Bierochs

Update docker.io/portainer/portainer-ce Docker tag to v2.27.0

Michi Kofler-Häusler -

No problems deploying to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot.

Also the corresponding agents were automatically rolled out via Watchtower infrastructure on the Docker-only nodes including arm node with dependency update facilitated by Mend's Renovate Bot.

This MR contains the following updates:

Package Update Change
docker.io/portainer/portainer-ce minor 2.21.5 -> 2.27.0

Release Notes

portainer/portainer (docker.io/portainer/portainer-ce)

v2.27.0

Compare Source

Release 2.27.0

Portainer version 2.27.0 is the second Long-Term Support (LTS) release, primarily focused on bug fixes, optimizations, enhancements, and security improvements.

Known issues

Known issues with Docker support
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
Known issues with Podman support
  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful

New in this release

  • Security: CVE-2025-21614, CVE-2025-21613, CVE-2024-45337, and CVE-2024-11053
  • Fix: Early exit optimization does not return the correct error
  • Fix: 2.19.5 - 2.21 Migration fails with "StorageError: invalid object"
  • Optimization: Investigate the web editor slowdown while typing
  • Improvement: Edge stack missing value warning improvement
  • Fix: Removing an edge stack makes the backend panic
  • Fix: Object not found inside the database (bucket=endpoint_relations, key=8)
  • Improvement: use an Edge Stack Status Update coordinator
  • Fix: High memory usage when counting nodes and CPUs
  • Fix: Unable to add environment to static Edge group
  • Fix: Removing an edge stack makes the backend panic
  • Fix: Error "failed to find local environment" occurs if there is at least one environment configured but no local environment
  • Fix: Bitnami Helm Charts location has moved
  • Fix: Edge stack "deployment received" counting is not correct with large scale deployments
  • Fix: Unable to deploy a git edge stack
  • Fix: RegistryList API operation returns password in clear text
  • Fix: Agent Edge stack status watcher errors on Swarm
  • Fix: edge_stack folder in volume is not deleted after Edge stack is removed
  • Fix: Swarm: Empty/incorrect value in Host column of Images list
  • Fix: Unpopulated Volumes Dropdown in App Templates in Portainer 2.21.4
  • Fix: "Select all" should select only elements of the current page
  • Fix: podman doesnt appear in the option to filter by platform in the homepage
  • Fix: Edge stack webhooks cannot be disabled once created
  • Fix: Unable to expand application list rows to view published URLs
  • Improvement: Change docs URL schema to LTS / STS
  • Fix: Group membership synchronization between Portainer and Azure OAuth appears to be broken
  • Fix: Adding environment variables to an application with a configmap moves the configmap to the secrets section and brings down the app
  • Improvement: Kubernetes - Rename Create from file to Create from code
  • Fix: Incorrect Replicated count while performing rolling restart on deployment
  • Fix: Kubernetes - Broken Cluster View
  • Fix: Podman - Unable to create an image from a container
  • Fix: Unable to deploy a git edge stack for CE
  • Fix: Edge Agent Logs are inaccessible in Portainer UI

Deprecated and removed features:

Deprecated features

  • Reminder: <platform>-<arch> image tags were deprecated in 2.21

Removed features

The following API endpoints have been removed:

  • POST /endpoints/{id}/edge/trust
  • GET /edge_templates
  • POST /templates/file
  • POST /endpoints/{id}/kubernetes/helm/repositories
  • GET /endpoints/{id}/kubernetes/helm/repositories
  • GET /kubernetes/{id}/namespaces/{namespace}/configuration
  • POST /cloud/{provider}/cluster
  • GET /cloudcredentials
  • POST /cloudcredentials
  • GET /cloudcredentials/{id}
  • DELETE /cloudcredentials/{id}
  • PUT /cloudcredentials/{id}
  • POST /custom_templates
  • POST /edge_jobs
  • GET /cloud/microk8s/addons
  • POST /stacks
  • DELETE /edge_stacks/{id}/status/{environmentId}
  • POST /edge_stacks
  • GET /status/version
  • GET /status/nodes

v2.26.1

Compare Source

Known issues

Known issues with Docker support
  • Service pruning does not work with stacks using relative paths
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
Known issues with Podman support
  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful
Known issues with Kubernetes
  • Displaying job executions of cron jobs are limited to 3.

