Releases: distribution/distribution
registry 2.7.0-rc.0
Welcome to the v2.7.0-rc.0 release of registry!
This is a pre-release of registry
The 2.7 registry release has been a long time coming and represents both
a long gap since the previous release and a renewed effort to release
regularly. The maintainers were committed to get OCI support into the
next release and thanks to much effort in the community that has
been accomplished.
OCI Support
Push and Pull of OCI Images
The registry now allows pushing and pulling OCI images. OCI images will always
be preserved exactly without conversion to older types. With this change,
clients which implement OCI can feel comfortable creating OCI images as part of
their container image build process.
Specification Donation
The Distribution specification which has had 4 years of review, implementation,
and production use is now part of OCI. As part of that move, specification
changes will no longer be accepted in the open source registry and should
instead go to OCI's distribution-spec.
Bug fixes
Many many fixes and improvements, see the change log below
Please try out the release binaries and report any issues at
https://github.com/docker/distribution/issues.
Contributors
- Derek McGowan
- Stephen J Day
- Olivier Gambier
- Mike Brown
- Aaron Lehmann
- David Wu
- Manish Tomar
- Misty Stanley-Jones
- Sargun Dhillon
- fate-grand-order
- Huu Nguyen
- Yu Wang
- Ahmet Alp Balkan
- Andrew Leung
- Andrey Kostov
- Clayton Coleman
- Noah Treuhaft
- Owen W. Taylor
- Ryan Abrams
- Troels Thomsen
- Feng Honglin
- Gwendolynne Barr
- Haibing Zhou 周海兵
- Masataka Mizukoshi
- Michal Fojtik
- Oleg Bulatov
- Per Lundberg
- Rui Cao
- Tibor Vass
- ning xie
- Alvin Feng
- Antonio Murdaca
- Christy Perez
- Corey Quon
- Deshi Xiao
- Elsan Li 李楠
- Elton Stoneman
- Eric Yang
- Felix Bünemann
- Gladkov Alexey
- Helen Xie
- Igor Morozov
- Ina Panova
- Javier Palomo Almena
- Jesse Haka
- Joao Fernandes
- Jon Johnson
- Justin Cormack
- Justin Santa Barbara
- Kevin Lin
- Kira
- Leonardo Azize Martins
- LingFaKe
- Liron Levin
- Luis Lobo Borobia
- Michal Minář
- Monika Katiyar
- Nishant Totla
- Nycholas de Oliveira e Oliveira
- Oleg Bulatov
- Parth Mehrotra
- Raphaël Enrici
- Riyaz Faizullabhoy
- Sakeven Jiang
- Santiago Torres
- Sebastiaan van Stijn
- Tianon Gravi
- Tony Holdstock-Brown
- Viktor Stanchev
- Wenkai Yin
- Yong Tang
- YuJie
- kaiwentan
- liyongxin
- mlmhl
- uhayate
- william wei
- yixi zhang
Changes
17b3ff18
Merge pull request #2730 from dmcgowan/version-update-2.7.0-rc.0f08b3486
Update version to 2.7.0-rc.0f3adfea3
Merge pull request #2721 from dmcgowan/release-notes-2.7.0-rce1817db8
Merge pull request #2720 from dmcgowan/update-release-process97cb7f35
Update release documents2eb7a172
Add 2.7.0-rc release notes06a4c2f6
Update mailmap filed37f8164
Merge pull request #2723 from mirake/fix-typos569d18ae
Fix some typos16128bba
Merge pull request #2707 from davidswu/go-1.11b089e916
Merge pull request #2712 from liyongxin/master6133840f
typo fix from existant to existenta927fbdb
track digest offset in blobwriterd8bde9b9
remove go 1.9 and 1.10 checks from travisbd41413d
remove closenotifier166874ad
fix gofmt and goimportsa5c2fdc5
Merge pull request #2705 from mirake/fix-typo9da0f07c
update travis with go 1.11877d706b
remove dependencies on resumabled1f36d46
Fix some typos642075f4
Merge pull request #2631 from whoshuu/feature/improve-gcs-driver15de837a
Merge pull request #2704 from dmcgowan/fix-27037a195dd5
Add back include_gcs build constraint69299d93
Use existing jwtConf instead of creating a scoped onef9187b25
Add regulator to GCSb424c3d8
Better error handling for GCS credential argument addition3f9f073c
Edit configuration.md to add gcs credentials option78238ef1
Add credentials argument for GCS driverefa4c3bb
Merge pull request #2702 from caervs/fix_path_enumeration6d66d036
Merge pull request #2698 from cquon/swift_vendorc88728f2
Fix registry stripping newlines from manifests6b73a9ab
Ignore missing paths during enumerationfd32d5f9
update github.com/ncw/swift package in vendor to v1.0.405a74b806
update github.com/ncw/swift package in vendor to avoid potential memory leaks9930542d
Merge pull request #2701 from davidswu/metalinter8d7e4cd3
fix goimports and gofmt90705d2f
Merge pull request #2362 from twistlock/populate_htpasswdb12bd400
Merge pull request #2639 from andrew-leung/manifesteventlayers059f301d
Merge pull request #2685 from manishtomar/mani-graceful-shutdownf95ac7db
fix doc - thanks @dmp423354cf98
Merge pull request #2680 from manishtomar/mani-fix-mem-leakef859e1b
Merge pull request #2474 from vikstrous/disable-v1-master90070b33
Merge pull request #2694 from caervs/fix_nginx_spacing- [
0101db11
](0101db...
