certs
+cd testdata/certs
+
+echo "<!-----------------------------------!>"
+echo "<! Certificate Authority Certificate !>"
+echo "<!-----------------------------------!>"
+
+echo "Generating certificate authority private key..."
+openssl genrsa -out root-ca.key 4096
+
+echo "Generating certificate authority configuration file..."
+cat <<EOF > root-ca.cnf
+[ req ]
+default_bits       = 4096
+default_keyfile    = root-ca.key
+distinguished_name = req_distinguished_name
+req_extensions     = v3_ca
+prompt             = no
+
+[ req_distinguished_name ]
+C  = US
+ST = VIRGINIA
+L  = RESTON
+O  = HAULER
+OU = HAULER DEV
+CN = CERTIFICATE AUTHORITY CERTIFICATE
+
+[v3_ca]
+keyUsage = critical, keyCertSign, cRLSign
+extendedKeyUsage = anyExtendedKeyUsage
+basicConstraints = critical, CA:TRUE
+EOF
+
+echo "Generating certificate authority certificate signing request..."
+openssl req -new -sha256 -key root-ca.key -out root-ca.csr -config root-ca.cnf
+
+echo "Generating certificate authority certificate..."
+openssl x509 -req -in root-ca.csr -signkey root-ca.key -days 3650 -out root-ca.crt -extensions v3_ca -extfile root-ca.cnf
+
+echo "Inspecting certificate authority certificate..."
+openssl x509 -text -noout -in root-ca.crt > ca.txt
+
+echo "<!------------------------------------------------!>"
+echo "<! Intermediary Certificate Authority Certificate !>"
+echo "<!------------------------------------------------!>"
+
+echo "Generating intermediary certificate authority private key..."
+openssl genrsa -out intermediary-ca.key 4096
+
+echo "Generating intermediary certificate authority configuration file..."
+cat <<EOF > intermediary-ca.cnf
+[ req ]
+default_bits       = 4096
+default_keyfile    = intermediary-ca.key
+distinguished_name = req_distinguished_name
+req_extensions     = v3_ca
+prompt             = no
+
+[ req_distinguished_name ]
+C  = US
+ST = VIRGINIA
+L  = RESTON
+O  = HAULER
+OU = HAULER DEV
+CN = INTERMEDIARY CERTIFICATE AUTHORITY CERTIFICATE
+
+[v3_ca]
+keyUsage = critical, keyCertSign, cRLSign
+extendedKeyUsage = anyExtendedKeyUsage
+basicConstraints = critical, CA:TRUE
+EOF
+
+echo "Generating intermediary certificate authority certificate signing request..."
+openssl req -new -sha256 -key intermediary-ca.key -out intermediary-ca.csr -config intermediary-ca.cnf
+
+echo "Generating intermediary certificate authority certificate..."
+openssl x509 -req -in intermediary-ca.csr -CA root-ca.crt -CAkey root-ca.key -CAcreateserial -out intermediary-ca.crt -days 3650 -sha256 -extfile intermediary-ca.cnf -extensions v3_ca
+
+echo "Inspecting intermediary certificate authority certificate..."
+openssl x509 -text -noout -in intermediary-ca.crt > intermediary-ca.txt
+
+echo "Verifying intermediary certificate authority certificate..."
+openssl verify -CAfile root-ca.crt intermediary-ca.crt
+
+echo "Generating full certificate chain..."
