Want to take your software engineering career to the next level? Join the mailing list for career tips & advice Click here


groovy kind of love

Subscribe to updates I use collins

Statistics on collins

Number of watchers on Github 493
Number of open issues 83
Average time to close an issue 6 days
Main language Scala
Average time to merge a PR 6 days
Open pull requests 34+
Closed pull requests 10+
Last commit over 2 years ago
Repo Created about 8 years ago
Repo Last Updated over 2 years ago
Size 219 MB
Homepage tumblr.github.com...
Organization / Authortumblr
Latest Releasev2.2.0
Page Updated
Do you use collins? Leave a review!
View open issues (83)
View collins activity
View on github
Book a Mock Interview With Me (Silicon Valley Engineering Leader, 100s of interviews conducted)
Software engineers: It's time to get promoted. Starting NOW! Subscribe to my mailing list and I will equip you with tools, tips and actionable advice to grow in your career.
Evaluating collins for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)



Published documentation follows the most recent release of collins.

For documentation on developing, building, general architecture and unreleased changes please use the wiki. This documentation is in flux, currently lacking and constantly being worked on.

All documentation links point to the most recent release.

Build Status



Use a Zip

Build from Source

Docker Image

Details about the docker container and building your own container are available in the documentation

tl;dr: docker run -p 9000:9000 tumblr/collins


Copyright 2016 Tumblr, Inc.

Licensed under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.


Email collins-sm@googlegroups.com or see the mailing list archive at https://groups.google.com/forum/#!forum/collins-sm

Internal (Tumblr) docs

To create a production zip and deploy to production:

  • ensure capistrano 2.15.5 is installed
  • ensure net-ssh < 2.7.0 is installed - versions 2.7.0 and above are broken with our environment
  • download the minimal package for play activator 1.3.6 from here. Unpackage it into ~/src/activator-1.3.6-minimal or define $PLAY_CMD with an alternate location
  • run ./scripts/package.sh which will produce target/collins.zip
  • run cap publish:collins which will upload and link to release to http://repo.tumblr.net:8888/collins.zip
  • run cap ewr01 deploy to deploy to ewr01 and cap d2 deploy to deploy to d2
collins open issues Ask a question     (View All Issues)
  • almost 4 years Allow updating intake attributes via API
  • almost 4 years Document intake process
  • about 4 years Fix failing tests
  • about 4 years collins-shell: shows memory for empty slots
  • about 4 years Impossible to search for attributes including a dash (-) via CQL
  • about 4 years Find assets endpoints (/api/assets) forces substring/partial match in attributes
  • about 4 years Base Serial How does your computer identify itself?
  • about 4 years Creating a new address should not require gateway and netmask
  • about 4 years Monitoring tab missing
  • about 4 years solr fails and stops indexing when attribute too long
  • about 4 years collins failed to start
  • about 4 years Collins should handle missing vlan-name in LLDP reports
  • about 4 years collins throws 5xx when accessing asset without ipmi data
  • over 4 years Populating Collins - How are people doing this?
  • over 4 years If neither startAddress or gateway are specified for a pool, collins will allocate the gateway address
  • over 4 years setup script not creating mysql tables
  • over 4 years v1.3.0 release build failure
  • over 4 years build steps
  • over 4 years getting started basics
  • over 4 years build failure
  • over 4 years gen_passwords.sh is not generating correct hashes
  • over 4 years IP Allocation in default pool fails
  • over 4 years Provisioning profiles endpoint should expose extra data
  • over 4 years Provision profiles API endpoint isnt documented
  • almost 5 years Embedded solr never reindexes on startup
  • almost 5 years spooky failure to start with "neither features.syslogAsset or multicollins.thisInstance were specified"
  • almost 5 years LDAP Docs are underdefined
  • almost 5 years Ability to delete a specific IP address
  • about 5 years collins.sh script poor use of * regex causes errors in starting collins
  • over 5 years CentOS recipe should mention httpd-tools rpm
collins open pull requests (View All Pulls)
  • change all instances of 2015 to 2016
  • Remove toplevel parameter from solr
  • gui delete fix
  • [consolr] readme: update reference config
  • allow listen address to be configured alongside port
  • disable PerfData inside container
  • let your $PATH do all the work
  • Ensure that we build only with java 1.7
  • External mysql db support
  • Adding methods to python client.
  • The permissions are named `feature.` not `features.`
  • Return NODECLASS in API
  • Trying to revive the tests
  • Update changelog for 2.1.0 release
  • Skip UID verification when ipmi config is missing
  • Add EXTRA_OPTS for extra java options which do not fit other types
  • Add ipmitool to container
  • Delete single ip address
  • Fix relative path to collins-client in collins-shell bin
  • Allow skipping chassis tag verification
  • Add checkbox to redirect New assets to intake
  • make default docker permissions.yaml synchronized with latest changes
  • Document intakeIpmiOptional
  • Show overview broken out by interface capacities
  • Dynamic Enum Fix
  • improve power status reporting
  • Add gpu support
  • Order metadata by groupId
  • Tuning for Solr to improve indexing latency
  • Add mention of internal wiki in internal docs section
  • multistage docker builds
  • Fix the ::Fixnum deprecation warning on Ruby 2.4+
  • Update the thor dependency constraint for collins-shell
  • Split out gems
collins questions on Stackoverflow (View All Questions)
  • Collins POS tagset
  • Can collins parser give me the dependency relations?
collins list of languages used
collins latest release notes
v2.2.0 2.2.0

This version of Collins includes an important security patch, as well as several new features and bug fixes.

