The Anchore Engine version 0.3.2 includes many minor bugfixes and general improvements, including the following bugs:
- Added - retry on feed sync failures due to queue availability, preventing delayed sync on bootstrap
- Fix - update to dockerfile/effective_user trigger description and example str. Fixes #120
- Fix - make feed sync listing available to all authenticated users rather than only admins
- Fix - errors in mixed case username/accountnames by adding full case sensitivity in username and accounts
- New realm impl to ensure case-sensitive Permission types loaded
- Updates to the API swagger doc's regexes to allow upper-case letters
- Updates to tests
- Now supports mixed case in both username and account
- Fix - high memory usage for db upgrades with large numbers of ImageGem or ImageNpm records in DB upgrade from DB version 0.0.7 to 0.0.8
- Fix - ecr url parsing for getting the account and region. Fixes #118
- Fix - Downgrade pg8000 dep version to support DB reconnect when DB connection is interrupted. Fixes #116
- Improved - better hardlink handler for image squash, handling hardlinks being re-targetted across spanning layers
- Minor logging cleanup, bug fixes
Upgrading the Anchore Engine
The regular Anchore Engine upgrade procedure can be performed to upgrade the Anchore Engine to version 0.3.2, with any special considerations for this particular release listed in the 'NOTE' section below.
NOTE: For users upgrading from 0.2.X to 0.3.X, please note that the upgrade process may take some time for deployments anchore-engine that have a large number of images stored (many thousands). Please review the upgrade guide to safely plan for an upgrade, and plan for a longer service maintainance window than usual for this upgrade if your engine has a large number of images analyzed.
NOTE: If upgrading with a configuration file (config.yaml) that has analyzer services enabled from version 0.2.2 or prior, but has no values set for 'endpoint_hostname', 'listen', and 'port', you will need to set these values for analyzer services to come up correctly in 0.2.X. The analyzer service ports do not need to be exposed for normal operation, unless prometheus metrics are enabled and/or other site-specific features are enabled that require analyzer service port access (e.g. for pinging the /heath route, etc.).