+cat intermediary-ca.crt root-ca.crt > cacerts.pem
+
+echo "<!-----------------------------------------------------------------!>"
+echo "<! Server Certificate Signed by Intermediary Certificate Authority !>"
+echo "<!-----------------------------------------------------------------!>"
+
+echo "Generating server private key..."
+openssl genrsa -out server-cert.key 4096
+
+echo "Generating server certificate signing config file..."
+cat <<EOF > server-cert.cnf
+[ req ]
+default_bits       = 4096
+default_keyfile    = server-cert.key
+distinguished_name = req_distinguished_name
+req_extensions     = v3_req
+prompt             = no
+
+[ req_distinguished_name ]
+C  = US
+ST = VIRGINIA
+L  = RESTON
+O  = HAULER
+OU = HAULER DEV
+CN = SERVER CERTIFICATE
+
+[v3_req]
+keyUsage = digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth
+subjectAltName = @alt_names
+
+[ alt_names ]
+DNS.1 = localhost
+DNS.2 = registry.localhost
+DNS.3 = fileserver.localhost
+EOF
+
+echo "Generating server certificate signing request..."
+openssl req -new -sha256 -key server-cert.key -out server-cert.csr -config server-cert.cnf
+
+echo "Generating server certificate..."
+openssl x509 -req -in server-cert.csr -CA intermediary-ca.crt -CAkey intermediary-ca.key -CAcreateserial -out server-cert.crt -days 3650 -sha256 -extfile server-cert.cnf -extensions v3_req
+
+echo "Inspecting server certificate..."
+openssl x509 -text -noout -in server-cert.crt > server-cert.txt
+
+echo "Verifying server certificate..."
+openssl verify -CAfile cacerts.pem server-cert.crt
+
+echo "<!-----------------------------------------------------------------!>"
+echo "<! Client Certificate Signed by Intermediary Certificate Authority !>"
+echo "<!-----------------------------------------------------------------!>"
+
+echo "Generating client private key..."
+openssl genrsa -out client-cert.key 4096
+
+echo "Generating client certificate signing config file..."
+cat <<EOF > client-cert.cnf
+[ req ]
+default_bits       = 4096
+default_keyfile    = client-cert.key
+distinguished_name = req_distinguished_name
+req_extensions     = v3_req
+prompt             = no
+
+[ req_distinguished_name ]
+C  = US
+ST = VIRGINIA
+L  = RESTON
+O  = HAULER
+OU = HAULER DEV
+CN = CLIENT CERTIFICATE
+
+[ v3_req ]
+keyUsage = digitalSignature
+extendedKeyUsage = clientAuth
+EOF
+
+echo "Generating client certificate signing request..."
+openssl req -new -sha256 -key client-cert.key -out client-cert.csr -config client-cert.cnf
+
+echo "Generating client certificate..."
+openssl x509 -req -in client-cert.csr -CA intermediary-ca.crt -CAkey intermediary-ca.key -CAcreateserial -out client-cert.crt -days 3650 -sha256 -extfile client-cert.cnf -extensions v3_req
+
+echo "Inspecting client certificate..."
+openssl x509 -text -noout -in client-cert.crt > client-cert.txt
+
+echo "Verifying client certificate..."
+openssl verify -CAfile cacerts.pem client-cert.crt