The security patch is adding CSRF protection to the various forms of the Collins web UI. Currently, if an attacker can guess (or bruteforce) the asset tags of nodes he or she would be able to create assets, decommission assets, put assets in maintenance, etc. by getting a logged in user to visit a webpage. More information can be found in the pull request (#560).

Here is the full list of merged pull request since the last release. Many thanks to everyone who contributed!

  • Trying to revive the tests #491 @discordianfish
  • Fix respond_to? is old fashion warning #501 @william-richard
  • Only query allocated remote assets #498 @william-richard
  • Added docs explaining how to cut a collins release #503 @william-richard
  • Add ipmitool to container #506 @michaeljs1990
  • Fix relative path to collins-client in collins-shell bin #504 @ssgelm
  • Add EXTRA_OPTS for extra java options which do not fit other types #507 @vhp
  • pin rake for collins-state gem #516 @byxorna
  • Make base_serial optional in LSHW parsing #517 @byxorna
  • make default docker permissions.yaml synchronized with latest changes #494 @byxorna
  • make vlan-id attribute optional in lldp #523 @byxorna
  • Fix unit tests for CI travis #531 @byxorna
  • AddressPool name conversion should always handle defaultPoolName correctly #527 @byxorna
  • IPMI network allocations API with pool support #513 @byxorna
  • Add IPMI pools to /api/address/pools endpoint #521 @michaeljs1990
  • Add Classification to asset API #538 @michaeljs1990
  • Show overview broken out by interface capacities #548 @byxorna
  • Tuning for Solr to improve indexing latency #529 @byxorna
  • Add gpu support #537 @jyundt
  • Adding methods to python client. #456 @ytjohn
  • Fix ipmi pool api #554 @michaeljs1990
  • Dynamic Enum Fix #547 @michaeljs1990
  • Fix duplicate getLshwValues definition #560 @byxorna
  • Add logo and favicon #563 @defect
  • Add support for NVMe disks in LSHW #565 @defect
  • Don't show Graphs tabs if plugin is disabled #556 @defect
  • CSRF protection for web forms #570 @defect
v2.1.0 2.1.0

Collins 2.1.0 has a very important security patch.

Collins has a feature that allows you to encrypt certain attributes on every asset. It also had a permission that restricted which users could read those encrypted tags. It did NOT have a permission that restricted which users could modify encrypted tags.

It is strongly recommended that you upgrade to collins 2.1.0 if you are using the encrypted tags feature, as well as rotate any values stored in encrypted tags.

The severity of this vulnerability depends heavily upon how you use collins in your infrastructure. If you do not use the encrypted tags feature, you are not vulnerable to this problem. If you do use the encrypted tags feature, you will need to explore your automation and consider how vulnerable you are.

If, for example, your infrastructure has automation that regularly sets the root password on servers to match a value that is in collins, an attacker without the ability to read the current password could set it to a value that they know, wait for the automation to change the password, and then gain root on a server.

This change is backwards compatible with collins v2.0.0, though once you upgrade it will stop any writes to encrypted tags by users that have not been granted feature.canWriteEncryptedTags permission. We have also renamed feature.canSeePasswords to feature.canSeeEncryptedTags, but collins will continue to respect the value of feature.canSeePasswords if feature.canSeeEncryptedTags is not set. Once feature.canSeeEncryptedTags is set, collins will ignore the value of feature.canSeePasswords.

  • Ensure that we build only with java 1.7 #473 @Primer42
  • Write encrypted tags permission #486 @Primer42
v2.0.0 2.0.0

Collins 2.0.0 is finally released! As of this release, we will start following semantic versioning (http://semver.org/). There have been some non-backwards compatible changes to collins' functionality and configuration settings, but nothing that will be too difficult to upgrade.

Here are some highlights of what has changed since the last release:

Dropping support for java 1.6 Event firehose Refactor of collins' caching logic, to safely support HA Improved LDAP authentication configuration Python collins client Consolr gem, for executing IPMI commands on collins assets Upgraded to play 2.3.9

Thanks to @MaximeDevalland, @Primer42, @andrewjkerr, @baloo, @byxorna, @davidblum, @defect, @funzoneq, @gtorre, @maddalab, @schallert, @sushruta and @unclejack for their contributions!

