I created a token with role
read_registry permission, used
podman login -u test registry.my.domain (as far as I understand the docs, the username can be anything: “Any non-blank value as a username.”) and ran
podman pull registry.my.domain/group/project/image:tag and it gave me
# podman pull registry.my/domain/group/project/image:tag Trying to pull registry.my/domain/group/project/image:tag... Error: initializing source docker://registry.my/domain/group/project/image:tag: reading manifest tag in registry.my/domain/group/project/image: errors: denied: requested access to the resource is denied unauthorized: authentication required
Same result with using role
owner and all available scopes.
Using a personal access token instead works.