Portus
Portus copied to clipboard
Published
20 hours ago •
SUSE
SUSE
Have no kaniko build tags in web interface
Description
Can not view kaniko builds in tags.
Steps to reproduce
- First I build in docker and push image. all ok
- Then that I build with kaniko and have no tags in web interface
but, when I try to pull those images, it pulls fine.
Deployment information
Deployment method: docker-compose from examples
Configuration:
# This file contains the default values for the configuration of this
# application. In order to change them, write your own config-local.yml file
# (it will be ignored by git). For more info, you can read the dedicated page
# here: http://port.us.org/docs/Configuring-Portus.html.
# Settings for the Portus mailer. It's strongly recommended to read the
# following documentation link before configuring the mailer:
# http://port.us.org/docs/Configuring-Portus.html#email-configuration
email:
from: "[email protected]"
name: "Portus"
# The reply_to field is empty, as the user has the possibility to enable
# it optionally by filling in the appropriate reply address.
reply_to: ""
# If enabled, then SMTP will be used. Otherwise 'sendmail' will be used
# (defaults to: /usr/sbin/sendmail -i -t).
smtp:
enabled: false
address: "smtp.example.com"
port: 587,
domain: "example.com"
##
# SSL.
ssl_tls: ""
enable_starttls_auto: false
openssl_verify_mode: "none"
ca_path: ""
ca_file: ""
##
# Authentication
user_name: ""
password: ""
authentication: "login"
# If enabled, then the profile picture will be picked from the Gravatar
# associated with each user. See: https://en.gravatar.com/
gravatar:
enabled: true
# Allow admins and owners to delete images and tags. This feature should *only*
# be enabled if the version of the running registry is 2.4 or higher since
# it's the first version that supports garbage collection. That being said,
# Portus will only delete the manifests of the tags and administrators are
# supposed to be responsible for garbage collecting unreferenced blobs. This is
# because the registry 2.4 does not garbage collect automatically. For more
# information on garbage collection on the registry, read the documentation:
# https://github.com/docker/distribution/blob/master/docs/garbage-collection.md
# Also, you can read more in our documentation here:
# http://port.us.org/features/removing_images.html
delete:
enabled: true
# Allow contributors to delete images and tags
contributors: false
# The garbage collector will run when enabled in the background process, and
# it will only delete tags matching the given conditions.
garbage_collector:
enabled: true
# Remove images not pulled and older than a specific value. This value is
# interpreted as the number of days.
#
# e.g.: If an image wasn't pulled in the latest 30 days and the image wasn't
# updated somehow in the latest 30 days, the image will be deleted.
older_than: 1
# Keep the latest X images regardless if it's older than the value set in
# `older_than` configuration.
keep_latest: 2
# Provide a string containing a regular expression. If you provide a
# valid regular expression, garbage collector will only be applied into tags
# matching a given name.
#
# Valid values might be:
# - "jenkins": if you anticipate that you will always have a tag with a
# specific name, you can simply use that.
# - "build-\\d+": your tag follows a format like "build-1234" (note that
# we need to specify "\\d" and not just "\d").
tag: ""
# LDAP support. If enabled, then only users of the specified LDAP server will
# be able to use Portus. Take a look at the documentation of LDAP support in our
# online docs: http://port.us.org/features/2_LDAP-support.html.
ldap:
enabled: false
# Hostname and port of your LDAP server.
hostname: "ldap_hostname"
port: 389
# The connection timeout to be used for all LDAP requests measured in seconds.
timeout: 5
# Encryption options
encryption:
# Available methods: "simple_tls" and "start_tls". If you leave this value
# empty (default), then no encryption will be enforced.
method: ""
options:
# The CA file to be accepted by the LDAP server. If none is provided, then
# the default parameters from the host will be sent.
ca_file: ""
# Protocol version.
ssl_version: "TLSv1_2"
# The base where users are located (e.g. "ou=users,dc=example,dc=com").
base: ""
# The base where admin users are located.
# (e.g. "ou=admin,dc=example,dc=com"). Use this base if you have a separate
# route for admin users. Users logging in from this base will be considered
# Portus administrators automatically.
admin_base: ""
# The base where groups are located (e.g. "ou=groups,dc=example,dc=com").
group_base: ""
# User filter (e.g. "mail=george*").
filter: ""
# The LDAP attribute where to search for username. The default is 'uid'.
uid: "uid"
# LDAP credentials used to search for a user.
authentication:
enabled: false
bind_dn: ""
password: ""
# Automatically add team members from a matching LDAP group into each
# team. Note that this will not delete nor update existing team members. Only
# `groupOfNames` and `groupOfUniqueNames` are supported.
group_sync:
enabled: true
# The role in which new team members will be added. Note that Portus
# administrators will be added as team owners regardless of this setting.
default_role: "viewer"
