Resource (charm)

tmihoc · 7 August 2023 15:30

See also: SDK | Resource

See also: How to manage resources

In Juju, a charm resource is additional content that a charm can make use of, or may require, to run.

Resources are used where a charm author needs to include large blobs (perhaps a database, media file, or otherwise) that may not need to be updated with the same cadence as the charm or workload itself. By keeping resources separate, they can control the lifecycle of these elements more carefully, and in some situations avoid the need for repeatedly downloading large files from Charmhub during routine upgrades/maintenance.

A resource can have one of two basic types – file and oci-image. These can be specified as follows:

If the resource is type ‘file’, you can specify it by providing

a. the resource revision number or

b. a path to a local file.
If the resource is type ‘oci-image’, you can specify it by providing

a. the resource revision number,

b. a path to a local file = private OCI image,

c. a link to a public OCI image.

If you choose to provide a path to a local file, the file can be a JSON or a YAML file with an image reference and optionally a username and a password (i.e., an OCI image resource).

Expand to view an example JSON file

{
  "ImageName": "my.private.repo.com/a/b:latest",
  "username": "harry",
  "password": "supersecretpassword"
}

Expand to view an example YAML file

registrypath: my.private.repo.com/a/b:latest
username: harry
password: supersecretpassword

samuel_allan · 15 February 2024 06:21

tmihoc:

Expand to view an example JSON file

{
  "ImageName": "my.private.repo.com/a/b:latest",
  "username": "harry",
  "password": "supersecretpassword"
}

Expand to view an example YAML file

registrypath: my.private.repo.com/a/b:latest
username: harry
password: supersecretpassword

What is the current spec for the image? ImageName or registrypath?

tmihoc · 15 February 2024 06:45

@samuel_allan I’ve asked @wallyworld and he’ll investigate. One of us will be in touch.

wallyworld · 16 February 2024 08:00

To confirm the syntax for the different options…

The simplest is when using a public oci image - just specify the image path

juju deploy some-charm --resource myimge=docker.io/myimage:latest

docker.io is the default repo, so you can also just do

juju deploy some-charm --resource myimge=myimage:latest

If you need to provide a credential because it’s a private image, that’s when you would want to supply a YAML or JSON file with the necessary details.

The deploy command becomes

juju deploy some-charm --resource myimage=/path/to/file

Example YAML file

registrypath: docker.io/myorg/myimage
username: docker-registry
password: hunter2

Note: if you include credential information, you’ll need to specify the full image path including domain.

Unfortunately, there seems to be a typo in the JSON tag, so if you’re using a JSON file the image path will need to use the key ImageName.

There’s also other more advanced auth schemes that can be used, eg token auth, you can specify values for

email
identitytoken
registrytoken

Other registry / auth specific keys include (see your registry’s documentation for more detail on what’s needed):

serveraddress
region
repository

eg

    "serveraddress": "66668888.dkr.ecr.eu-west-1.amazonaws.com",
    "username": "aws_access_key_id",
    "repository": "66668888.dkr.ecr.eu-west-1.amazonaws.com",
    "password": "aws_secret_access_key",
    "region": "ap-southeast-2"