Introducing Red Hat Quay V3.3.1: A container registry tailored for the enterprise
Red Hat Quay V3.3.1 was released on August 20, 2020. It includes bug fixes related to TLS certificates and Clair-v4.
Red Hat Quay V3.3.0 was released on May 12, 2020. Built for storing container images, Red Hat Quay 3.3 offers visibility over images themselves. It can be integrated into your CI/CD pipelines and existing workflows using its API and other automation features. Read more about Red Hat Quay 3.3 on the OpenShift blog. See the Red Hat Quay Release Notes for details.
New features for Red Hat Quay V3.3.0 include:
- (Tech Preview) New Clair scanning image available for non-production use (see
Using Clair V4 Security Scanning). - Quay now runs as the default user inside the container instead of as root.
- New configurable tagging options for builds, including tagging templates and ability to disable default “latest” and tag/branch behavior
- Configuration UI editing after validating through the “Save Configuration” button.
- Configuration app now supports configuring Elasticsearch for usage logs (and optionally via Kinesis).
- Ability to configure how long between “fresh login” checks.
- Ability to add an additional filter for LDAP users on lookup.
- Manifest labels displayed in the UI with links in them are now clickable to go to the URL.
- The environment variable CONFIG_READ_ONLY_FIELDS can be specified to mark redis or the hostname configuration as read-only in the Quay Configuration Application’s UI. #310
- (Technology Preview) Support for OCI indexes and manifests.
- (Technology Preview) Support for pushing and pulling charts via Helm V3’s experimental system.
OpenShift Operators providing additional Red Hat Quay 3.3 features include:
Renamed from Red Hat Quay Setup Operator to Red Hat Quay Operator, to reflect its ability to not only deploy Red Hat Quay, but also maintain it going forward.
- Only supported on OCP-4.2 or newer
- UI supported on OCP-4.3 or newer
New Red Hat Quay Operator features include:
- Enhanced logic for Quay Configuration route
- Quay SSL Certificate uses TLS secret type
- Updated example Quay Ecosystem Custom Resource examples
- Retrofitted how external access is specified and managed
- New Schema for defining externalAccess as a field in QuayEcoystem
- Support for additional external access types (LoadBalancer and Ingress)
- Add additional roles to CSV to manage ingresses.
- Always uses Port 8443 for Quay Config App’s health probes.
- The Quay Config App now continues running by default.
- The Redis and Hostname configuration are marked "Read Only" in the Quay Configuration App.
- Support for managing superuser acounts.
- Add ability to inject certificates, and any other file, into the Quay and Clair secrets.
- (OpenShift) SCC management refinement. Removal of SCCs when QuayEcosystem is deleted through the use of finalizers.
- Certificates and other secrets are now mounted in a way that is compatible with Quay and
- Using Red Hat Quay’s Config App, the operator now verifies the configuration for the Hostname, Redis, and Postgres when Quay’s configuration secret is changed.
Red Hat Quay Container Security Operator
- Only supported on OCP-4.2 or newer
New Red Hat Quay Container Security Operator features include:
- View Quay Security Scanner image vulnerability information for images running in a cluster using the OpenShift UI
- Ability to add custom certificates to the Operator
Lets you replace the OpenShift integrated registry with Red Hat Quay, providing direct enterprise-quality container registry to OpenShift.
- Only supported on OCP-4.2 or newer
New Red Hat Quay Bridge Operator features include:
- Synchronization of OpenShift namespaces as Quay organizations, including managing robot account credentials
- Synchronization of OpenShift ImageStreams as Quay repositories
- Automatically rewrite new Builds making use of ImageStreams to output to Quay
- Automatically import ImageStream tag once build completes
