Pulls a Zarf package from a remote registry and save to the local file system
zarf package pull PACKAGE_SOURCE [flags]
# Pull a package matching the current architecture$ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 # Pull a package matching a specific architecture$ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a arm64 # Pull a skeleton package$ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a skeleton
-h, --help help for pull -o, --output-directory string Specify the output directory for the pulled Zarf package --shasum string Shasum of the package to pull. Required if pulling a https package. A shasum can be retrieved using 'zarf dev sha256sum <url>' --skip-signature-validation Skip validating the signature of the Zarf package
-a, --architecture string Architecture for OCI images and Zarf packages --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. -k, --key string Path to public key file for validating signed packages --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") --no-color Disable colors in output --no-log-file Disable log file creation --no-progress Disable fancy UI progress bars, spinners, logos, etc --oci-concurrency int Number of concurrent layer operations to perform when interacting with a remote package. (default 3) --plain-http Force the connections over HTTP instead of HTTPS. This flag should only be used if you have a specific reason and accept the reduced security posture. --tmpdir string Specify the temporary directory to use for intermediate files --zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache")