Handle auth error for container registry
What does this MR do and why?
Related to https://gitlab.com/gitlab-org/gitlab/-/issues/348727
Modifies the auth service for container registry to return an error to satisfy https://gitlab.com/gitlab-org/gitlab/-/issues/348727
We take this approach because in Rails we can only handle this during JWT authentication, see the conversation here, and the summary here
How to set up and validate locally
- Setup Container Registry in your local instance by following the docs
- Modify this method to return true
- Attempt to push an image, which should not succeed, e.g.
docker push gdk.test:5000/gitlab-org/gitlab-test
If using Docker, you should receive the error message introduced in this MR. Docker alternatives do not bubble up the error, this is a known/accepted problem.
Alternatively you could test this using curl e.g.:
curl -u username:password --request GET \
--url 'http://gdk.test:3000/jwt/auth?client_id=docker&service=container_registry&scope=repository%3Agitlab-org%2Fgitlab-test%3Apush'
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Vijay Hawoldar