Skip to content

Commit c6253bb

Browse files
matofedermatofeder
committed
fixup! Add Required and desirable features check
Signed-off-by: Matej Feder <[email protected]>
1 parent cc7ff28 commit c6253bb

File tree

1 file changed

+26
-20
lines changed

1 file changed

+26
-20
lines changed

Decisions/scs-XXXX-v1-requirements-for-container-registry.md

Lines changed: 26 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -245,31 +245,37 @@ have and also a set of desirable (nice to have) features are defined and evaluat
245245
- Additional artifacts that the registry is able to store in addition to OCI artifacts, e.g. Java, Node.js, or Python packages
246246
- Integration possibilities
247247
- Ability to cooperate with another software solution in order to improve own feature set (e.g. integration of P2P solution for improving container image distribution (download speed and stability, high scalability ...))
248+
- Deployment capabilities
249+
- How could be a container registry deployed (only "official" ways are mentioned)
250+
- Administration capabilities "as a code"
251+
- Ability to manage container registry via "as a code" solutions, e.g. Ansible role
248252

249253
Refer to the table of evaluated projects with their features. Note that only container
250254
registry implementations that passed the OSS health stage (Harbor, Quay, and Dragonfly)
251255
are evaluated here.
252256

253-
| Features | Harbor | Quay | Dragonfly |
254-
|-------------------------------------|-----------------------------------|---------------------------------------------------------------------|-------------------------------|
255-
| Audit Logs ||||
256-
| Authentication of system identities | ✓ Robot Accounts | ✓ Robot Accounts ||
257-
| Authentication of users | ✓ Local database, LDAP, OIDC, UAA | ✓ Local database, LDAP, Keystone, JWT | ✓ Local database |
258-
| Authorization ||||
259-
| Automation | ✓ Webhooks (HTTP, Slack) | ✓ Webhooks (HTTP, Slack, E-mail ...), building images ||
260-
| Vulnerability scanning | ✓ Trivy, Clair | ✓ Clair ||
261-
| Content Trust and Validation | ✓ Cosign | ✓ Cosign ||
262-
| Multi-tenancy | ✓ (not on the storage level) | ✓ (not on the storage level) | ✓ (not on the storage level) |
263-
| Backup and restore ||||
264-
| Monitoring | ✓ Prometheus metrics, Tracing | ✓ Prometheus metrics, Tracing (only for Clair) | ✓ Prometheus metrics, Tracing |
265-
| HA mode ||||
266-
| Registry replication ||||
267-
| Proxy cache || ✓ Feature is in the technology preview stage (non production ready) ||
268-
| Quota management | ✓ Based on storage consumption | ✓ Based on storage consumption ||
269-
| Garbage collection | ✓ Non-blocking | ✓ Non-blocking ||
270-
| Retention policy | ✓ Multiple tag retention rules | ✓ Only tag expiration rules ||
271-
| Additional supported artifacts | ✗ (only OCI artifacts) | ✗ (only OCI artifacts) | ✓ Maven, YUM |
272-
| Integration possibilities | ✓ Dragonfly (P2P), Kraken (P2P) || ✓ Harbor, Nydus, eStargz |
257+
| Features | Harbor | Quay | Dragonfly |
258+
|-------------------------------------|----------------------------------------|---------------------------------------------------------------------|-------------------------------|
259+
| Audit Logs ||||
260+
| Authentication of system identities | ✓ Robot Accounts | ✓ Robot Accounts ||
261+
| Authentication of users | ✓ Local database, LDAP, OIDC, UAA | ✓ Local database, LDAP, Keystone, JWT | ✓ Local database |
262+
| Authorization ||||
263+
| Automation | ✓ Webhooks (HTTP, Slack) | ✓ Webhooks (HTTP, Slack, E-mail ...), building images ||
264+
| Vulnerability scanning | ✓ Trivy, Clair | ✓ Clair ||
265+
| Content Trust and Validation | ✓ Cosign | ✓ Cosign ||
266+
| Multi-tenancy | ✓ (not on the storage level) | ✓ (not on the storage level) | ✓ (not on the storage level) |
267+
| Backup and restore ||||
268+
| Monitoring | ✓ Prometheus metrics, Tracing | ✓ Prometheus metrics, Tracing (only for Clair) | ✓ Prometheus metrics, Tracing |
269+
| HA mode ||||
270+
| Registry replication ||||
271+
| Proxy cache || ✓ Feature is in the technology preview stage (non production ready) ||
272+
| Quota management | ✓ Based on storage consumption | ✓ Based on storage consumption ||
273+
| Garbage collection | ✓ Non-blocking | ✓ Non-blocking ||
274+
| Retention policy | ✓ Multiple tag retention rules | ✓ Only tag expiration rules ||
275+
| Additional supported artifacts | ✗ (only OCI artifacts) | ✗ (only OCI artifacts) | ✓ Maven, YUM |
276+
| Integration possibilities | ✓ Dragonfly (P2P), Kraken (P2P) || ✓ Harbor, Nydus, eStargz |
277+
| Deployment capabilities | ✓ Docker-compose, Helm chart, Operator | ✓ Docker-compose, Operator | ✓ Docker-compose, Helm chart |
278+
| Administration capabilities | ✓ Terraform, CRDs, Client libraries | ✓ Ansible, Client libraries | ✓ Client libraries |
273279

274280
Notes:
275281
- Harbor announced the deprecation of [Notary](https://github.com/goharbor/harbor/discussions/16612) and [Chartmuseum](https://github.com/goharbor/harbor/discussions/15057)

0 commit comments

Comments
 (0)