testdata/chart-collection.yaml

@@ -1,23 +0,0 @@
----
-apiVersion: collection.hauler.cattle.io/v1alpha1
-kind: ThickCharts
-metadata:
-  name: mythickchart
-spec:
-  charts:
-    # charts are also fetched and served as OCI content (currently experimental in helm)
-    #   HELM_EXPERIMENTAL_OCI=1 helm chart pull <hauler-registry>/loki:2.6.2
-#    - name: loki
-#      repoURL: https://grafana.github.io/helm-charts
-
-#    - name: longhorn
-#      repoURL: https://charts.longhorn.io
-
-#    - name: cert-manager
-#      repoURL: https://charts.jetstack.io
-#      version: v1.6.1
-#      extraImages:
-#        - ref: quay.io/jetstack/cert-manager-cainjector:v1.6.1
-
-    - name: podinfo
-      repoURL: https://stefanprodan.github.io/podinfo

testdata/contents.yaml

@@ -1,56 +0,0 @@
-apiVersion: content.hauler.cattle.io/v1alpha1
-kind: Files
-metadata:
-  name: myfile
-spec:
-  files:
-    # hauler can save/redistribute files on disk (be careful! paths are relative)
-    - path: testdata/contents.yaml
-
-    # when directories are specified, the directory contents will be archived and stored
-    - path: testdata/
-
-    # hauler can also fetch remote content, and will "smartly" identify filenames _when possible_
-    #   filename below = "k3s-images.txt"
-    - path: "https://github.com/k3s-io/k3s/releases/download/v1.22.2%2Bk3s2/k3s-images.txt"
-
-    # when discovered filenames are not desired, a file name can be specified
-    - path: https://get.k3s.io
-      name: k3s-init.sh
-
----
-apiVersion: content.hauler.cattle.io/v1alpha1
-kind: Images
-metadata:
-  name: myimage
-spec:
-  images:
-    # images can be referenced shorthanded without a tag
-    - name: hello-world
-
-    # or namespaced with a tag
-    - name: rancher/cowsay:latest
-
-    # or by their digest:
-    - name: registry@sha256:42043edfae481178f07aa077fa872fcc242e276d302f4ac2026d9d2eb65b955f
-
-    # or fully qualified from any OCI compliant registry registry
-    - name: ghcr.io/fluxcd/flux-cli:v0.22.0
-
----
-apiVersion: content.hauler.cattle.io/v1alpha1
-kind: Charts
-metadata:
-  name: mychart
-spec:
-  charts:
-    # charts are also fetched and served as OCI content (currently experimental in helm)
-    #   HELM_EXPERIMENTAL_OCI=1 helm chart pull <hauler-registry>/loki:2.6.2
-    - name: loki
-      repoURL: https://grafana.github.io/helm-charts
-#      version: latest  # the latest version will be used when version is empty
-
-    # specific versions can also be used
-    - name: rancher
-      repoURL: https://releases.rancher.com/server-charts/latest
-      version: 2.6.2

testdata/hauler-manifest-pipeline.yaml

@@ -0,0 +1,48 @@
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Images
+metadata:
+  name: hauler-content-images-example
+spec:
+  images:
+    - name: busybox
+    - name: busybox:stable
+      platform: linux/amd64
+    - name: gcr.io/distroless/base@sha256:7fa7445dfbebae4f4b7ab0e6ef99276e96075ae42584af6286ba080750d6dfe5
+---
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Charts
+metadata:
+  name: hauler-content-charts-example
+spec:
+  charts:
+    - name: rancher
+      repoURL: https://releases.rancher.com/server-charts/stable
+    - name: rancher
+      repoURL: https://releases.rancher.com/server-charts/stable
+      version: 2.8.4
+    - name: rancher
+      repoURL: https://releases.rancher.com/server-charts/stable
+      version: 2.8.3
+    - name: hauler-helm
+      repoURL: oci://ghcr.io/hauler-dev
+    - name: hauler-helm
+      repoURL: oci://ghcr.io/hauler-dev
+      version: 1.0.6
+    - name: hauler-helm
+      repoURL: oci://ghcr.io/hauler-dev
+      version: 1.0.4
+    - name: rancher-cluster-templates-0.5.2.tgz
+      repoURL: .
+---
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Files
+metadata:
+  name: hauler-content-files-example
+spec:
+  files:
+    - path: https://get.rke2.io/install.sh
+    - path: https://get.rke2.io/install.sh
+      name: rke2-install.sh
+    - path: testdata/hauler-manifest.yaml
+    - path: testdata/hauler-manifest.yaml
+      name: hauler-manifest-local.yaml

testdata/hauler-manifest.yaml

@@ -0,0 +1,32 @@
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Images
+metadata:
+  name: hauler-content-images-example
+spec:
+  images:
+    - name: busybox
+    - name: busybox:stable
+      platform: linux/amd64
+    - name: gcr.io/distroless/base@sha256:7fa7445dfbebae4f4b7ab0e6ef99276e96075ae42584af6286ba080750d6dfe5
+---
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Charts
+metadata:
+  name: hauler-content-charts-example
+spec:
+  charts:
+    - name: rancher
+      repoURL: https://releases.rancher.com/server-charts/stable
+      version: 2.8.5
+    - name: hauler-helm
+      repoURL: oci://ghcr.io/hauler-dev
+---
+apiVersion: content.hauler.cattle.io/v1alpha1
+kind: Files
+metadata:
+  name: hauler-content-files-example
+spec:
+  files:
+    - path: https://get.rke2.io
+      name: install.sh
+    - path: testdata/hauler-manifest.yaml

