New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Registry authentication is not supported #754
Comments
Might or might not be useful to you, but I managed that by explicitly passing podman's registry auth file as an environment variable: REGISTRY_AUTH_FILE=secret.json toolbox create -i registry.redhat.io/ubi8/ubi ubi |
Indeed, this is possible. Still, we'd like Toolbox to tell the user that they should log into a registry to be able to pull an image. |
This depends on Or we need to re-implement The patch-set in #787 based on screen scraping the standard error stream of |
I don't think we should try to interpret podman failures (even if it would be good indeed if podman could tell us if login to a registry is needed to pull an image). The default behavior in the So I think this is case where we want to be able to specify different non-interactive default for some setups specifically (RHCOS for example), for example with a configuration file. If a certain configuration option is set (i.e. |
Reading the podman issue (containers/podman#10858), I understand that figuring out if credentials are needed is not easy. So what I would suggest instead would be to offer that as an advice to users and to let them decide:
|
Yes, that's what I was thinking myself. :) |
It's not possible to programmatically detect when an image requires logging into the registry [1]. Therefore, instead of trying to handle 'podman pull' failures due to lack of authorization, just mention that private images require 'podman login' and that further details of the failure can be found by using the --verbose option. [1] containers/podman#10858 containers#754
It's not possible to programmatically detect when an image requires logging into the registry [1]. Therefore, instead of trying to handle 'podman pull' failures due to lack of authorization, just mention that private images require 'podman login' and that further details of the failure can be found by using the --verbose option. [1] containers/podman#10858 containers#754 containers#852
It's not possible to programmatically detect when an image requires logging into the registry [1]. Therefore, instead of trying to handle 'podman pull' failures due to lack of authorization, just mention that private images require 'podman login' and that further details of the failure can be found by using the --verbose option. [1] containers/podman#10858 containers#754 containers#852
Fixed with #852 |
Describe the bug
Some registries (e.g., registry.redhat.io) require the user to be authenticated before they can pull an image from it. Toolbox should notice when a registry requires authentication and ask the user for their credentials instead of failing.
Steps how to reproduce the behaviour
toolbox create -i registry.redhat.io/ubi8/ubi
Expected behaviour
Toolbox allows the user to authenticate.
Actual behaviour
Toolbox fails to pull an image and exits
Output of
toolbox --version
(v0.0.90+)toolbox version 0.0.99.1
Toolbox package info (
rpm -q toolbox
)toolbox-0.0.99.1-1.fc35.x86_64
Output of
podman version
Podman package info (
rpm -q podman
)podman-3.1.0-0.42.dev.gitd999328.fc35.x86_64
Info about your OS
Fedora Silverblue Rawhide
Additional context
This is required for getting Toolbox into RHEL.
The text was updated successfully, but these errors were encountered: