Features and Improvements

The Anchore Engine and Anchore CLi version 0.2.3 includes the following improvements and new features:

  • New 'eventlog' API and notification subsystem, that allows users to query an engine (and/or be notified via a webhook notification) for important engine events, including:
    • Details on reasons for image analysis failures
    • Information about internal processes like vulnerability feed sync start and end events
    • Troubleshooting information on image and repository watcher failures
    • Troubleshooting information about distributed anchore-engine services orphaned due to network connectivity or other issues
    • Details about policy sync failures from anchore.io if the automatic policy sync is turned on in the config
    • Troubleshooting information that presents details when other asynchronous engine operations experience failures
  • Improved java artifact analysis - Add support for scanning Jenkins plugins. This adds the file extension ".hpi" and ".jpi" to the list of recognized Java library filenames. (contributed by Matt Sicker <boards@gmail.com>)
  • Improved 'metadata' content implementation for handling the addition of dockerfile contents after an image has already been added
  • Improved install/readme content. (contributed by Lorens Kockum <LorensK@github>)

Bug Fixes

The Anchore Engine and Anchore CLi version 0.2.3 includes many minor bugfixes and general improvements, including the following bugs:

  • Fix to allow registry credential validation for ECR registries, on registry add
  • Fix that adds better checking for condition where endpoint_hostname/listen/port are not set for a given service in its config.yaml.  Fixes #67.
  • Fix that adds missing prettytable requirement. Fixes #64
  • Minor bug fixes and improvements

Upgrading the Anchore Engine

The regular Anchore Engine upgrade procedure can be performed to upgrade the Anchore Engine to version 0.2.3

NOTE: If upgrading with a configuration file (config.yaml) that has analyzer services enabled, but has no values set for 'endpoint_hostname', 'listen', and 'port', you will need to set these values for analyzer services to come up correctly in 0.2.X.  The analyzer service ports do not need to be exposed for normal operation, unless prometheus metrics are enabled and/or other site-specific features are enabled that require analyzer service port access (e.g. for pinging the /heath route, etc.).

Anchore Cli

The latest release is 0.2.3, which adds support for the new features and capabilities in Anchore Engine 0.2.3.