Project Access Token can't pull from Container Registry

I’m not sure, if I’m missing sth. or if there is a bug or regression, but I can’t use a project access token to pull from the container registry.

I created a token with role guest and read_registry permission, used podman login -u test (as far as I understand the docs, the username can be anything: “Any non-blank value as a username.”) and ran podman pull and it gave me

# podman pull
Trying to pull
Error: initializing source docker:// reading manifest tag in errors:
denied: requested access to the resource is denied
unauthorized: authentication required

Same result with using role owner and all available scopes.

Using a personal access token instead works.

Related: Project access token: interaction between role and scope for registry

Never mind. After one day of debugging I realized I created the token for the wrong project. I tried to pull the container image from another project.

1 Like