testdata/k3s-collection.yaml

@@ -1,13 +0,0 @@
----
-apiVersion: collection.hauler.cattle.io/v1alpha1
-kind: K3s
-metadata:
-  name: myk3s
-spec:
-  # version can be exact (as listed on https://github.com/k3s-io/k3s/releases)
-  version: v1.22.2+k3s2
-
-  # or can point to a channel, in which case the latest version in the channel is used: https://update.k3s.io/v1-release/channels
-#  version: stable
-#  version: latest
-#  version: v1.22

vagrant-scripts/airgap.sh

@@ -1,25 +0,0 @@
-#!/bin/sh
-set -x
-
-if [ "$#" -ne 1 ] || ( [ "$1" != "internet" ] && [ "$1" != "airgap" ] ); then
-  echo \
-"Enable or disable internet access in hauler's CentOS Vagrant machine.
-
-Usage: $0 internet
-       $0 airgap" >&2
-  exit 1
-fi
-
-if [ "$1" = "internet" ]; then
-  # internet: set default gateway to NAT network interface
-  default_iface="eth0"
-  gw_ip="10.0.2.2"
-else
-  # airgap: set default gateway to private network interface
-  default_iface="eth1"
-  gw_ip=$(ip -f inet a show "${default_iface}" | awk 'match($0, /inet ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})/, arr) { print arr[1] }')
-fi
-
-
-ip r delete default
-ip r add default via ${gw_ip} dev ${default_iface} proto dhcp metric 100

vagrant-scripts/k3s-install.sh

@@ -1,41 +0,0 @@
-#!/bin/sh
-
-################################################################################
-# RUN IN VAGRANT MACHINE
-# Install a default, bare k3s cluster into the Vagrant machine
-################################################################################
-
-if [ -f "/usr/local/bin/k3s-uninstall.sh" ]; then
-  /usr/local/bin/k3s-uninstall.sh
-else
-  echo "k3s is not installed"
-fi
-
-if pgrep -x "firewalld" >/dev/null
-then
-  echo "[FATAL] disable firewalld first"
-fi
-
-SELINUXSTATUS=$(getenforce)
-if [ "$SELINUXSTATUS" == "Permissive" ]; then
-    echo "[FATAL] disable selinux"
-    exit 1
-else
-    echo "SELINUX disabled. continuing"
-fi
-
-LOCAL_IMAGES_FILEPATH=/var/lib/rancher/k3s/agent/images
-ARTIFACT_DIR=/opt/hauler/local-artifacts/k3s
-
-mkdir -p ${LOCAL_IMAGES_FILEPATH}
-
-cp ${ARTIFACT_DIR}/images/* ${LOCAL_IMAGES_FILEPATH}
-
-cp ${ARTIFACT_DIR}/bin/k3s /usr/local/bin/k3s
-chmod +x /usr/local/bin/k3s
-
-yum install -y ${ARTIFACT_DIR}/rpm/*
-
-INSTALL_K3S_SKIP_DOWNLOAD=true ${ARTIFACT_DIR}/bin/k3s-install.sh
-
-chmod +r /etc/rancher/k3s/k3s.yaml