# Portus needs an email for each user, but there's no standard way to get
# that from LDAP servers. You can tell Portus how to get the email from users
# registered in the LDAP server with this configurable value. There are three
# possibilities:
#
# - disabled: this is the default value. It means that Portus won't do a
# thing when registering LDAP users (users will be redirected to their
# profile page until they setup an email account).
# - enabled where "attr" is empty: for this you need "ldap.base" to have
# some value. In this case, the hostname will be guessed from the domain
# component of the provided base string. For example, for the dn:
# "ou=users,dc=example,dc=com", and a user name "user", the resulting
# email is "[email protected]".
# - enabled where "attr" is not empty: with this you specify the attribute
# inside a LDIF record where the email is set.
#
# If something goes wrong when trying to guess the email, then it just falls
# back to the default behavior (empty email).
guess_email:
enabled: false
attr: ""
# OAuth support.
oauth:
# If enabled, then users can login with portus credential.
# Otherwise, the users can only login via OAuth.
local_login:
enabled: true
# If enabled, users can authenticate with their Google Account.
# Callback url: <host>/users/auth/google_oauth2/callback
google_oauth2:
enabled: false
# Credentials. Details on https://developers.google.com/identity/protocols/OpenIDConnect
id: ""
secret: ""
# If a domain (e.g. mycompany.com) is set, then only signups with email from this domain are allowed.
domain: ""
options:
# G Suite domain. If set, then only members of the domain can sign in/up.
# If it's empty then any google users con sign in/up.
hd: ""
# OpenID authentication support. If enabled, then users can authenticate with OpenID/Connect
# Callback url: <host>/users/auth/open_id/callback
open_id:
enabled: false
# Optional. If identifier set then user redirect to the OpenID provider.
# If not, then user is asked for identifier before redirect.
# Example https://openid.stackexchange.com
identifier: ""
# If a domain (e.g. mycompany.com) is set, then only signups with email from this domain are allowed.
domain: ""
# OpenID Connect authentication support. If enabled, then users can authenticate with OpenID/Connect
# Callback url: <host>/users/auth/openid_connect/callback
openid_connect:
enabled: false
# E.g. https://accounts.google.com
issuer: ""
# Credentials.
identifier: ""
secret: ""
# Github authentication support.
# Callback url: <host>/users/auth/github/callback
github:
enabled: false
# Application credentials.
client_id: ""
client_secret: ""
# Only members of organization's team can sign in/up with Github.
organization: ""
team: ""
# If a domain (e.g. mycompany.com) is set, then only signups with email from this domain are allowed.
domain: ""
# Gitlab authentication support.
# Callback url: <host>/users/auth/gitlab/callback
gitlab:
enabled: false
application_id: ""
secret: ""
# Only member of the group can sign in/up with Gitlab.
group: ""
# If a domain (e.g. mycompany.com) is set, then only signups with email from this domain are allowed.
domain: ""
# The Gitlab server to be used. If empty, then https://gitlab.com is assumed.
server: ""
# Bitbucket authentication support. Need permission to read email.
# Callback url: <host>/users/auth/bitbucket/callback
bitbucket:
enabled: false
# Application credentials.
key: ""
secret: ""
# If a domain (e.g. mycompany.com) is set, then only signups with email from this domain are allowed.
domain: ""
options:
# Only members of team can sign in/up with Bitbucket. Need permission to read team membership.
team: ""
# When enabled (default value), the first users to be created on the UI will be
# a Portus admin. If you disable this, then, in order to set the admin user, you
# will need to run: rake portus:make_admin[USERNAME].
#
# Moreover, if you set this option to false, then the POST
# /api/v1/users/bootstrap endpoint will be disabled (since it will try to create
# the first user as an administrator).
#
# Thus, only set this option to false if you are really sure that you have
# direct access to your Portus instance and it can be reached by other people on
# your network. Otherwise, leave the default value and create your first admin
# user right away (either through the API or the UI).
first_user_admin:
enabled: true
# If enabled, then users can signup with the signup form. Otherwise, the admin
# is responsible of creating new users by either:
# - Using the "portus:create_user" rake task.
# - Using the form available in the admin panel.
# This is ignored if LDAP is enabled. Read more about this here:
# http://port.us.org/features/disabling_signup.html
signup:
enabled: true
# By default require ssl to be enabled when running on production
check_ssl_usage:
enabled: true
# Contains advanced options that tweak how Portus interacts with the
# Registry. Don't touch any of these values unless you *really* know what you
# are doing.
registry:
