Handle auth error for container registry (!83278) · Merge requests · GitLab.org / GitLab

Vijay Hawoldar requested to merge vij-cr-storage-quota into master Mar 21, 2022

What does this MR do and why?

Modifies the auth service for container registry to return an error to satisfy https://gitlab.com/gitlab-org/gitlab/-/issues/348727

We take this approach because in Rails we can only handle this during JWT authentication, see the conversation here, and the summary here

How to set up and validate locally

Setup Container Registry in your local instance by following the docs
Modify this method to return true
Attempt to push an image, which should not succeed, e.g.
```
  docker push gdk.test:5000/gitlab-org/gitlab-test
```

If using Docker, you should receive the error message introduced in this MR. Docker alternatives do not bubble up the error, this is a known/accepted problem.

Alternatively you could test this using curl e.g.:

curl -u username:password --request GET \
  --url 'http://gdk.test:3000/jwt/auth?client_id=docker&service=container_registry&scope=repository%3Agitlab-org%2Fgitlab-test%3Apush'

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Mar 29, 2022 by Vijay Hawoldar

Handle auth error for container registry

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports