feat: add oras binary to cache

[AlisonB319]

Cache Oras on the VHD

What type of PR is this?

What this PR does / why we need it: ORAS will be needed for installing packages for network isolated clusters

Which issue(s) this PR fixes:

Fixes #

Requirements:

• uses conventional commit messages
• includes documentation
• adds unit tests
• tested upgrade from previous version

Special notes for your reviewer:

Release note:

none

Oras is included in the download section of release-notes

kubelet/kubectl downloaded:
-rwxr-xr-x 1 root root    55331649 Dec 12  2023 /usr/local/bin/crictl
-rwxr-xr-x 1 root root   108036096 Apr 17 01:01 /usr/local/bin/kubelet-1.27.13
-rwxr-xr-x 1 root root    48652288 Apr 17 01:01 /usr/local/bin/kubectl-1.27.13
-rwxr-xr-x 1 root root   110014464 Apr 17 01:03 /usr/local/bin/kubelet-1.28.9
-rwxr-xr-x 1 root root    49209344 Apr 17 01:03 /usr/local/bin/kubectl-1.28.9
-rwxr-xr-x 1 root root   111939584 Apr 18 17:03 /usr/local/bin/kubelet-1.29.4
-rwxr-xr-x 1 root root    49819648 Apr 18 17:03 /usr/local/bin/kubectl-1.29.4
-rwxr-xr-x 1 root root   108036096 May 22 15:51 /usr/local/bin/kubelet-1.27.14
-rwxr-xr-x 1 root root    48652288 May 22 15:51 /usr/local/bin/kubectl-1.27.14
-rwxr-xr-x 1 root root   110014464 May 22 15:53 /usr/local/bin/kubelet-1.28.10
-rwxr-xr-x 1 root root    49209344 May 22 15:53 /usr/local/bin/kubectl-1.28.10
-rwxr-xr-x 1 root root   111939584 May 22 15:53 /usr/local/bin/kubelet-1.29.5
-rwxr-xr-x 1 root root    49819648 May 22 15:53 /usr/local/bin/kubectl-1.29.5
-rwxr-xr-x 1 root root   100100024 May 24 08:44 /usr/local/bin/kubelet-1.30.1
-rwxr-xr-x 1 root root    51454104 May 24 08:44 /usr/local/bin/kubectl-1.30.1
-rwxr-xr-x 1 1001 docker   9863303 May 28 07:33 /usr/local/bin/oras
-rwxr-xr-x 1 root root   100124920 Jun 12 16:43 /usr/local/bin/kubelet-1.30.2
-rwxr-xr-x 1 root root    51454104 Jun 12 16:43 /usr/local/bin/kubectl-1.30.2
-rwxr-xr-x 1 root root   108036096 Jun 13 17:20 /usr/local/bin/kubelet-1.27.15
-rwxr-xr-x 1 root root    48652288 Jun 13 17:20 /usr/local/bin/kubectl-1.27.15
-rwxr-xr-x 1 root root   110014464 Jun 13 17:22 /usr/local/bin/kubelet-1.28.11
-rwxr-xr-x 1 root root    49209344 Jun 13 17:22 /usr/local/bin/kubectl-1.28.11
-rwxr-xr-x 1 root root   111943680 Jun 17 17:18 /usr/local/bin/kubelet-1.29.6
-rwxr-xr-x 1 root root    49819648 Jun 17 17:18 /usr/local/bin/kubectl-1.29.6
-rwxr-xr-x 1 root root         705 Jul 23 19:55 /usr/local/bin/ci-syslog-watcher.sh
-rwxr-xr-x 1 root root    36014944 Jul 23 19:58 /usr/local/bin/containerd-shim-spin-v0-3-0-v1
-rwxr-xr-x 1 root root    39369104 Jul 23 19:58 /usr/local/bin/containerd-shim-wws-v0-8-0-v1
-rwxr-xr-x 1 root root    45334640 Jul 23 19:58 /usr/local/bin/containerd-shim-spin-v0-5-1-v1
-rwxr-xr-x 1 root root    47622592 Jul 23 19:58 /usr/local/bin/containerd-shim-slight-v0-3-0-v1
-rwxr-xr-x 1 root root    52232184 Jul 23 19:58 /usr/local/bin/containerd-shim-slight-v0-5-1-v1
-rwxr-xr-x 1 root root    53775024 Jul 23 19:58 /usr/local/bin/containerd-shim-spin-v0-8-0-v1
-rwxr-xr-x 1 root root    60175432 Jul 23 19:58 /usr/local/bin/containerd-shim-slight-v0-8-0-v1

[AlisonB319]

I will add the make generate test files after review so that it is easier to review

[djsly]

what is this change ? missing a rebase ?

[AlisonB319]

No, in the future WasmShims is one of the packages that will be downloaded via oras, so the install needs to happen after oras is already installed. Moved so that I could verify that this change doesn't hurt anything

[AlisonB319]

^ my line of thinking here is wrong. Oras will get installed during build so when it is actually needed during provisioning, it is already installed. So the order does not actually matter - since it will be installed and ready to use during provisioning

[cameronmeissner]

should we also add call to this somewhere in cse_main.sh to ensure it gets installed at runtime if the underlying VHD doesn't already have it cached?

[AlisonB319]

The only case where we need oras installed is for a network isolated cluster. So, if it is not cached, it won't be able to be installed on those clusters - since it is needed to install everything else.

As a general question for my understanding - @Devinwong added the loop inside install_dependencies.sh for installing the packages in components.json. Are any of these packages installed via cse?

[Devinwong]

Some do. For example, in the for-loop for containerd case, it calls installStandaloneContainerd. And in cse_main.sh around ln124, it also calls installContainerRuntime which will eventually calls installStandaloneContainerd.
But some don't. Actually recently Paul removed the codes to install cni from cse. So now it will only use what cached in the VHD.

For your case, if oras is not cached as expected, when it comes to network isolated cluster bootstrapping the node, it still won't be able to install oras, right?

[AlisonB319]

Right I don't think a NIC will have the ability to install oras