Docker Registry v2.6.2
This release is a special security release to address an issue allowing
an attacker to force arbitrarily-sized memory allocations in a registry
instance through the manifest endpoint. The problem has been mitigated
by limiting the size of reads for image manifest content.
Details for mitigation are in 29fa466
CVE-2017-11468 has been assigned for this issue.
Changelog
48294d9 Merge pull request #2343 from stevvooe/prepare-2.6.2
04ce686 release: prepare for 2.6.2 release
c829241 Merge pull request #2341 from stevvooe/limit-payload-size-26
29fa466 registry/{storage,handlers}: limit content sizes
42ea75c Merge pull request #2284 from mstanleyjones/release/2.6
ed2b686 Put architecture.md back into distribution repo
Docker Registry v2.5.2
This release is a special security release to address an issue allowing
an attacker to force arbitrarily-sized memory allocations in a registry
instance through the manifest endpoint. The problem has been mitigated
by limiting the size of reads for image manifest content.
Details for mitigation are in 58d239d.
CVE-2017-11468 has been assigned for this issue.
Changelog
0bae751 Merge pull request #2344 from stevvooe/prepare-2.5.2
48cb60a release: prepare for 2.5.2 release
2b0952d Merge pull request #2342 from stevvooe/limit-payload-size-25
58d239d registry/{storage,handlers}: limit content sizes
9bc9d21 Merge pull request #2122 from
mstanleyjones/configuration_changes_backport
fcbea60 Improve formatting of configuration.md
6b114e6 Merge pull request #2081 from Windfarer/release/2.5
6c985f7 Update main.go
2c3b616 Merge pull request #2054 from mstanleyjones/2.5_metadata_fixes
5adfbe3 Remove newlines from end of error strings
cfe7079 Satisfy the latest go lint rules
abd2d76 Metadata and formatting fixes needed for Jekyll build
6b3ccf9 Convert Markdown frontmatter to YAML
a8402a2 Merge pull request #1985 from johndmulhausen/master
0a22649 Update to fix lint errors
Docker Registry v2.6.1
Changelog
Registry
- Fix
Forwarded
header handling, revert use ofX-Forwarded-Port
- Use driver
Stat
for registry health check
Docker Registry v2.6.1-rc.2
Changelog
Registry
- Fix
Forwarded
header handling, revert use ofX-Forwarded-Port
- Use driver
Stat
for registry health check
Docker Registry v2.6.1-rc.1
Changelog
Registry
- Fix
Forwarded
header handling, revert use ofX-Forwarded-Port
Docker Registry v2.6.0
2.6.0 (2017-01-18)
Storage
- S3: fixed bug in delete due to read-after-write inconsistency
- S3: allow EC2 IAM roles to be used when authorizing region endpoints
- S3: add Object ACL Support
- S3: fix delete method's notion of subpaths
- S3: use multipart upload API in
Move
method for performance - S3: add v2 signature signing for legacy S3 clones
- Swift: add simple heuristic to detect incomplete DLOs during read ops
- Swift: support different user and tenant domains
- Swift: bulk deletes in chunks
- Aliyun OSS: fix delete method's notion of subpaths
- Aliyun OSS: optimize data copy after upload finishes
- Azure: close leaking response body
- Fix storage drivers dropping non-EOF errors when listing repositories
- Compare path properly when listing repositories in catalog
- Add a foreign layer URL host whitelist
- Improve catalog enumerate runtime
Registry
- Export
storage.CreateOptions
in top-level package - Enable notifications to endpoints that use self-signed certificates
- Properly validate multi-URL foreign layers
- Add control over validation of URLs in pushed manifests
- Proxy mode: fix socket leak when pull is cancelled
- Tag service: properly handle error responses on HEAD request
- Support for custom authentication URL in proxying registry
- Add configuration option to disable access logging
- Add notification filtering by target media type
- Manifest:
References()
returns all children - Honor
X-Forwarded-Port
and Forwarded headers - Reference: Preserve tag and digest in With* functions
- Add policy configuration for enforcing repository classes
