I have problems using GitLab CI to publish public packages into the generic package registry accessing the packages from inside the release page when not being logged in.
We created a GitLab CI configuration using this example and configured a public project.
I am able to create and upload generic packages and also access the packages from the Release page. I am also able to download those packages, as long as I am logged in. But as soon as I am logged out, I get a login when trying to download the packages using the release page, as this is referencing the v4 API link. If I am trying to download the package via the package registry page, I am able to.
Is it either possible to make the package registry accessible via API-v4 or generate the links on the release page in a way, that they are accessible for anonymous user?
Hi @snim2 everything is generally set to everyone with access, the only exception ist forks and metrics dashboard. Additionally we disabled issues, Git LFS, Wiki and snippets.
After further investigation, I found the corresponding entry in the docs. Authentication with the API is needed for downloading package files. I am wondering if it is possible to change this behavior for future releases, as the npm registry supports anonymous downloads, as long as the project is access-level is set to public.