What is Zarf?
Zarf is a free and open-source tool that enables declarative creation & distribution of software into air-gapped/constrained/standalone environments.
Zarf provides a way to package and deploy software in a way that is repeatable, secure, and reliable.
- 💸 Free and Open-Source. Zarf will always be free to use and maintained by the open-source community.
- ⭐️ Zero Dependencies. As a statically compiled binary, the Zarf CLI has zero dependencies to run on any machine.
- 🔓 No Vendor Lock. There is no proprietary software that locks you into using Zarf. If you want to remove it, you still can use your helm charts to deploy your software manually.
- 💻 OS Agnostic. Zarf supports numerous operating systems. A full matrix of supported OSes, architectures and featuresets is coming soon.
- 📦 Highly Distributable. Integrate and deploy software from multiple secure development environments including edge, embedded systems, secure cloud, data centers, and even local environments.
- 🚀 Develop Connected, Deploy Disconnected. Teams can build and configure individual applications or entire DevSecOps environments while connected to the internet. Once created, they can be packaged and shipped to a disconnected environment to be deployed.
- 💿 Single File Deployments. Zarf allows you to package the parts of the internet your app needs into a single compressed file to be installed without connectivity.
- ♻️ Declarative Deployments. Zarf packages define the precise state for your application enabling it to be deployed the same way every time.
- 🦖 Inherit Legacy Code. Zarf packages can wrap legacy code and projects - allowing them to be deployed to modern DevSecOps environments.
- Automate Kubernetes deployments in disconnected environments
- Automate Software Bill of Materials (SBOM) generation
- Build and publish packages as OCI image artifacts
- Provide a web dashboard for viewing SBOM output
- Create and verify package signatures with cosign
- Publish, pull, and deploy packages from an OCI registry
- Powerful component lifecycle actions
- Deploy a new cluster while fully disconnected with K3s or into any existing cluster using a kube config
- Builtin Git server with Gitea
- Builtin Docker registry
- Builtin K9s Dashboard for managing a cluster from the terminal
- Mutating Webhook to automatically update Kubernetes pod’s image path and pull secrets as well as Flux Git Repository URLs and secret references
- Builtin command to find images and resources from a Helm chart
- Tunneling capability to connect to Kubernetes resources without network routing, DNS, TLS or Ingress configuration required
- Customizable variables and package templates with defaults and user prompting
- Composable packages to include multiple sub-packages/components
- Component-level OS/architecture filtering