Under development
Portus is now able to scan security vulnerabilities on your Docker images. This is done with different backends, where the stable one is CoreOS Clair. You have to enable the desired backends and then Portus will use them to fetch known security vulnerabilities for your images.
Note: this version of Portus supports Clair v2 specifically (current
master branch is not supported).
You can read the blog post for more info.
Commits: 4cd875c2aa9f, d3454cfb84f3, f19094b98737.
One of the main issues for Portus was that sometimes it took too long to
complete certain critical tasks. For this release we have moved these tasks
into a separate background process. This background process resides in the
bin/background.rb file, and it can be enabled for containerized deployments
by setting the PORTUS_BACKGROUND environment variable to true.
The following tasks have been moved into this new process:
- Security scanning: after testing security scanning more in depth, we noticed that sometimes it could block Portus when showing the main page for repositories. This was the first task moved into this new process. Commit: e0f7d53cb2b2.
- Registry events: before creating this process, we dealt with incoming registry events in the main Portus process. The problem with this was that after getting a push event, for example, Portus had to fetch manifests, which could take quite some time. This meant that Portus got blocked in some deployments. Now Portus will simply log the event, and then the background process will process it right away (by default this process will check for events every 2 seconds). This task can be disabled as documented here. Commit: 6a4f7d7dca60.
- Registry synchronization: we have removed the crono process in favor of this new process. Hence, the code that was executed in previous releases by crono has been merged as another task of this new process. Moreover, since it can be quite dangerous, we have added some configuration options: it can be disabled; and it can be tuned with a strategy (from a riskier approach to a safer one). All this has been documented in its documentation page. Commit: ced9b46a9064.
Note on deployment: this new background process has to have access to the same database as the main Portus process.
Portus will now allow anonymous users to search for public images. This is a configurable option which is enabled by default. You can read more about this in the documentation.
Commits: 274c0908a83c, 9d6cc25fd0b4.
Portus' authentication logic has been extended to allow OAuth & OpenID
Connect. For OAuth you are allowed to login through the following adapters:
Google, Github, Gitlab and Bitbucket. Check the config/config.yml file for
more info on the exact configurable options.
Commit: 0a5fefdd14d9.
Thanks a lot to Vadim Bauer (@Vad1mo) and Andrei Kislichenko (@andrew2net) for working on this!
An effort to design and implement an API for Portus has been started. This is useful for CLI tools like portusctl among other user cases. We do not consider the API to be in a stable state, but it is useful already. We will continue this effort in forthcoming releases. Commits: 2129833f27f0, 28f77d3352ea, 5a9437bba42d, 451e508bd86a, 185f18e98638, a9bdab58d150, 8b42887f83a5, fbe7e8d4ef53, 4a79f222f93b, fbe7e8d4ef53.
Thanks a lot to Vadim Bauer (@Vad1mo) and Andrei Kislichenko (@andrew2net) for working on this!
The deployment of Portus has been simplified as much as possible. For this reason we have removed a lot of clutter on our official Docker image, and we have embraced best practices for deploying Ruby on Rails applications. For this reason we have set Puma as the web server for Portus.
Commits: 09b722f56221, 9fd61ba7bae0, 6a3b8ca74edb, 2488791f8f54.
We provide in the source code examples that illustrate how Portus is intended to
be deployed on production. These examples reside in the examples
directory. Some observations:
- As stated above, set the
PORTUS_BACKGROUNDenvironment variable to true for the background process. - You can set
RAILS_SERVE_STATIC_FILESto true if you want Portus to serve the assets directly (e.g. if you don't want a load-balancer like NGinx or HAproxy to do this). - Use the new
PORTUS_DB_environment variable prefix instead of the oldPORTUS_PRODUCTION_one for database options. Moreover, in the database you can now specify more options likePORTUS_DB_POOLfor stating the DB pool. - Portus will complain if you provide old environment variables like
PORTUS_PRODUCTION_DATABASE, or if you forgot to specify some relevant environment variables for production likePORTUS_MACHINE_FQDN_VALUE. Commit: 06a405c4f5fd.
Commit: ba7b15ed42d0.
An official Helm Chart for deploying Portus in a Kubernetes cluster is being developed. It is expected to be released soon after this release.
Some tools like CoreOS Clair require PostgreSQL as their database. When developing support for security scanning we noticed that it was quite redundant to have two different databases running. For this reason, we have added PostgreSQL support, so you can use PostgreSQL for both Portus and Clair.