Changes

  • This release contains no changes and has been tagged in order to ensure that version numbering aligns with our latest Business Edition release.

v2.26.0

Compare Source

This is a STS (Short Term Support) release that includes all the changes added up to and including the 2.25.1 patch release as well as various fixes aimed at enhancing the stability and scalability of Portainer. For more details on what is included from the 2.25 release, refer to the 2.25 release notes.

Known issues

Known issues with Docker support
  • Service pruning does not work with stacks using relative paths
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
Known issues with Podman support
  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful

New in this release

  • Added the ability to remove associated volumes when deleting a stack
  • Improved the performance for edge:
    • Optimized AddEnvironmentToEdgeGroups()
    • Optimized the concurrent Edge Stack retrieval by the agent
    • Optimized the Edge Stack status update by the agent
  • Fixed a goroutine leak in the Agent that would exhaust the resources over time
  • Fixed Edge Stack status updates so that it doesn't cause wrong counts
  • Updated compose-unpacker so it doesn't rely on the docker-compose binary
  • Fixed data races:
    • GetPlatform()
    • Docker transport
    • Agent stack manager
    • Edge auto-onboarding
  • Fixed the volume list retrieval and app template deployment when the environment snapshot doesn't exist
  • Standardized the lower case string comparison method
  • Fixed a problem that prevented the update of edge stacks when using webhooks with async environments
  • Added a 30 minutes time interval to the OAuth session timeout options
  • Added a new Kubernetes view for Jobs and Cron Jobs
  • Fixed update create from file option order

Deprecated and removed features

Deprecated features

None

Removed features

None

v2.25.1

Compare Source

Known issues

Known issues with Docker support
  • Service pruning does not work with stacks using relative paths
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
Known issues with Podman support
  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful

Resolved CVEs

  • CVE-2024-45337

Changes

  • Fixed an issue where excessive warnings were logged if agents weren't updated to match server version

v2.25.0

Compare Source

This is a STS (Short Term Support) release that includes all the changes added up to and including the 2.24.1 patch release as well as various fixes aimed at enhancing the stability and scalability of Portainer. For more details on what is included from the 2.24 release, refer to the 2.24 release notes.

Known issues

Known issues with Docker support
  • Service pruning does not work with stacks using relative paths
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
Known issues with Podman support:
  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful

New in this Release:

  • Updated Compose to v2.31
  • Optimized the HTTP request/response compressor to reduce allocations and improve performance
  • Reduced the total locking time for the backup process and improved the error messages
  • Stopped preventing the server startup when docker_config/config.json file is corrupted
  • Added the ability for users to specify Portainer agent and updater images from their private registry when creating a remote update or rollback schedule for agents
  • Fixed a problem that prevented interaction with Swarm volumes
  • Fixed a problem that prevented the GitOps edge configurations from working properly
  • Fixed the missing IP binding of published ports when editing a container
  • Enforced timeouts for offline environments when doing parallel edge deployments
  • Fixed a resource leak that prevented the backup process from finishing under some specific circumstances
  • Removed incorrect persistence of filters when interacting with Services and Stack pages
  • Restored the remember functionality in the filtered stacks search results
  • Enforced Edge Stack naming rules
  • Fixed an issue with images that included files failing to build
  • Ensured proper Edge Stack removal after a power interruption in the Agent
  • Fixed an issue where Git stacks using sub-directories and environment files could not be edited
  • Fixed an issue where an extra network is created when deploying a stack with only external networks defined
  • Fixed an issue where the env_file field in Compose files were being ignored
  • Fixed an issue where a stack that built an image that it then referenced would fail to deploy with a "no such image" error
  • Fixed an issue where Helm status was not correctly shown for deployments
  • Fixed an issue where the date picker was unusable for activity logs in the dark mode
  • Fixed an issue where the namespace level access not being applied to teams
  • Fixed an issue where edge stack fails to be deleted when K8s job is set with TTL
  • Fixed an issue where LDAP users get duplicated in a Team for each login
  • Migrated a handful of legacy Angular based Kubernetes pages to React

