Hello,
I’m doing a proof of concept using container registry from gitlab ce .
I activated container registry by removing comments from /etc/gitlab/gitlab.rb file and executing gitlab-ctl reconfigure.
This GitLab CE version is installed on a VM.
[GitLab] [15.1.0]
GitLab Shell 14.7.4
GitLab Workhorse v15.1.0
GitLab API v4
GitLab KAS 15.1.0
Ruby 2.7.5p203
Rails 6.1.4.7
PostgreSQL 12.10
Redis 6.2.
File /etc/gitlab/gitlab.rb contents:
external_url ‘https://gitlab.local’
gitlab_rails[‘monitoring_whitelist’] = [‘127.0.0.0/8’, ‘::1/128’,‘10.191.191.191’ ]
gitlab_rails[‘backup_keep_time’] = 86400
gitlab_rails[‘rack_attack_git_basic_auth’] = {
‘enabled’ => false,
‘ip_whitelist’ => [“127.0.0.1”],
‘maxretry’ => 10,
‘findtime’ => 60,
‘bantime’ => 3600
}
registry_external_url ‘https://registry.gitlab.local:5050’
gitlab_rails[‘registry_enabled’] = true
gitlab_rails[‘registry_host’] = “gitlab.local”
gitlab_rails[‘registry_port’] = “5050”
gitlab_rails[‘registry_path’] = “/var/opt/gitlab/gitlab-rails/shared/registry”
registry[‘enable’] = true
registry[‘username’] = “registry”
registry[‘group’] = “registry”
registry[‘uid’] = nil
registry[‘gid’] = nil
registry[‘dir’] = “/var/opt/gitlab/registry”
registry[‘registry_http_addr’] = “localhost:5000”
registry[‘debug_addr’] = “localhost:5001”
registry[‘log_directory’] = “/var/log/gitlab/registry”
registry[‘env_directory’] = “/opt/gitlab/etc/registry/env”
registry[‘log_level’] = “debug”
registry[‘log_formatter’] = “text”
registry[‘health_storagedriver_enabled’] = true
registry[‘storage_delete_enabled’] = true
registry[‘validation_enabled’] = false
registry[‘autoredirect’] = false
registry[‘compatibility_schema1_enabled’] = false
nginx[‘enable’] = true
nginx[‘redirect_http_to_https’] = true
registry_nginx[‘redirect_http_to_https’] = true
mattermost_nginx[‘redirect_http_to_https’] = true
nginx[‘ssl_certificate’] = “/etc/gitlab/ssl/gitlab.local.crt”
nginx[‘ssl_certificate_key’] = “/etc/gitlab/ssl/gitlab.local.key”
node_exporter[‘enable’] = false
gitlab_exporter[‘home’] = “/var/gitlab/gitlab-monitor”
prometheus_monitoring[‘enable’] = false
I already performed several tests but the issue persists.
Executing ’ docker login registry.gitlab.local:5050 ’ generates the following error:
Error response from daemon: Get “https://registry.gitlab.local:5050/v2/”: Forbidden
Executing ’ curl --insecure curl -v -u testeuser https://registry.gitlab.local:5050/v2/ ’ generates the following error:
{“errors”:[{“code”:“UNAUTHORIZED”,“message”:“authentication required”,“detail”:null}]}
Gitlab log /var/log/gitlab/registry/current shows the following error:
2022-12-22_17:19:04.81626 time=“2022-12-22T17:19:04.815Z” level=debug msg=“authorizing request” correlation_id=01GMXDGZKB0K32MEJRDKC8NFCD go_version=go1.17.6 root_repo= version=v3.39.2-gitlab
2022-12-22_17:19:04.81629 time=“2022-12-22T17:19:04.815Z” level=warning msg=“error authorizing context: authorization token required” correlation_id=01GMXDGZKB0K32MEJRDKC8NFCD go_version=go1.17.6 root_repo= version=v3.39.2-gitlab
2022-12-22_17:19:04.81629 {“content_type”:“application/json”,“correlation_id”:“01GMXDGZKB0K32MEJRDKC8NFCD”,“duration_ms”:4,“host”:“registry.gitlab.local:5050”,“level”:“info”,“method”:“GET”,“msg”:“access”,“proto”:“HTTP/1.1”,“referrer”:“”,“remote_addr”:“127.0.0.1:33972”,“remote_ip”:“127.0.0.1”,“status”:401,“system”:“http”,“time”:“2022-12-22T17:19:04.816Z”,“ttfb_ms”:4,“uri”:“/v2/”,“user_agent”:“curl/7.61.1”,“written_bytes”:87}
I’m sure the user and password is working as i can login to Gitlab GUI. Also generated an access token but the errors are the same…
So, currently I’m not sure if this is a miss configuration or any type of bug from Gitlab software .
Thanks for any help !