Commit: af1b8b6ca725.
Some features required an upgrade of Ruby. Since SLE 15 and Tumbleweed will most likely have Ruby 2.5 as their default version, we have anticipated this move. So, now Portus is supported for Ruby 2.5. If you try to run Portus on previous versions, it will error out during initialization (commit: ea02cab5c822).
Commits: a2407506ff5c, d86d46c9313c, 46a5a34fda40.
- Sort tags by updated_at date not by created_at. Commit: 90ad00a32f49.
- Copy
docker pullcommand to clipboard when clicking a tag: acad5b6f442d. - Lots of small improvements on the UI. Commits (among others): 097e782ec1a3, bd4d9d8db5ad, 0ae8f5e2fae6, c891792742c0, 50d61606caa7.
- Properly check when the DB is ready, useful for containerized deployments. Commit: 564c3cb5d35c.
- Make the log level configurable on production. Useful for temporarily debugging a production deployment. Commit: db2403fd3311.
- Added rack-cors to prevent AJAX CORS attacks. Commit: 5a0402098428.
- Adding the X-UA-Compatible header so it works well for IE with compatibility mode on. Commit: 146076d543e8.
- Implemented timeout for requests targetting the registry. Commit: 9296f1eaa5bb, 56d2886e7f65.
- Added registry validation and status. Commits: a30c27071650, d0dd2f4aeba0.
- Add core-js pollyfills, so internet access is not needed. Commit: 02cf5212a28c.
- Fixed performance problems on the activities page. Commit: b5fd93bd9486.
- Fixed table pagination. Commit: f05aad9e6183.
- Fixed some issues on activities. Commit: db553f8d0bcc.
- Honor external_hostname in token generation. Commit: 802bb89b0ec4.
- Fixed Vagrant setup. Commit: 6ca35b1bc2e7.
- Read the TZ env variable to display dates correctly. Commit: e2eed1463aaa.
- LDAP: avoid clashes on emails. Commit: 1a57f0f7f95b.
- Fixed icons spacing/positioning. Commit: ab34bf9ebc5b.
- Fixed team name validation behavior. Commit: 86e72f88b20f.
- Fixed a render error on the search/index page. Commit: d12306daa47b.
- Fixed the namespace and team name clashes. Commit: eec31da471a7.
- Properly check SSL requirements. Commit: a86ec03923f8.
- Fixed tag name uniqueness validation. Commit: 83478b1911b0.
- Fixed crash on null author of a tag. Commit: 7f84fbc60307.
- Update tags by digest when scanning. Commit: 46065607fbc1.
- Fixed crash when vulnerabilities were not found. Commit: a904cef41cb2.
- Added some checks on mailer configuration to avoid crashes later on. Commit: c3ba1b50ca31.
- Catch exceptions on password resets creation. Commit: 9d2ba4748693.
- Registry Client should probe that the /v2/ path reachable and that we accept 200 responses as well. Commit: 2b0bf59a2601.
- Upgraded jQuery to 3.x to avoid security issues. Commit: 0505c177f5d2.
This release includes a fix for CVE-2017-14621. Thanks a lot Ricardo Sánchez for reporting this security issue! Commit: c21dfec24cfc.
- Our Rubocop rules are now as close as possible to the default style. This is an attempt to be closer to the decisions from the ruby community. Commit: 71ff67ae123b.
- Update the development environment for docker-compose v2.
- Many fixes went into the test suite. Commit (among others): af7d093cfdc2.
- The configuration management has been extracted into its own gem: cconfig. Commits: 9ce311a832ae, c8abbff3bd38.
- Introduced the
DeprecationErrorexception. Commit: 3691273ebbd9. - Networking errors have been merged into a single point of entry. Commit: 944e50176c1a.
- Big changes on the Javascript side:
- Turbolinks has been removed. Commit: 2803e2962419.
- We have migrated from Coffeescript to Javascript: 79fb15164f32, d30bc2baef16.
- Javascript dependencies are now managed by yarn: 803829045ff3.
- Webpack is the responsible for building the assets: bc56035f9c5e.
- We have introduced VueJS to bring some order into the Javascript front: c3ad4bf97dbe, 3e145dc03c79, 3dd743fd610e.