Deprecated and removed features

Deprecated features

  • PUT /kubernetes/{id}/namespaces API endpoint

Removed features

None

v2.24.1

Compare Source

Known issues

  • Known issues with Docker support:
    • Service pruning does not work with stacks using relative paths
    • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
  • Known issues with Podman support:
    • Podman environments aren't supported by auto-onboarding script
    • It's not possible to add Podman environments via socket when running a Portainer server on Docker (and vice versa)
    • Support for only CentOS 9, Podman 5 rootful
Changes:
  • Fixed an issue where Git stacks using subdirectories and environment files could not be edited.
  • Fixed an issue where an extra network was being created when deploying a stack with only external networks defined.
  • Fixed an issue where the env_file field in Compose files was being ignored.
  • Fixed an issue where a stack that built an image that it then referenced would fail to deploy with a "no such image" error.
  • Fixed an infinite recursion issue in an RBAC route when switching users and connecting to an agent endpoint.
  • Fixed an issue that omitted copying the IP address in container port mapping when provided during the Edit/Duplicate operation for an existing container.
  • Fixed an issue with images that included files failing to build.
  • Fixed an issue where activity logs shown in the Portainer UI were encoded with base64.

v2.24.0

Compare Source

This is a STS (Short Term Support) release that includes all the changes added up to the 2.23 release and 2.21.4 LTS patch release, as well as various fixes aimed at enhancing the stability and scalability of Portainer.

Known issues

  • Known issues with Docker support:
    • Service pruning does not work with stacks using relative paths
    • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
  • Known issues with Podman support:
    • Podman environments aren't supported by auto-onboarding script
    • It's not possible to add Podman environments via socket when running a Portainer server on Docker (and vice versa)
    • Support for only CentOS 9, Podman 5 rootful
New in this Release:
  • Bumped Go version to 1.23
  • Rewrote the stack deployment code to remove the need for the docker-compose binary
  • Added the ability to prune services while deploying Compose stacks
  • Defaulted to descending timestamp order in the user activity log
  • Fixed user activity log sorting
  • Relocated the GitOps TLS toggle so it’s harder to overlook
  • Added timeouts to OAuth requests
  • Fixed problem that prevented environment association in the waiting room
  • Fixed a problem that prevented the Docker image exporting
  • Improved the Kubernetes Cluster node view to display conditions
  • Migrated more Angular based pages to React
  • Fixed the following Kubernetes regressions:
    • Standard user can't get cluster scoped ingress controllers
    • CPU/Memory Limit & Reservation values not multiplied by replica count on "Applications running on this node" table
Deprecated and Removed Features:

Deprecated features
None

Removed features
None

v2.23.0

Compare Source

This is a STS (Short Term Support) release that includes all the changes added up to and including the 2.22.0 release, as well as various fixes aimed at enhancing the stability and scalability of Portainer. For more details on what is included from the 2.22 release, refer to the 2.22 release notes.

Known issues

Known issues with Docker support

  • Image export is not functioning
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)

Known issues with Podman support

  • Podman environments aren't supported by auto-onboarding script
  • It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
  • Support for only CentOS 9, Podman 5 rootful
  • Unable to create an image from a container

