Cryptographic technology in Charmcraft¶
Charmcraft uses cryptographic technologies to fetch arbitrary files over the internet, communicate with local processes, and store credentials. It does not directly implement its own cryptography, but it does depend on external libraries to do so.
Charmcraft is built on Craft Application and derives much of its functionality from it, so much of Charmcraft’s cryptographic functionality is described in Cryptographic technology in Craft Application. The additional cryptography functionality in Charmcraft is documented below.
Local Docker images¶
If a Docker instance is installed or running on the host and a user references a local
Docker image in the upload-resource
command, Charmcraft uses the Docker SDK for
Python to communicate with it. The SDK communicates with Docker over a
Unix-domain socket if the user running Charmcraft has the necessary permission.
Container image registries¶
Every installation of Charmcraft comes with a bundled copy of skopeo. This tool is
available to run as charmcraft.skopeo
for creating local container image registries
during development. Skopeo is additionally used internally as part of the charm building
process. Charmcraft only uses the internal, pre-packaged copy of skopeo for this
purpose.