And here are all the pull requests included in this release, in no particular order

  • Ipmi validation #309 @maddalab
  • Fix collins-notify for ruby 2.2.0 #310 @byxorna
  • my bad, i didnt build the gem after adopting feedback #311 @byxorna
  • collins_client clean up #307 @defect
  • Fix the error message displayed when login fails #314 @maddalab
  • Fix issue with invoking authentication twice #316 @maddalab
  • Remove use of async result during asset cancel request #319 @maddalab
  • Minor: A Two-Tuple of Options where only one of the tuple elements is Some at a time is an either #320 @maddalab
  • Update play to 2.3.9 #322 @maddalab
  • Minor: Upgrade solr and httpcomponents version #321 @maddalab
  • Set IPMI Password minLength to 4 #327 @MaximeDevalland
  • Use a hostname deploy (useful for standbys) #328 @maddalab
  • Minor: Styling using bootswatch themes #325 @maddalab
  • Use the tryAuthCache method to avoid making auth queries continously. #332 @maddalab
  • Fix the color scheme #333 @Primer42
  • cleanup the dockerfile some #334 @byxorna
  • Bug: Avoid recursive (stack overflowing) error with ldap auth #335 @maddalab
  • Update README.md to use correct GitHub Pages URL #336 @andrewjkerr
  • Rethink use of Guava cache using play's plugin architecture #337 @maddalab
  • added input search field in top bar #330 @MaximeDevalland
  • fixed input search, was returning all results #343 @MaximeDevalland
  • fix asset_log.created_by to be varchar(255) #342 @byxorna
  • Changes to search bar #344 @maddalab
  • Added a new gem - consolr wrapping on top on IPMI Tool #346 @sushruta
  • Ensure only 1 instance of auth provider is ever created #348 @maddalab
  • api delete endpoint #349 @gtorre
  • Fixing relative paths and missing bracket #351 @funzoneq
  • Reintroduce caching into models #350 @maddalab
  • Handle leading/trailing white space in top search bar field. #352 @maddalab
  • Only fetch the required fields from solr. #353 @maddalab
  • Adding additional stats. #354 @maddalab
  • Instrumenting with more stats #355 @maddalab
  • Instrumenting with stats around the serialization of json. #356 @maddalab
  • Minor cleanups #357 @maddalab
  • Fix collins-client gem unit tests #361 @gtorre
  • travis improvments #360 @Primer42
  • Consolr dangerous asset behavior and unit tests #359 @Primer42
  • Will fix use whitelist on repurpose de base #365 @Primer42
  • Introducing hazel cast for clustered operation of collins #367 @maddalab
  • Fix some specs that were not using the right scope #368 @maddalab
  • Addressing issue with specification scope for a couple of tests. #369 @maddalab
  • Running the cache spec for both In-memory and Distributed #370 @maddalab
  • adding unit tests for delete (nuke) action #372 @gtorre
  • Added scoverage based coverage reports. #373 @maddalab
  • bump versions in build.sbt, h2, solr, mysql-connector, snakeyaml, jsoup, bootstrap #374 @maddalab
  • Address the setting of attributes and handling of whitelisted attribs when provisioning #376 @maddalab
  • Minor tweaks from changes to support useWhitelistOnRepurpose. #377 @maddalab
  • Implement a firehose for events #379 @maddalab
  • Enable asset distance test #381 @maddalab
  • Upgrade activator to 1.3.6 from 1.3.4 #382 @maddalab
  • [ipmi] allow templating of asset tag in config #386 @schallert
  • Gabe optional ipmi power restrictions #388 @byxorna
  • update dockerfile to jdk8 and cleanup build #390 @byxorna
  • Refactor/scalaish #392 @baloo
  • Include solr query string in cache key #396 @defect
  • Revert Include solr query string in cache key #400 @defect
  • fix timeout deprecation warning in collins client request #406 @byxorna
  • add volume for solr cores #402 @byxorna
  • Make remote query cache timeout configurable #401 @defect
  • Fix multi-collins queries #407 @defect
  • Collins-shell fix dependencies #408 @Primer42
  • format provisioning errors less shittily #405 @byxorna
  • Consolr updates #412 @defect
  • Travis runs are having trouble with the http -> https redirect #420 @Primer42
  • Remove toplevel parameter from solr #397 @defect
  • change all instances of 2015 to 2016 #413 @sushruta
  • Add support for sensor reading #423 @defect
  • add a flag for consolor to print SOL info #424 @sushruta
  • Gracefully handle when HOME is not set by making consolr bypass those config files #425 @Primer42
  • Fix minor typo in my last consolr PR #426 @Primer42
  • Dockerfile: use the JRE image, not JDK #419 @unclejack
  • [consolr] readme: update reference config #431 @schallert
  • Updated minAddress to respect startAt #432 @davidblum
  • add /usr array of java_home locations #440 @davidblum
  • Add a parameter to disable the multicollins cache #437 @Primer42
Other projects in Scala
Powered by Autocode - Instant Webhooks, Scripts and APIs
Autocode logo wordmark