Cleanup root (#1603)

## Description

Cleanup the root files a bit, remove `vagrant` references, update the
README w/ new features.

## NOTICE

@mike-winberry This changes how NPM stuff gets run. Either run w/ `npm
--prefix src/ui COMMAND`, or cd into `src/ui` before running npm things.
Additionally, since `package.json` is not in root, you will need to do
`export NODE_PATH=$(pwd)/src/ui/node_modules` at root before running
`npm --prefix src/ui run test` in order for the UI tests to resolve
`node_modules`.

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed

---------

Signed-off-by: razzle <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>

.github/actions/node/action.yaml

@@ -8,3 +8,4 @@ runs:
  with:
  node-version: 18
  cache: "npm"
+ cache-dependency-path: "src/ui/package-lock.json"

.github/workflows/test-ui.yml

@@ -47,9 +47,10 @@ jobs:
 
  - name: Run UI tests
  run: >
- npm run test:pre-init &&
- npm run test:init &&
- npm run test:post-init
+ export NODE_PATH=$(pwd)/src/ui/node_modules &&
+ npm --prefix src/ui run test:pre-init &&
+ npm --prefix src/ui run test:init &&
+ npm --prefix src/ui run test:post-init
 
  - name: Save logs
  if: always()

Makefile

@@ -37,14 +37,6 @@ help: ## Display this help information
  | sort | awk 'BEGIN {FS = ":.*?## "}; \
  {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
 
-vm-init: ## Make a vagrant VM (usage -> make vm-init OS=ubuntu)
- vagrant destroy -f
- vagrant up --no-color ${OS}
- echo -e "\n\n\n\033[1;93m ✅ BUILD COMPLETE. To access this environment, run \"vagrant ssh ${OS}\"\n\n\n"
-
-vm-destroy: ## Destroy the vagrant VM
- vagrant destroy -f
-
 clean: ## Clean the build directory
  rm -rf build
 
@@ -72,8 +64,8 @@ check-ui:
  fi
 
 build-ui: ## Build the Zarf UI
- npm ci
- npm run build
+ npm --prefix src/ui ci
+ npm --prefix src/ui run build
 
 build-cli-linux-amd: check-ui ## Build the Zarf CLI for Linux on AMD64
  CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf main.go
@@ -103,8 +95,8 @@ docs-and-schema: ensure-ui-build-dir ## Generate the Zarf Documentation and Sche
 
 dev: ensure-ui-build-dir ## Start a Dev Server for the Zarf UI
  go mod download
- npm ci
- npm run dev
+ npm --prefix src/ui ci
+ npm --prefix src/ui run dev
 
 # INTERNAL: a shim used to build the agent image only if needed on Windows using the `test` command
 init-package-local-agent:

README.md

@@ -1,42 +1,41 @@
 # Zarf - DevSecOps for Air Gap
 
 [![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/zarf)](https://github.com/defenseunicorns/zarf/releases)
-[![Zarf Slack Channel](https://img.shields.io/badge/k8s%20slack-zarf-40a3dd)](https://kubernetes.slack.com/archives/C03B6BJAUJ3)
-[![Zarf Website](https://img.shields.io/badge/web-zarf.dev-6d87c3)](https://zarf.dev/)
-[![Zarf Documentation](https://img.shields.io/badge/docs-docs.zarf.dev-775ba1)](https://docs.zarf.dev/)
-[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/zarf/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/zarf)
 [![Go version](https://img.shields.io/github/go-mod/go-version/defenseunicorns/zarf?filename=go.mod)](https://go.dev/)
+[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/zarf/release.yml)](https://github.com/defenseunicorns/zarf/actions/workflows/release.yml)
+[![Zarf Documentation Status](https://api.netlify.com/api/v1/badges/fe846ae4-25fb-4274-9968-90782640ee9f/deploy-status)](https://app.netlify.com/sites/zarf-docs/deploys)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/zarf/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/zarf)
 