vagrant-scripts/k3s-prep.sh

@@ -1,50 +0,0 @@
-#!/bin/sh
-
-################################################################################
-# RUN IN VAGRANT MACHINE
-# Download all required dependencies for an air-gapped k3s install, saving them
-# to the folder shared with the host machine.
-################################################################################
-
-BASE_SHARED_DIR="/opt/hauler"
-VAGRANT_SCRIPTS_DIR="${BASE_SHARED_DIR}/vagrant-scripts"
-ARTIFACTS_DIR="${BASE_SHARED_DIR}/local-artifacts/k3s"
-
-K3S_VERSION='v1.18.8+k3s1'
-K3S_VERSION_URL='v1.18.8%2Bk3s1'
-
-LOCAL_IMAGES="${ARTIFACTS_DIR}/images"
-LOCAL_BIN="${ARTIFACTS_DIR}/bin"
-LOCAL_RPM="${ARTIFACTS_DIR}/rpm"
-
-mkdir -p ${LOCAL_IMAGES}
-mkdir -p ${LOCAL_BIN}
-mkdir -p ${LOCAL_RPM}
-
-# temporarily allow internet access
-${VAGRANT_SCRIPTS_DIR}/airgap.sh internet
-
-pushd ${LOCAL_IMAGES}
-
-curl -LO https://github.com/rancher/k3s/releases/download/${K3S_VERSION_URL}/k3s-airgap-images-amd64.tar
-
-popd
-
-pushd ${LOCAL_BIN}
-
-curl -LO https://github.com/rancher/k3s/releases/download/${K3S_VERSION_URL}/k3s
-curl -L https://raw.githubusercontent.com/rancher/k3s/${K3S_VERSION_URL}/install.sh -o k3s-install.sh
-chmod +x ./*
-
-popd
-
-pushd ${LOCAL_RPM}
-
-curl -LO https://rpm.rancher.io/k3s-selinux-0.1.1-rc1.el7.noarch.rpm
-yum install -y yum-utils
-yumdownloader --destdir=. --resolve container-selinux selinux-policy-base
-
-popd
-
-# restore air-gap configuration
-${VAGRANT_SCRIPTS_DIR}/airgap.sh airgap

vagrant-scripts/prep-all.sh

@@ -1,12 +0,0 @@
-#!/bin/sh
-
-BASE_SHARED_DIR="/opt/hauler"
-VAGRANT_SCRIPTS_DIR="${BASE_SHARED_DIR}/vagrant-scripts"
-
-for script in ${VAGRANT_SCRIPTS_DIR}/*-prep.sh ; do
-  echo "---"
-  echo "Running ${script} ..."
-  echo "---"
-
-  sh "${script}"
-done

vagrant-scripts/rke2-install.sh

@@ -1,73 +0,0 @@
-#!/bin/sh
-
-################################################################################
-# RUN IN VAGRANT MACHINE
-# Install a default, bare rke2 cluster into the Vagrant machine
-################################################################################
-
-BASE_SHARED_DIR="/opt/hauler"
-VAGRANT_SCRIPTS_DIR="${BASE_SHARED_DIR}/vagrant-scripts"
-
-RKE2_VERSION_DOCKER='v1.18.4-beta16-rke2'
-
-if pgrep -x "firewalld" >/dev/null
-then
-  echo "[FATAL] disable firewalld first"
-fi
-
-mkdir -p /etc/rancher/rke2/
-
-# TODO - allow using selinux
-
-SELINUXSTATUS="$(getenforce)"
-if [ "$SELINUXSTATUS" = "Permissive" ] || [ "$SELINUXSTATUS" = "Enforcing" ]
-then
-  echo "selinux: true" | sudo tee -a /etc/rancher/rke2/config.yaml > /dev/null
-else
-  echo "SELINUX disabled. continuing"
-fi
-
-LOCAL_IMAGES_FILEPATH=/var/lib/rancher/rke2/agent/images
-ARTIFACT_DIR="${BASE_SHARED_DIR}/local-artifacts/rke2"
-
-mkdir -p ${LOCAL_IMAGES_FILEPATH}
-
-cp ${ARTIFACT_DIR}/images/* ${LOCAL_IMAGES_FILEPATH}
-
-# TODO - add ability to use local binary with yum install
-
-# ----------------------------------------------------------
-# uncomment to use a specific local binary for the install
-# ----------------------------------------------------------
-# LOCAL_RKE2_BIN='rke2-beta13-dev'
-
-#if [ -n "${LOCAL_RKE2_BIN}" ] && [ -f "${ARTIFACT_DIR}/bin/${LOCAL_RKE2_BIN}" ] ; then
-#  echo "Use "${ARTIFACT_DIR}/bin/${LOCAL_RKE2_BIN}" for rke2 binary"
-#
-#  INSTALL_RKE2_SKIP_START=true \
-#    RKE2_RUNTIME_IMAGE="rancher/rke2-runtime:${RKE2_VERSION_DOCKER}" \
-#    ${ARTIFACT_DIR}/bin/rke2-installer.run
-#
-#  rm -f /usr/local/bin/rke2
-#
-#  cp "${ARTIFACT_DIR}/bin/${LOCAL_RKE2_BIN}" /usr/local/bin/rke2
-#
-#  systemctl start rke2
-#else
-#  ${ARTIFACT_DIR}/bin/rke2-installer.run
-#fi
-
-yum install -y ${ARTIFACT_DIR}/rpm/*
-
-systemctl enable rke2-server && systemctl start rke2-server
-
-while [ -f "/etc/rancher/rke2/rke2.yaml" ] ; do
-  echo "Waiting for /etc/rancher/rke2/rke2.yaml to exist..."
-  sleep 10
-done
-
-chmod +r /etc/rancher/rke2/rke2.yaml
-
-echo "RKE2 cluster is wrapping up installation, run the following commands to allow kubectl access:
-export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
-export PATH=/var/lib/rancher/rke2/bin/:\${PATH}"

