docker-registry v3.6.0

Bug Fixes

• Update configure operation to be compatible with Bionic Stemcell
• Expose docker registry via Static IP
• README edits for clarity and new functionality

Deployment

releases:
- name:    docker-registry
  version: 3.6.0
  url:     https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.6.0/docker-registry-3.6.0.tgz
  sha1:    2f09ca4f50c0129fdb8a7b84fe6d74b085c109c4

docker-registry v3.5.2

Bug Fixes

• Create the local nfs_server.share_path if it doesn't already
  exist, which may be the case if it's being overridden.

• Replace ALL occurrences of $VCAP_UID and $VCAP_GID
  variable interpolation sites in the generated /etc/exports.

Deployment

releases:
- name:    docker-registry
  version: 3.5.2
  url:     https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.5.2/docker-registry-3.5.2.tgz
  sha1:    2f4d1cfd10955a05762c2d119e582ba8ea8c3241

docker-registry v3.5.1

Improvements

NFS support is better in this release, specifically when run on a
Xenial Stemcell (you are all running on Xenial by now, right?)

Deployment

releases:
- name:    docker-registry
  version: 3.5.1
  url:     https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.5.1/docker-registry-3.5.1.tgz
  sha1:    5ae8e5356cbb57ef765fb2483bbfa8d8b67af454

docker-registry v3.5.0

Improvements

• The NFS parts of this BOSH release (debian_nfs_server) now
  support either Trusty (now EOL'd) or Xenial stemcells. Future
  stemcell lifecycle events should be easier to handle as well.

Deployment

releases:
- name:    docker-registry
  version: 3.5.0
  url:     https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.5.0/docker-registry-3.5.0.tgz
  sha1:    c98690471594f175fe2d37f0eaba154ea53e613d

v3.4.0

Updated packages

Updates docker distribution binary from 2.6.2 to 2.7.0.
Updated golang from 1.7.3 to 1.11

Deployment

releases:
- name: docker-registry
  version: 3.4.0
  url: https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.4.0/docker-registry-3.4.0.tgz
  sha1: e769d4a9ebd410a327088f75d9e3e482b4788801

v3.3.3

Updated packages

Updates docker distribution binary from 2.5.1 to 2.6.2.

New options

docker.cache.disabled: true disables the blobdescriptor cache. This can be useful in CI/CD environments using this boshrelease as a pullthrough cache due to a race condition that can occur if an image is pulled before it finishes uploading to the upstream registry.

Deployment

releases:
- name: docker-registry
  version: 3.3.3
  url: https://github.com/cloudfoundry-community/docker-registry-boshrelease/releases/download/v3.3.3/docker-registry-3.3.3.tgz
  sha1: 1366cf8a107ee3f5decb32f8e83a1702852a528a

Docker Registry BOSH Release v3.3.2

Improvements

• The proxy job can now be configured to specify exact TLS versions
  to enable via the docker.proxy.ssl.protocols property. This defaults
  to TLSv1.1 TLSv1.2. To enable TLS 1.2 only, change the value to TLSv1.2.
• The proxy job can now be configured with a custom DH param PEM via the
  docker.proxy.ssl.dhparam property. If the property is omitted, nginx's
  default dhparam settings will be used.

Docker Registry BOSH Release v3.3.1

New Features

• New "selective administration" authentication requirement.
  The new docker.proxy.only_auth_for_admin property lets you
  optionally open up usage of the Docker Registry to anonymous
  users, but still require administrative authentication on any
  destructive (aka administrative) actions like pushing new
  images.

Docker Registry BOSH Release v3.3.0

Improvements

• You can now configure the http.relativeurls behavior of Docker
  registry via the docker.registry.relativeurls manifest
  property.

• The Docker Registry configuration now honors HTTP Proxy
  configuration, via three new manifest properties:
  docker.registry.http_proxy, docker.registry.https_proxy, and
  docker.registry.no_proxy.

Docker Registry BOSH Release v3.2.3

Improvements

• Default to binding loopback / 127.0.0.1 for the registry if no
  explicit binding IP is specified. This makes the default
  deployment more secure, and ensures that if you are fronting
  with a colocated BOSH release providing something like nginx,
  that you don't have a side-door for bypassing that.