#1151 Add documentation for OCI feature in Apps & Marketplace Section

[martyav]

Fixes #1151

Reminders

• See the README for more details on how to work with the Rancher docs.

• Verify if changes pertain to other versions of Rancher. If they do, finalize the edits on one version of the page, then apply the edits to the other versions.

• If the pull request is dependent on an upcoming release, make sure to target the release branch instead of main.

Description

From the issue:

• GitHub Issue - Ability to use an OCI Helm Chart Registry on a Rancher Catalog rancher#29105
• UI Issue - Ability to use OCI Helm Chart Registry in Apps&Marketplace dashboard#9815
• GitHub PR - [2.9] Add OCI support for Helm Repos rancher#43823

Summary
There is a new feature that is going to be released in the Apps and Marketplace category. That is support for OCI-based Helm repositories.

Acceptance criteria

1. There are docs covering the functionality of the OCI Helm repository feature in Apps & Marketplace
2. There are docs covering debugging and logging for any known OCI Helm repository issues
3. There are docs covering the limitations of the feature.

Comments

[martyav]

I'm going to open this up for review, but I'm reluctant to create the release branch yet, as 2.9 is several months from now. Added the DO NOT MERGE label and have to to remember to point this to the 2.9 branch at a more appropriate time.

[martyav]

@rohitsakala

I edited most of the draft provided, but the last section needs more instructions.

To view logs, enable the debug option of rancher

The first option if there is any discrepancy is to refresh a cluster repository
The last option is to delete the oci helm repository clusterrepo and readd it. This will not delete any already installed helm charts.

Where in the UI do they go to perform these steps?

Thank you!

[martyav]

I left this part in, but it feels like we need a little more content here to explain the relevance of mentioning it in this section vs somewhere else, and what users can use that information for.

[martyav]

I opted not to format these as code snippets, so the backslashes are required as escape characters for the angle brackets.

[rohitsakala]

@martyav Thank you for this PR. There has been some modification requested for this feature. So, I complete those modifications and get back to you.

[martyav]

@martyav Thank you for this PR. There has been some modification requested for this feature. So, I complete those modifications and get back to you.

@rohitsakala do you have any updates on this?

[martyav]

@rohitsakala checking in again, do you have any updates?

[rohitsakala]

@martyav Yes, I do have to update the docs. I have sent the PR to product team for playing. Once they have given me the approval, I will update the docs and inform. Maybe in max 2 weeks.

[rohitsakala]

Can you replace this point with this section ?

[martyav]

Do you mean "Explanation of fields"? It seems like we should explain those fields in context with the steps they are related to. "There are more fields that the user can define". Where do these fields appear and how can the user define them? Do they all appear on the same screen where the user sets up authentication?

[rohitsakala]

@martyav These fields appear while creating the OCI-based Helm repository, basically in the same page where the user will be inputting the name, OCI URL etc.

[martyav]

Ok, I added the explanations as part of the step-by-step instructions, in order of where they appear in the UI

[rohitsakala]

Can you add this section as well ?

[martyav]

Rate limiting section added

[rohitsakala]

To enhance logging information from the operations, enable the debug option while deploying Rancher.

[martyav]

This section has now been edited and the link has been added

[martyav]

@rohitsakala I made a number of edits addressing suggestions. However, there are still three things unresolved:

1. The last section needs to describe how to enable the debug option
2. There are two sentences I wasn't sure how to edit and wrapped in HTML comment tags
3. The section explaining fields feels like it needs to be revised extensively, so that the fields are mentioned in context with where they can be found or used. Are they all on the Authentic part of the UI?

[rohitsakala]

So let me explain it more clearly here

1. User adds Dockerhub to the OCI based Helm Repository
2. Rancher gets ratelimited.
3. User knows that Dockerhub allows 50 requests in 24 hours of time window.
4. Rancher doesn't know this information about 50 requests in 24 hours.
5. But the user knows it through dockerhub documentation
6. User can enter ExponentailBackOff values as MinWait: 86400 seconds (24 hours), MaxWait : 90000 seconds, MaxRetry: 1
7. Since the user has entered the values, Rancher when its gets throttled or ratelimited will wait for 24 hours before making a new request. This new request will pass since Dockerhub will renew the 50 requests since 24 hours have been passed.
8. Now, for 24 hours, the repository will not be in Active state. Only, when the Rancher completes 24 hour waiting and makes a call to get information, it will change to active state.

Let me know at which point it is unclear.

[martyav]

Thanks! Updating and adding to next commit

[rohitsakala]

@rohitsakala I made a number of edits addressing suggestions. However, there are still three things unresolved:

1. The last section needs to describe how to enable the debug option
2. There are two sentences I wasn't sure how to edit and wrapped in HTML comment tags
3. The section explaining fields feels like it needs to be revised extensively, so that the fields are mentioned in context with where they can be found or used. Are they all on the Authentic part of the UI?

I replied to all your queries in the respective comments. Let me know if you have any more doubts.

[diogoasouza]

Can we add a screenshot here, similar to this one in the extension doc in step 3.3?

[diogoasouza]

Do we need to add this section? AFAIK, this is standard for every oci registry, not something specific to Rancher.
@rohitsakala keep me honest here

[rohitsakala]

Yes this is standard but I thought users can look here into Rancher documentation at one place while they are adding the OCI based helm repository

[diogoasouza]

Suggested change

	10. (optional) If you know that your repository may respond with status code `429 Too Many Requests` (for example, if your repository is on DockerHub), fill out the fields under **Exponential Back Off**:
	10. (optional) If your repository has a rate-limiting policy and may respond with status code `429 Too Many Requests` (for example, if your repository is on DockerHub), you may want to fill out the fields under **Exponential Back Off**:

[diogoasouza]

Suggested change

	1. **Min Wait**: The default is 1 second.
	1. **Min Wait**: The minimum duration in seconds that Rancher should wait before retrying. The default is 1 second.

[diogoasouza]

Suggested change

	1. **Max Wait**: The default is 1 second.
	1. **Max Wait**: The maximum duration in seconds that Rancher should wait before retrying. The default is 5 second.

The default value is 5 seconds

[rohitsakala]

rename the file to oci-repositories.md

[rohitsakala]

See Authentication for more details.

is not required here.

[rohitsakala]

remove the example of Dockerhub. For dockerhub,adding exponentailBackoff values has no use since Rancher automatically waits for 6 hours that dockerhub sends as a header.

[rohitsakala]

Suggested change

Rancher 2.9.0 also adds the `spec.insecurePlainHttp` field, which forces Rancher to use HTTP instead of HTTPS to send requests. This works exactly the same as the `spec.insecurePlainHttp` field in [ORAS CLI](https://oras.land/docs/commands/use_oras_cli), since Rancher uses the ORAS library.

[rohitsakala]

Suggested change

	The CRD that is linked to the OCI Helm registry is `ClusterRepo`.
	The CRD that is linked to the OCI based Helm repository is `ClusterRepo`.

[rohitsakala]

Suggested change

	## Refresh an OCI-Based Helm Chart Registry
	## Refresh an OCI-Based Helm Chart Repository