Portus is an authorization server and web-based user interface for Docker Registry v2, developed by SUSE as a self-hosted solution for managing private Docker registries. Written in Ruby on Rails, it implements the token-based authentication system specified by Docker's registry API and requires a minimum Docker Registry version of 2.1 to support soft deletes of blobs. The project maintains active development across multiple branches, with the last stable release being version 2.4.3, available through official Docker images on Docker Hub.
The core functionality centers on fine-grained permission control through a user and team-based access model. Individual users receive their own personal Docker namespace with both read and write access, while teams function as groups of users with shared read and write permissions to specific namespaces. Portus implements Docker's token-based authentication system to provide complete control over which images are served by a registry instance, ensuring that user privileges are enforced at the image level so unauthorized personnel cannot access private images.
Beyond access control, Portus provides a comprehensive web interface that displays all available images on a private Docker registry while respecting user permissions. The platform supports synchronization with private registries to automatically fetch available images and tags, LDAP user authentication for enterprise directory integration, and OAuth and OpenID-Connect authentication methods. Additional features include activity monitoring and audit logging for all registry and Portus operations, full-text search capabilities for repositories and tags, repository starring functionality, temporary user disabling, and Application Tokens for enhanced security.
The project emphasizes self-hosted deployment, allowing organizations to maintain complete infrastructure control without relying on third-party services. Comprehensive deployment documentation covers various setup configurations to accommodate different organizational needs.
Development infrastructure is well-established with multiple testing layers. Unit tests are located in the spec directory and run via RSpec, while frontend tests use Yarn. Integration tests are available through a dedicated testing framework, and the project employs continuous integration via Travis CI. Code quality is maintained through RuboCop for Ruby style checking, ESLint for frontend code, and Brakeman for security vulnerability detection. The project uses docker-compose for simplified local development environment setup.
GitGenius activity data indicates this repository maintains active contributor engagement, with overlapping contributors shared with major projects including Microsoft's VSCode and TypeScript repositories as well as the Rust language project, suggesting involvement from developers working across multiple significant open-source ecosystems. The repository is classified across security, Docker integration, user management, OAuth support, web interface, authorization, enterprise, vulnerability scanning, collaboration, policy enforcement, LDAP integration, role-based access control, and container registry domains, reflecting its comprehensive scope as an enterprise-grade registry management platform.