- We have migrated to the latest Javascript standard (EcmaScript6). This has involved some refactoring. See commits (among others): efbff080ff82, c8fc5823f6b7, dc3b00dd3dbd, ad5da31283df, e70e78c75b89, a838cabc0720, 0428092a287f, 821595bc4c52, 6e8b57f4c531, 76909e9c931d, 0c3a003cf897, 9c223b7a5918, f1d47a6abda7, 1103a1ac3b55, 452ec54fc224.
In this section we want to detail some things that you might want to take into account when upgrading to 2.3:
- As explained above, Puma is now the HTTP server being used. Make sure to use
the
PORTUS_PUMA_TLS_KEYand thePORTUS_PUMA_TLS_CERTenvironment variables to point puma to the right paths for the certificates. Moreover, if you are not using the official Docker image, you will have to use thePORTUS_PUMA_HOSTenvironment variable to tell Puma where to bind itself (in containerized deployments it will bind by default to0.0.0.0:3000). - The database environment variables have changed the prefix from
PORTUS_PRODUCTION_toPORTUS_DB_. Moreover, you will be able now to provide values for the following items: adapter (set it topostgresqlfor PostgreSQL support), port, pool and timeout. All these values are prefixed byPORTUS_DB_as well, so for example, to provide a value for the pool you need to setPORTUS_DB_POOL.
Finally, we are not running migrations automatically anymore as we used to do
before. This is now to be done by the administrator by executing (on the Portus
context in /srv/Portus or simply as part of a docker exec command):
$ portusctl exec rake db:migrate
For more details on this check the commits 7fdfe9634180 and 1c4d2b6cf0e0.
Some configuration options that were soft-deprecated in 2.2 will now raise a
DeprecationError. These are:
- The expiration time of the JWT token can no longer be expressed as a string
with a format:
x.minutes. You have to provide now an integer representing the minutes for thejwt_expiration_timeconfigurable option. Users that have not touched this option since the 2.1 times will have to change this. - The
jwt_expiration_timeoption was moved toregistry.jwt_expiration_timein 2.2. Now, if you continue to provide the former rather than the latter, you'll get aDeprecationErrorexception.
Besides this, Portus will also raise a DeprecationError during initialization
in the case you provided the prefix PORTUS_PRODUCTION_ for database
configurable options instead of PORTUS_DB_.
Finally, portusctl as provided by Portus is getting deprecated in favor of
openSUSE/portusctl. This new
portusctl has been built from scratch for the following reasons:
- Since 2.3 our main focus is the support containerized deployments. Therefore,
portusctl's main task to setup the installation didn't make sense anymore. - Moreover, from experience we noticed lots of corner cases where the old portusctl was simply not effective.
- With the introduction of the API, we wanted to re-purpose the tool to be more
similar to tools like
kubectlfor Kubernetes. That is, a CLI interface to the API that administrators can use with ease.
Lots of issues regarding packaging were fixed. We want to highlight the following commits:
- Do not touch the Gemfile anymore. Commit: bd383fba329b.
- Change how we build dependencies. Commit: 0970b9903af5.
- Added bundled JS dependencies in the spec file. Commit: f08803be6fbc.
- Added a script to compare the gems on git and OBS. Commit: 291d172c12e3.
Alexander Block, banuchka, Ben Rexin, Diokuz, Fabian Baumanis, Hart Simha, James Maidment, Jordi Massaguer Pla, Lefnui, Maik Hinrichs, Maximilian Meister, Miquel Sabaté Solà, Ricardo Mateus, Robin Müller, Saurabh Surana, Shammah Chancellor, Soedarsono, Thorsten Schifferdecker, Vadim Bauer, Vítor Avelino.
... and many thanks to everyone that has contributed to Portus by leaving comments, sending emails, submitting issues, providing feedback, etc. Thanks!
- Portus will now properly update the image ID when a tag has been pushed. See PR #1054.
- Fixed how image updates are handled. See PR #1031.
- Follow a consistent order in the signup form. See PR #1119.
- Hide passwords stored in webhooks. See PR #1111.
- Removed reference of missing stylesheets. See PR #1114.
- Fixed a bunch of issues related to activities. See PR #1144.
- Fixed the pre-compilation of the cover.js asset. See PR #1157.
- portusctl: it will show a warning when using the
--local-registryflag but the package has not been installed. See PR #1096. - Portus now supports Docker Distribution 2.5. See PR #1068.
- Allow docker-compose users to specify an alternative port. See PR #1094.
- Avoid the confusion on the hostnames to be used. See PR #1056.
- Clarified how the
--local-registryflag works. PR #1052.
