Adrian Mouat
Adrian Mouat
At the moment the file system is effectively the database and source of all truth for Trow. I think it's important that all data is captured in the filesystem, allowing...
This seems to be missing from Trow: https://github.com/opencontainers/distribution-spec/blob/master/detail.md#blob-upload But to be honest I'm not sure the whole resumable upload thing actually works properly anywhere. It seems to be only half...
Kinvolk released a Kubernetes UI called Headlamp that includes a plug-in system. Would it be possible to integrate Trow support somehow? So you could drill down and get more details...
The current install docs are a bit all over the place: - The kustomize install instructions are under the `install` directory but the Helm instructions are under `docs`. I guess...
Trow should move to proper structured logs and have better, more consistent logging in general. This might be a little hampered by Rocket, which does its own logging (eventually I...
Some image tags should be changeable and some should be immutable. For instance: ``` zowie:latest zowie:5 zowie:5.2 ``` Should all be mutable - they may all point to `zowie:5.2.8` at...
In order to support real use cases for Trow, it's essential that we integrate with other authentication services and identity providers. The current suggestion is to look into dex:https://github.com/dexidp/dex
Support integration of security scanners such as Clair and Trivy. This is fully specced in the RFC #136
When a k8s YAML contains an image name to be deployed, it should really be resolved to a digest. This stops the annoying use case where different nodes can end...
Investigate adding encryption and auth to front end/back end communication (see architecture diagram). This probably means mutual TLS auth. In the short term this isn't a large issue as the...