I am using the docker registry built within a self hosted gitlab 15.0.2.
However to pull my images from a machine I need to authenticate.
Currently I do this with a separate user with only read_registry access to the required projects.
However, this user also takes up a license seat.
Is there another way?
Project access tokens and group access tokens allow for the same scopes with the container registry and help with automation.
Is there no way to have access tokens over groups? I need to pull images from 3 different groups.
Or should I move my whole organisation under an artificial group so I can have the same access token for my whole installation?
Instance-level access tokens are not yet available, I’d suggest commenting on the proposal in Instance Level Access Tokens (#263248) · Issues · GitLab.org / GitLab · GitLab and sharing your use case.
If it makes sense to have a “global” group, with subgroups nested underneath, this could be an applicable solution. Before doing so, suggest evaluating the impact (there are redirects when things are moved, but there might be some hardcoded URL strings or project paths somewhere in CI/CD configs for example).
Thanks, I voted on that issue. I hope it helps