Anchore Enterprise Release Notes - Version 5.11.1
Anchore Enterprise v5.11.1
Note
Two customers experienced an upgrade failure to the v5.11.x release. The failure occurred when a parent_digest field is set to Null within the reports_images database table. This condition has been properly handled in the v5.12.0 database schema changes. Please consider upgrading directly to v5.12.0 to avoid any possible issues.Enterprise Service Updates
Requirements
- If upgrading from a v4.x release, please refer to the v4.x –> v5.x Migration Guide.
- If upgrading from a release in the range of v5.0.0 - v5.10.0
- The upgrade will result in an automatic schema change that will require database downtime.
- The v5.3.0 schema change may take more than an hour to complete depending on the amount of data in your reporting system.
- The v5.6.0 schema change may take 2 hours or more depending on the amount of data in your system.
- The v5.11.1 schema change will take approximately 1-2 minutes to complete for every 1 million vulnerable artifacts in your reporting system.
- If your Anchore Enterprise deployment is on FIPS enabled hosts and your database is being hosted on Amazon RDS, an upgrade to Postgres 16 or greater is required. For more information please see the FIPS section in Requirements.
Fixes
- Addresses a communication failure between the Anchore Enterprise services seen only when your deployment is configured to use internal SSL.
internalServicesSSL.enable: true
Deprecations
- Support for OpenStack Swift, which is an open-source object storage system, has been deprecated. Please see Object Storage for a list of supported Object Stores.
- Package Feeds and Policy Gates for
Ruby Gems
andNPMs
, are now EOL. Please contact Anchore Support for more information. - The enterprise-gitlab-scan plugin is being deprecated in favor of using AnchoreCTL directly in your pipelines. Please see GitLab for more information on integrating Anchore Enterprise with GitLab.
- Feed Service: The Feed Service has been deprecated and replaced by the Data Syncer service. The Feed Service is no longer supported in Enterprise installations.
- Package Feeds: The
Ruby Gems
andNPMs
package feeds and policy gates have been declared End Of life and are no longer supported.
Recommended Component Versions
Component | Supported Version | Helm Chart Version | Additional Info |
---|---|---|---|
Enterprise | v5.11.1 | v3.1.1 | With Syft v1.13.1 and Grype v0.82.0 |
Enterprise UI | v5.11.0 | ||
AnchoreCTL | v5.11.0 | Deploying AnchoreCTL | |
Anchore ECS Inventory | v1.3.2 | v0.0.9 | https://github.com/anchore/ecs-inventory |
Anchore Kubernetes Inventory | v1.7.1 | v0.5.0 | https://github.com/anchore/k8s-inventory |
Kubernetes Admission Controller | v0.6.2 | v0.6.2 | https://github.com/anchore/kubernetes-admission-controller |
Jenkins Plugin | v3.2.0 | https://plugins.jenkins.io/anchore-container-scanner | |
Harbor Scanner Adapter | v1.4.0 | https://github.com/anchore/harbor-scanner-adapter | |
enterprise-gitlab-scan | v5.0.0 | docker.io/anchore/enterprise-gitlab-scan:v5.0.0 |
Anchore Helm Chart can be found at https://github.com/anchore/anchore-charts
Last modified December 9, 2024