Client
- Changes the client Tags
All()
method to follow links - Allow registry clients to connect via HTTP2
- Better handling of OAuth errors in client
Spec
- Manifest: clarify relationship between urls and foreign layers
- Authorization: add support for repository classes
Manifest
- Override media type returned from
Stat()
for existing manifests - Add plugin mediatype to distribution manifest
Docs
- Document
TOOMANYREQUESTS
error code - Document required Let's Encrypt port
- Improve documentation around implementation of OAuth2
- Improve documentation for configuration
Auth
- Add support for registry type in scope
- Add support for using v2 ping challenges for v1
- Add leeway to JWT
nbf
andexp
checking - htpasswd: dynamically parse htpasswd file
- Fix missing auth headers with PATCH HTTP request when pushing to default port
Dockerfile
- Update to go1.7
- Reorder Dockerfile steps for better layer caching
Notes
Documentation has moved to the documentation repository at
github.com/docker/docker.github.io/tree/master/registry
The registry is go 1.7 compliant, and passes newer, more restrictive lint
and vet
ing.
Docker Registry v2.6.0-rc.2
Changelog
Spec
- Authorization: add support for repository classes
Registry
- Add policy configuration for enforcing repository classes
Docker Registry v2.6.0-rc.1
Changelog
Storage
- S3: fixed bug in delete due to read-after-write inconsistency
- S3: allow EC2 IAM roles to be used when authorizing region endpoints
- S3: add Object ACL Support
- S3: fix delete method's notion of subpaths
- S3: use multipart upload API in
Move
method for performance - S3: add v2 signature signing for legacy S3 clones
- Swift: add simple heuristic to detect incomplete DLOs during read ops
- Swift: support different user and tenant domains
- Swift: bulk deletes in chunks
- Aliyun OSS: fix delete method's notion of subpaths
- Aliyun OSS: optimize data copy after upload finishes
- Azure: close leaking response body
- Fix storage drivers dropping non-EOF errors when listing repositories
- Compare path properly when listing repositories in catalog
- Add a foreign layer URL host whitelist
- Improve catalog enumerate runtime
Registry
- Override media type returned from
Stat()
for existing manifests - Export
storage.CreateOptions
in top-level package - Enable notifications to endpoints that use self-signed certificates
- Properly validate multi-URL foreign layers
- Add control over validation of URLs in pushed manifests
- Proxy mode: fix socket leak when pull is cancelled
- Tag service: properly handle error responses on HEAD request
- Support for custom authentication URL in proxying registry
- Add configuration option to disable access logging
- Add notification filtering by target media type
- Manifest:
References()
returns all children - Honor
X-Forwarded-Port
and Forwarded headers - Reference: Preserve tag and digest in With* functions
Client
- Changes the client Tags
All()
method to follow links - Allow registry clients to connect via HTTP2
- Better handling of OAuth errors in client
Spec
- Manifest: clarify relationship between urls and foreign layers
Manifest
- Add plugin mediatype to distribution manifest
Docs
- Document
TOOMANYREQUESTS
error code - Document required Let's Encrypt port
- Improve documentation around implementation of OAuth2
Auth
- Add support for registry type in scope
- Add support for using v2 ping challenges for v1
- Add leeway to JWT
nbf
andexp
checking - htpasswd: dynamically parse htpasswd file
- Fix missing auth headers with PATCH HTTP request when pushing to default port
Dockerfile
- Update to go1.7
- Reorder Dockerfile steps for better layer caching
Notes
Documentation has moved to the documentation repository at
github.com/docker/docker.github.io/tree/master/registry
The registry is go 1.7 compliant, and passes newer, more restrictive lint
and vet
ing.
Docker Registry v2.5.1
Catalog endpoint improvements.