# Set the expiration time in minutes for the JWT Token that Portus uses to
# authenticate with the registry.
#
# Note that this is just a work-around on the fact that the registry does not
# try to get a new token again after the current one has expired. Once a
# solution is issued upstream, we can deprecate this option.
#
# See: https://github.com/SUSE/Portus/issues/510
jwt_expiration_time:
value: 15
# Set the pagination value for API calls that fetch data from the
# registry. You can read more about pagination in the registry here:
# https://github.com/docker/distribution/blob/master/docs/spec/api.md#pagination
catalog_page:
value: 100
# Set the timeout in seconds for requests to the registry. Only change this
# value if you are *really* sure that you have an exceptionally slow
# connection to your private Docker registry.
timeout:
value: 2
# Set timeout in seconds for read response from registry.
read_timeout:
value: 120
# The FQDN of the machine where Portus is being deployed.
machine_fqdn:
value: "portus.test.lan"
# Allow users to have different display names on the web site. This will
# **not** be the username used by `docker login`. It defaults to false because
# it might confuse users that are not fully aware of it. You can read more about
# it here: http://port.us.org/features/display_name.html
display_name:
enabled: false
user_permission:
# Allow users to change the visibility or their personal namespace. If this is
# disabled, only an admin will be able to change this. It defaults to true.
change_visibility:
enabled: true
# Allow users to create teams. If this is disabled only an admin will be able
# to do this. This defaults to true.
create_team:
enabled: true
# Allow users to create/modify teams if they are an owner of it. If this is
# disabled only an admin will be able to do this. This defaults to true.
manage_team:
enabled: true
# Allow users to create namespaces. If this is disabled, only an admin will
# be able to do this. This defaults to true.
create_namespace:
enabled: true
# Allow users to create/modify namespaces if they are an owner of it. If this
# is disabled, only an admin will be able to do this. This defaults to true.
manage_namespace:
enabled: true
# Allow users to create webhooks if they are an owner of the namespace
# containing it. If this is disabled, only an admin will be able to do
# this. This defaults to true.
create_webhook:
enabled: true
# Allow users to manage webhooks if they are an owner of the namespace
# containing it. If this is disabled, only an admin will be able to do
# this. This defaults to true.
manage_webhook:
enabled: true
# Define a push policy. There are three possible values:
# 1. allow-teams (default): leaves push policy at the team level: owners and
# contributors can push. Portus administrators will also be able to push.
# 2. allow-personal: regular users can only push into their personal
# namespaces. Owners and contributors cannot push into team owned
# repositories: only Portus administrators will be able to push.
# 3. admin-only: only Portus administrators can push.
push_images:
policy: allow-teams
# Security scanner support. Add the server location for each driver in order to
# enable it. If no drivers have been enabled, then this feature is skipped
# altogether. Enabling multiple drivers will simply aggregate the information
# provided by each driver.
security:
# CoreOS Clair support (https://github.com/coreos/clair). This is only
# guaranteed to work for v2.0.x releases of Clair.
clair:
server: ""
# Port being used by Clair to report its status. Taking the default from
# Clair.
health_port: 6061
# Timeout for HTTP requests with Clair. Defaults to 900 seconds, which is
# the default for Clair too.
timeout: 900
# zypper-docker can be run as a server with its `serve` command. This backend
# fetches the information as given by zypper-docker. Note that this feature
# from zypper-docker is experimental and only available through another branch
# than master.
#
# NOTE: support for this is experimental since this functionality has not
# been merged into master yet in zypper-docker.
zypper:
server: ""
# This backend is only used for testing purposes, don't use it.
dummy:
server: ""
# Allow anonymous (non-logged-in) users to explore the images available in your
# Docker Registry. Only images on public namespaces will be shown.
anonymous_browsing:
enabled: true
# Configuration for the background tasks.
background:
# The registry integration: it processes the given registry events (e.g. a new
# tag was pushed). It's therefore highly *discouraged* to disable this task.
registry:
enabled: true
# Registry synchronization: it synchronizes all the contents from the registry
# into the database.
sync:
enabled: true
# There are four accepted values:
# - update-delete: it performs a full synchronization.
# - update: it only adds missing tags, but it does not remove any contents
# from the database.
# - on-start: when starting Portus it runs an `update-delete` and then it
# gets disabled (i.e. it will only run once).
# - initial: like `on-start`, but it only runs if the database is
# empty. This is the default value since it's deemed to be the most
# common use-case.
strategy: initial
# Pagination configuration
pagination:
# Number of entries to be listed per page
per_page: 10
# Number of pages to be showed before and after the current one
# e,g.: Prev 1 2 [3] 4 5 Next
before_after: 2
Portus version: Version: 2.5.0-dev@a1b9f2ebfeb84680a9dcd5629195e4c52815735c