- Use the full repository name in the
portus:update_tagstask (see 005ec6503208) - Fixed a regression on assets handling (see fc6982a4bfe2 and fdb92fffb5fa)
- Fixed the handling of the "*" action from the registry (see 6afb1ac150e6)
- Notification messages are now more consistent (see 72e452b1fd20)
- Order users by username on the admin panel (see e92106cd951b)
- Fixes and improvements on Docker Distribution support (see f74eb2eac7d6, c8fc5ed6b337, 95ba4d83a539, 552df9caa341, 575d51b3b7d2, 4014a7c14487, e18310e6a2eb and 7494eeed2b88)
- Implemented user removal (see d9d6e3afa224)
- Implemented the removal of images and tags (see b63252ff07a8, 10c060e246ab, 7ae5179ba623, 85730266c9c4, 65a0624cd923, 612734339fa1 and c23758489c57)
- Also read our blog post on image/tag removal
- Showing the image ID and the digest of docker images (see 0f290526ad97, 960e7599d501, 28dae7f3fb23, ba32d140958a, 0b8d1bff5b85 and e57232b149b5)
- Implemented webhook support (see 4a4a67c62d52, 702356b006d8, 60354bb41ddc, 08918c5a91d2, 4b4d4c0ff70e and b3565d3ade0f)
- Also read our blog post on webhooks
- Introduce application tokens (see b399f90c0de5 and e38e7602f471)
- Better reflect updates on Docker images (see 89b9964c0f0e)
- General improvements and fixes on the UI/UX (see cb033f40898e, e7629b758055, fcfd6d3548aa, 933b86fbe9bf, c886e9009ee0, 818354d7d92c, 868abc65d286, f935d0ae79a5, 128c76febb06, 23da71c64c7c, 1ef1da2e9c70, 78a9d81965fa, a3ffe492d134)
- Allow the admin to provide extra filter options in LDAP lookup (see 99daa00d565b)
- Password length is no longer checked by Portus in LDAP (see 381fd61fb546)
- Relaxed the requirements for user names, and removed the conflicts of user names in LDAP (see a9d5a2646d0d and 215c681e65c2)
- Introduce the
display_nameoption (see 5d8c7e4bec97) - Allow administrators to turn off smtp authentication (see d837160bbe3e)
- Added an external hostname field to allow for events to come from other named services (see 0d58ed1fce0b)
- Added a help section to the menu (see 40a18a04b1fe)
- Introduced more optional user restrictions (see cddfb5924fae)
- Added the registry.catalog_page option (see de4e4f4db74e)
- Added option to disable change of visibility (see 50fb319ded81)
- The signup form can now be disabled, and users can be created by the admin directly (see 9bbd75cacd935f888460669d77fa47c706a5dbaf, 79bac5c4f54b758831c867fc08b0b567418cae7d and fcf20d7534e2f1172713f82e06ef12abe14df046)
- Added internal policy for namespaces (see 46d1d0bc7251)
- Added namespaces and teams to search (see f1a9698657c8)
- Admins can now change the ownership of a namespace (see e4b137a92a96)
- Display the git tag, branch/commit or version when possible (see a7bfa8dde140)
- Now logs are redirected to the standard output (see dfc72b3d6abd)
- Added the ability to add comments on repositories (see 4d780d93950b)
- Virtual/hidden teams are no longer counted for the "number of teams"-column under admin/users (see 02722126cb92)
- Added rake tasks for creating a registry, updating digests and showing general information (see ec0d0063b781, 4566ea0607fd and 152ce27725f7)
- Added man pages for portusctl (8b4b31e1cfc3)
- Register more activities (see fd97edaf6bb6 and bee150287604)
- Various fixes in LDAP support (see b13dca7e207f, 7e3feabcc2bb and 377a59b66c16)
- Discard pagination for CSV activities (see 7f120349279f)
- Make sure that Portus admins are always team owners (see 2db13a3ae524)
- User names are no longer allowed to clash with teams (see b5b0896e78b3)
- Redirect back to accessed page on successful login (see fed27a5dcf6a)
- Fixes on the crono job (see efc33be00d2e and 08d60dd91a5e)
- Multiple fixes in portusctl (see 46b5f449263f, add79d790238, 2025da82f3e5, aa4997ab48a4, f8d473430ee1, 5d4eb85943ff and 78f8f949c46e)
- Multiple fixes in our RPM (see 919452db8507, 0019a65cad3b, 0be925085b30, 050d095b0887 and 3f56c4ae4f6d)
- Show the "I forgot my password" link when the signup is disabled (see 2a244c8160d0)
- Moved the machine FQDN from secrets.yml to config.yml (see 984671662ade)
- Deprecated the usage of "x.minutes" strings in configuration values. In future versions this syntax will be forbidden (see 53400181e439)
- All the improvements, features and bug fixes mentioned in the notes of 2.0.x releases.
