Portus
- Website | Documentation | Blog | Supported versions | How to deploy
- Mailing list: Google Groups
- Last stable release: 2.4.3 (
2.4,2.4.3andlatesttags from the official Docker image)
Portus is an authorization server and a user interface for the next generation of the Docker registry. Portus targets version 2 of the Docker Registry API. The minimum required version of Registry is 2.1, which is the first version supporting soft deletes of blobs.
| master | v2.4 | Code Climate |
|---|---|---|
 |
 |
  |
Features
Fine-grained control of permissions
Portus supports the concept of users and teams. Users have their own personal
Docker namespace where they have both read (aka docker pull) and write (aka
docker push) access. A team is a group of users that have read and write
access to a certain namespace. You can read more about this in our
documentation page about
it.
Portus implements the token based authentication system described by the new version of the Docker registry. This can be used to have full control over the images served by an instance of the Docker registry.
Web interface for Docker registry
Portus provides quick access to all the images available on your private
instance of Docker registry. User's privileges are taken into account to make
sure private images (the ones requiring special rights also for docker pull)
are not shown to unauthorized personnel.
Self-hosted
Portus allows you to host everything on your servers, on your own infrastructure. You don't have to trust a third-party service, just own everything yourself. Take a look at our documentation to read the different setups in which you can deploy Portus.
And more!
Some highlights:
- Synchronization with your private registry in order to fetch which images and tags are available.
- LDAP user authentication.
- OAuth and OpenID-Connect authentication
- Monitoring of all the activities performed onto your private registry and Portus itself.
- Search for repositories and tags inside of your private registry.
- Star your favorite repositories.
- Disable users temporarily.
- Optionally use Application Tokens for better security.
Take a tour by our documentation site to read more about this.
Contributing
There are multiple ways of setting up a development
environment. We
recommend using docker-compose, so you only need to perform:
$ docker-compose up
You can read more about this environment here.
Also, make sure to understand our contribution guidelines, as explained in this document.
Testing
Unit tests
Unit tests are located in the spec directory. To run them, simply:
$ bundle exec rspec spec
Make sure to install phantomjs from your Linux
distribution before running unit tests, since feature tests rely on PhantomJS
being installed. All the other ruby dependencies are already covered by our
Gemfile.
We also have tests in the frontend. For this, you have to install yarn from your Linux distribution and run:
$ yarn test
Integration tests
Check this document in order to better understand how integration tests work. For development, though, if you have already installed Docker, docker-composer and bats, running the following should just work:
$ chmod +x bin/test-integration.sh
$ ./bin/test-integration.sh
Other checks
A common pitfall for developers is to forget about code style. For that, make sure to run rubocop:
$ bundle exec rubocop -a
Note that the command above includes the -a flag. This flag will automatically
fix small issues for you. We also run a code style check for the frontend code:
$ yarn eslint
We also run brakeman in order to detect security vulnerabilities:
$ bundle exec brakeman
Last but not least, make sure that your git commit follows a proper style. To ensure this, you can run the following task:
$ bundle exec rake test:git
Continuous Integration
We use Travis CI for continuous integration. You can run what we run in Travis locally:
$ chmod +x bin/ci/run.sh
$ ./bin/ci/run.sh
This script simply executes all the tests and checks that we have presented above.
Licensing
Portus is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.