Skip to content

Clarify Network Requirements for libraries#2962

Open
s-stumbo wants to merge 3 commits intomainfrom
network-requirements
Open

Clarify Network Requirements for libraries#2962
s-stumbo wants to merge 3 commits intomainfrom
network-requirements

Conversation

@s-stumbo
Copy link
Contributor

@s-stumbo s-stumbo commented Feb 6, 2026

[ ] Check if this is a typo or other quick fix and ignore the rest :)

Type of change

Clarify existing content, add section about library storage locations

What should this PR do?

  • Rephrases the content under "Access for development tools" section
  • Add that Chainguard Libraries are stored and served from GAR

Why are we making this change?

Internal questions about where libraries are stored and feedback that the current docs imply you have to use a repo manager

What are the acceptance criteria?

Content should be clear and accurate

How should this PR be tested?

@s-stumbo
Clarify Network Requirements for libraries
0c2ca30 
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
@s-stumbo
update wording
6767e14 
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
@s-stumbo s-stumbo requested a review from a team as a code owner February 6, 2026 18:26
@netlify
Copy link

netlify bot commented Feb 6, 2026
edited
Loading

Deploy Preview for ornate-narwhal-088216 ready!

Name Link
🔨 Latest commit d19215e
🔍 Latest deploy log https://app.netlify.com/projects/ornate-narwhal-088216/deploys/698f50a2be172a00084d0899
😎 Deploy Preview https://deploy-preview-2962--ornate-narwhal-088216.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

matthewhelmke
matthewhelmke approved these changes Feb 6, 2026
View reviewed changes
Copy link
Collaborator

@matthewhelmke matthewhelmke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you!

mosabua
mosabua requested changes Feb 6, 2026
View reviewed changes
Copy link
Member

@mosabua mosabua left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should NOT provide the info that we are internally hosting artifacts on GAR. This is an internal implementation detail and partially also not true. Technical info like that should be confirmed with @angela-zhang and engineers potentially.

@s-stumbo
apply feedback
d19215e 
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
mosabua
mosabua requested changes Feb 13, 2026
View reviewed changes
Copy link
Member

@mosabua mosabua left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The wording changes actually make it less correct than it was .. formatting improvements are good .. so I think we need some updates .. happy to chat next week .. travelling now

content/chainguard/libraries/network-requirements.md
* `libraries.cgr.dev` for library access
* `issuer.enforce.dev` for authentication

When using a repository manager, allowlist these domains in your repository manager. Your workstations and build infrastructure typically require no additional network access, as libraries are served through your repository manager.
Copy link
Member

@mosabua mosabua Feb 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thats not correct .. you are now creating an allowlist in the repo manager .. its a network setup

content/chainguard/libraries/network-requirements.md
Chainguard Libraries require specific network access to ensure secure delivery of hardened Java and Python dependencies to your development environment. This guide details the domains and ports needed for authentication, package downloads, and verification tools.
[Chainguard Libraries](/chainguard/libraries/overview/) require specific network access to ensure secure delivery of hardened dependencies to your development environment. This guide details the domains and ports needed for authentication, package downloads, and verification tools.

### Access for chainctl and other tools
Copy link
Member

@mosabua mosabua Feb 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure about this ..

content/chainguard/libraries/network-requirements.md

When using a repository manager, allowlist these domains in your repository manager. Your workstations and build infrastructure typically require no additional network access, as libraries are served through your repository manager.

If accessing Chainguard Libraries directly for testing with curl or builds, allowlist these domains on your workstation.
Copy link
Member

@mosabua mosabua Feb 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you also dont have an allowlist on the workstation..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mosabua mosabua mosabua requested changes

@matthewhelmke matthewhelmke matthewhelmke approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@s-stumbo @mosabua @matthewhelmke