-||Build Status|
-|---|---|
-|Zarf|[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/zarf/release.yml)](https://github.com/defenseunicorns/zarf/actions/workflows/release.yml)|
-|Zarf Documentation|[![Zarf Documentation Status](https://api.netlify.com/api/v1/badges/fe846ae4-25fb-4274-9968-90782640ee9f/deploy-status)](https://app.netlify.com/sites/zarf-docs/deploys)|
+[![Zarf Website](https://img.shields.io/badge/web-zarf.dev-6d87c3)](https://zarf.dev/)
+[![Zarf Documentation](https://img.shields.io/badge/docs-docs.zarf.dev-775ba1)](https://docs.zarf.dev/)
+[![Zarf Slack Channel](https://img.shields.io/badge/k8s%20slack-zarf-40a3dd)](https://kubernetes.slack.com/archives/C03B6BJAUJ3)
 
 <img align="right" alt="zarf logo" src=".images/zarf-logo.png" height="256" />
 
 Zarf eliminates the [complexity of air gap software delivery](https://www.itopstimes.com/contain/air-gap-kubernetes-considerations-for-running-cloud-native-applications-without-the-cloud/) for Kubernetes clusters and cloud-native workloads using a declarative packaging strategy to support DevSecOps in offline and semi-connected environments.
 
-📦 Out of the Box Features
+## 📦 Out of the Box Features
 
 - Automate Kubernetes deployments in disconnected environments
 - Automate [Software Bill of Materials (SBOM)](https://www.linuxfoundation.org/tools/the-state-of-software-bill-of-materials-sbom-and-cybersecurity-readiness/) generation
 - Provide a [web dashboard](https://docs.zarf.dev/docs/dashboard-ui/sbom-dashboard) for viewing SBOM output
+- Create and verify package signatures with [cosign](https://github.com/sigstore/cosign)
+- [Publish](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_package_publish), [pull](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_package_pull), and [deploy](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_package_deploy) packages from an [OCI registry](https://opencontainers.org/)
+- Powerful component lifecycle [actions](https://docs.zarf.dev/docs/user-guide/component-actions)
 - Deploy a new cluster while fully disconnected with [K3s](https://k3s.io/) or into any existing cluster using a [kube config](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/)
 - Builtin logging stack with [Loki](https://grafana.com/oss/loki/)
-- Builtin git server with [Gitea](https://gitea.com/)
-- Builtin docker registry
+- Builtin Git server with [Gitea](https://gitea.com/)
+- Builtin Docker registry
 - Builtin [K9s Dashboard](https://k9scli.io/) for managing a cluster from the terminal
 - [Mutating Webhook](adr/0005-mutating-webhook.md) to automatically update Kubernetes pod's image path and pull secrets as well as [Flux Git Repository](https://fluxcd.io/docs/components/source/gitrepositories/) URLs and secret references
-- Builtin [command to find images](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_prepare_find-images) and resources from a helm chart
+- Builtin [command to find images](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_prepare_find-images) and resources from a Helm chart
 - Tunneling capability to [connect to Kuberenetes resources](https://docs.zarf.dev/docs/user-guide/the-zarf-cli/cli-commands/zarf_connect) without network routing, DNS, TLS or Ingress configuration required
 
-🛠️ Configurable Features
+## 🛠️ Configurable Features
 
-- Customizable [variables](examples/variables/README.md) with defaults and user prompting
+- Customizable [variables and package templates](examples/variables/README.md) with defaults and user prompting
 - [Composable packages](https://docs.zarf.dev/docs/user-guide/zarf-packages/zarf-components#composing-package-components) to include multiple sub-packages/components
-- Filters to select the correct architectures/operating systems for packages
-
-> Early Zarf research and prototypes were developed jointly with [United States Naval Postgraduate School](https://nps.edu/) research you can read [here](https://calhoun.nps.edu/handle/10945/68688).
+- Component-level OS/architecture filtering
 
 ## Demo
 
@@ -62,6 +61,8 @@ To contribute, please see our [Contributor Guide](https://docs.zarf.dev/docs/dev
 
 ## Special Thanks
 
+> Early Zarf research and prototypes were developed jointly with [United States Naval Postgraduate School](https://nps.edu/) research you can read [here](https://calhoun.nps.edu/handle/10945/68688).
+
 We would also like to thank the following awesome libraries and projects without which Zarf would not be possible!
 
 [![pterm/pterm](https://img.shields.io/badge/pterm%2Fpterm-007d9c?logo=go&logoColor=white)](https://github.com/pterm/pterm)