- The FQDN can now be specified from the configuration too. This is meant to help users to transition from 2.0.x to 2.1. See commit.
- Portus is now more explicit on the allowed name format. See commit.
- Portus is now more friendly on errors based on the namespace name. See commit.
- Disable automatic generation of certificates. For this, now there are two new
flags:
--ssl-gen-self-signed-certsand--ssl-certs-dir <dir>. See commit. - Wrap crono with the
execcommand. See commit.
- Some fixes on the generation of the RPM in OBS.
- Automate Portus release. See commit.
- Rename Portus to portus on the RPM. See commit.
- Refactored RPM. See commit.
- Wrap crono with the exec command in the RPM. See commit.
- Require net-tools on the RPM. See commit.
- Use the proper
make_admintask. See commit. - Don't configure mysql in Docker. See commit.
- Added the portus:info task. See commit.
- Better Sub-URI handling & configurable config-local.yml path. See PR.
- Update ruby versions on travis. See commit1 and commit2.
- Logout button and search repository are now appearing in small devices. See commit.
- Don't allow access to the hidden global team. See commit.
- Fixed crono job when a repository could not be found. See commit.
- Fixed more issues on docker 1.10 and distribution 2.3. See this and this commits.
- Handle multiple scopes in token requests. See commit.
- Add optional fields to token response. See commit.
- Fixed notification events for distribution v2.3. See commit.
- Paginate through the catalog properly. See commit.
- Do not remove all the repos if fetching one fails. See commit.
- Fixed SMTP setup. See commit.
- Don't let crono overflow the
logcolumn on the DB. See commit. - Show the actual LDAP error on invalid login. See commit.
- Fixed the location of crono logs. See commit.
- Always use relative paths. See commit.
- Set RUBYLIB when using portusctl. See commit.
- Don't count hidden teams on the admin panel. See commit.
- Warn developers on unsupported docker-compose versions. See commit.
- Directly invalidate LDAP logins without name and password. See commit.
- Don't show the "I forgot my password" link on LDAP. See commit.
- Small random fixes:
- Portus will now check whether a Registry is reachable or not. See PR #437.
- Namespaces and teams have a description field. See PR #383.
- Second UI iteration. See pull requests: #445, #447 and #462.
- Repositories contained in public namespaces are now pullable even for non-logged in users: PR #468.
- SUSE RPM: provide
portusctltool to simplify the initial setup of Portus - Portus will now lock users' accounts that have failed too many times on login. See PR #330.
- Added a mechanism of password recovery in case users forget about their password. See PR #325.
- Set admin user from a rake task and disable first-user is admin. See PR [#314] (SUSE#314)
- Added a configuration option to specify the expiration time for JWT tokens issued by Portus. See PR 518.
- Review requirements and provides in the RPM PR #277, PR #278, PR #280, PR #273,
- Add configure scripts for the RPM and use environment variables for production. See: PR #299, PR #298, PR #281
- Check run time requirements like ssl, secrets. See PR #297, PR #286
- Update uglifier gem for fixing a security issue (OSVDB-126747) PR #292
- Introduced LDAP support. See the initial PR #301. Multiple PRs followed to bring LDAP support to a proper state (see this).
- Users will not be able to create namespaces without a Registry currently existing.
- PhantomJS is now being used in the testing infrastructure. See the following pull requests: #193, #194, #213, #216, #219.
- The namespace page now shows the creation date. See PR #229.
- There have been some fixes on the search feature. See #223 and #224.
- Hidden teams are no longer able to create namespaces. See PR #220.
- Added the pagination feature. See PR #232.
- Some initial steps have been done towards running Portus inside docker. See PR #212.
- Added the appliance tests. See PR #208.
- Star/Unstar repositories. See PR #230 and #294.
- Now users can be enabled/disabled. See PR #240.
- Fixed the authentication process for Docker 1.8. See PR #282.
- Added icons to the following tables: teams and members. See PR #388.
- And some fixes here and there.
- Fixed regression where namespaces could not be created from team page (Fixes #165)
- Initial version