vagrant-scripts/rke2-prep.sh

@@ -1,72 +0,0 @@
-#!/bin/sh
-
-################################################################################
-# RUN IN VAGRANT MACHINE
-# Download all required dependencies for an air-gapped rke2 install, saving them
-# to the folder shared with the host machine.
-################################################################################
-
-BASE_SHARED_DIR="/opt/hauler"
-VAGRANT_SCRIPTS_DIR="${BASE_SHARED_DIR}/vagrant-scripts"
-ARTIFACTS_DIR="${BASE_SHARED_DIR}/local-artifacts/rke2"
-
-RKE2_VERSION='v1.18.13+rke2r1'
-RKE2_VERSION_URL='v1.18.13%2Brke2r1'
-RKE2_VERSION_DOCKER='v1.18.13-rke2r1'
-
-LOCAL_IMAGES="${ARTIFACTS_DIR}/images"
-LOCAL_BIN="${ARTIFACTS_DIR}/bin"
-LOCAL_RPM="${ARTIFACTS_DIR}/rpm"
-
-mkdir -p ${LOCAL_IMAGES}
-mkdir -p ${LOCAL_BIN}
-mkdir -p ${LOCAL_RPM}
-
-# temporarily allow internet access
-${VAGRANT_SCRIPTS_DIR}/airgap.sh internet
-
-pushd ${LOCAL_IMAGES}
-
-curl -LO https://github.com/rancher/rke2/releases/download/${RKE2_VERSION_URL}/rke2-images.linux-amd64.tar.gz
-gunzip rke2-images.linux-amd64.tar.gz
-
-popd
-
-#pushd ${LOCAL_BIN}
-#
-#curl -L https://github.com/rancher/rke2/releases/download/${RKE2_VERSION_URL}/rke2-installer.linux-amd64.run -o rke2-installer.run
-#chmod +x ./*
-#
-#popd
-
-pushd ${LOCAL_RPM}
-
-yum install -y yum-plugin-downloadonly
-
-rke2_rpm_channel='stable'
-rpm_site='rpm.rancher.io'
-maj_ver='7'
-rke2_majmin=$(echo "${RKE2_VERSION}" | sed -E -e "s/^v([0-9]+\.[0-9]+).*/\1/")
-
-cat <<-EOF >"/etc/yum.repos.d/rancher-rke2.repo"
-[rancher-rke2-common-${rke2_rpm_channel}]
-name=Rancher RKE2 Common (${RKE2_VERSION})
-baseurl=https://${rpm_site}/rke2/${rke2_rpm_channel}/common/centos/${maj_ver}/noarch
-enabled=1
-gpgcheck=1
-gpgkey=https://${rpm_site}/public.key
-[rancher-rke2-${rke2_majmin}-${rke2_rpm_channel}]
-name=Rancher RKE2 ${rke2_majmin} (${RKE2_VERSION})
-baseurl=https://${rpm_site}/rke2/${rke2_rpm_channel}/${rke2_majmin}/centos/${maj_ver}/x86_64
-enabled=1
-gpgcheck=1
-gpgkey=https://${rpm_site}/public.key
-EOF
-
-yum install --downloadonly --downloaddir=./ rke2-server
-
-popd
-
-
-# restore air-gap configuration
-${VAGRANT_SCRIPTS_DIR}/airgap.sh airgap