Known issues with Kubernetes support

  • Service accounts, Cluster Roles/Bindings, Roles/Role Bindings) show system resources when toggle is off
  • Standard user can't get cluster scoped ingress controllers
  • CPU/Memory Limit & Reservation values not multiplied by replica count on "Applications running on this node" table
  • Application rollout restart is not functioning
New in this release
  • Improved the Home page search speed
  • Improved OAuth logging to help diagnose errors
  • Increased the CRL request timeout in the Agent to 30s
  • Moved the webhook deploying logic to the background to avoid timeouts
  • Optimized the space used by Git repositories
  • Improved the Edge-related API error response by including environment ID and name
  • Added the display of the missing Edge stack deployment errors on the Edge stack environment status page
  • Fixed issues with Kubernetes resources not showing information correctly
  • Improved the overall experience for Kubernetes
Deprecated and removed features

Deprecated features

  • None

Removed features

  • Platform and Architecture-Specific Images: We have removed image tags named for various architectures using the convention <platform>-<arch>. These images tags were deprecated in a previous release. This change ensures further standardization and consistency across our software distribution.

v2.22.0

Compare Source

CE Release Notes

This is a STS (Short Term Support) release that includes all the changes added up to and including the 2.21.2 release, as well as various fixes aimed at enhancing the stability and scalability of Portainer.

Known Issues
  • GitOps updates option is not visible when first deploying stacks from Git on Docker (but can be configured after the stack is deployed)
What’s Included:
  • Changes from 2.21.x:
    • This STS release incorporates all the features, improvements, and bug fixes from the 2.21.x series.
    • For more details, refer to the 2.21.x release notes.
New in this Release:
  • Podman Support:
    • Portainer now supports Podman. It can be installed on Podman and manage Podman environments. Initial support includes Podman 5.x running on CentOS environments.
  • Better Kubernetes Management Experience:
    • The Kubernetes management experience has been overhauled by relocating most of the logic from the client to the server, improving client speed and responsiveness. This update also introduces the ability to manage all Kubernetes resources via a simplified, abstracted API.
  • Edge Capabilities Improvements:
    • Enhancements to the Edge features have resulted in a more stable, performant, and reliable experience when using Edge capabilities.
  • Stability Improvements:
    • Various fixes have been applied to increase the overall stability of Portainer.
  • Scalability Enhancements:
    • Adjustments have been made to improve Portainer's performance and reliability at scale, especially in larger environments.
  • Security:
    • Critical and high-security vulnerabilities (CVEs) in dependencies shipped within the Portainer images have been addressed. Key components, such as the Docker client and kubectl, have been updated to ensure a secure environment.
Deprecated and Removed Features:

Deprecated features

  • We are deprecating image tags named for various architectures using the convention <platform>-<arch>. This change ensures further standardization and consistency across our software distribution.

Removed features

  • Platform and Architecture-Specific Images:
    • We are removing images named using the convention <platform>-<arch>-<version>. These images were deprecated in a previous release in favor of the newer convention <version>-<platform>-<arch>. This change ensures standardization and consistency across our software distribution.
  • Kompose Logic:
    • All logic related to Kompose has been removed, following its deprecation in a previous version.
  • Nomad Support:
    • All logic related to Nomad support has been removed after it was deprecated and subsequently removed from the client in version 2.20.

Breaking changes

  • As part of the changes in the Kubernetes experiences, some API operations for Kubernetes management may have changed slightly.

Known issues

  • Known issues with Podman support:
    • Podman environments aren't supported by auto-onboarding script
    • It's not possible to add Podman environments via socket when running a Portainer server on Docker (and vice versa)
    • Support for only CentOS 9, Podman 5 rootful
    • Unable to create an image from a container
    • In-app CE to BE upgrade link doesn't appear on Podman
  • Known issues with Kubernetes management:
    • Applications deployed via helm chart are no longer grouped on the App list screen
    • Service accounts, Cluster Roles/Bindings, Roles/Role Bindings) show system resources when the toggle is off
    • Standard users can't get cluster scoped ingress controllers
    • Unused label incorrectly showing on used volumes, and Used by column is blank
    • NaN value on Memory & CPU used bars on Node Details screen
    • CPU/Memory Limit/Reservation values on Applications running on this node table rounding down
    • Volumes created within Portainer are incorrectly labelled as External
    • Standard users on CE can no longer select and remove volumes