zebox / registry-admin Goto Github PK
View Code? Open in Web Editor NEWDocker Registry UI tool that allows manage access based on a user actions (pull and push)
License: MIT License
registry-admin's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
registry-admin's Issues
Split UI settings store for different users
For different user, which login from same browser at same PC, should split UI settings when save.
Settings selector should pickup setting by user id at UI loading.
Error doesn't display when loading custom certs for registry token
When user try use own certificates and try loading they for registry token, loadCerts can throw an error, but it doesn't shows. If error exist registry-admin try creates new certs. The createCerts throw an error to because user certs already exist in destination folder.
// in registry/token.go package
if err = rt.loadCerts(); err != nil {
err = rt.createCerts()
if err != nil {
return nil, err
}
}Need handle loadCerts errors before call createCerts.
error authorizing context: authorization token required
Hi,
I'm trying to run the app in localhost (for testing purposes for now) using files from _examples/token_auth. I am able to login, but when I hit "Sync" button i see some error in log:
docker-registry-registry-1 | time="2023-08-09T18:24:10.564085228Z" level=warning msg="error authorizing context: authorization token required" go.version=go1.19.9 http.request.host="registry:5000" http.request.id=10dd6015-f1da-4b4f-97af-62b008efad78 http.request.method=GET http.request.remoteaddr="172.19.0.2:38366" http.request.uri="/v2/_catalog?n=50&last=" http.request.useragent="Go-http-client/1.1"
What can be the cause of this?
docker-compose file:
version: '2.1'
services:
registry-admin:
restart: unless-stopped
image: zebox/registry-admin:master
ports:
- 80:80
environment:
- RA_CONFIG_FILE=/app/config/token-ra-config.yml
volumes:
- ./certs:/app/certs
- ./config:/app/config
- ./data:/app/data
registry:
restart: unless-stopped
image: registry:2
ports:
- 50554:5000
environment:
- REGISTRY_AUTH_TOKEN_REALM=http://localhost/api/v1/registry/auth # <- !!! Change this for real hostname of RegistryAdmin and exposed port which accessible for docker clients
volumes:
- ./data:/var/lib/registry
- ./certs:/certs
- ./config/registry-config.yml:/etc/docker/registry/config.yml
depends_on:
- registry-admin
registry-config.yml:
version: 0.1
log:
accesslog:
disabled: false
level: debug
formatter: text
fields:
service: registry
storage:
filesystem:
rootdirectory: /var/lib/registry
maxthreads: 100
delete:
enabled: true
http:
addr: ":5000"
net: tcp
tls:
certificate: /certs/cert.crt
key: /certs/cert.key
auth:
token:
realm: http://localhost/api/v1/registry/auth # <- external ip accessible for clients from outside of container
service: container_registry
issuer: registry_token_issuer
rootcertbundle: /certs/cert.crt
notifications:
events:
includereferences: true
endpoints:
- name: ra-listener
disabled: false
url: http://registry-admin/api/v1/registry/events
headers:
Authorization: [Basic YWRtaW46c3VwZXItc2VjcmV0] # 'admin:super-secret' base64 encode string
timeout: 1s
threshold: 5
backoff: 3s
ignoredmediatypes:
- application/octet-stream
ignore:
mediatypes:
- application/octet-stream
token-ra-config.yml:
hostname: localhost
registry:
host: https://registry
port: 5000
auth_type: token
issuer: registry_token_issuer
service: container_registry
certs:
path: /app/certs
key: /app/certs/cert.key
public_key: /app/certs/cert.pub
ca_root: /app/certs/cert.crt
ip: 127.0.0.1 # <- paste a real IP of docker host which publish the container
fqdns: [registry, demo.host.local, localhost, registry.host.local]
store:
type: embed
admin_password: "super-secret"
embed:
path: /app/data/store.db
Error: "unauthorized: authentication required` in the middle of push process
I'm recieveing unauthorized: authentication required error in the middle of image push process:
root@RYZEN:/home/user/# docker push registry.mydomain.com/someimage:latest
The push refers to repository [registry.mydomain.com/someimage]
5f70bf18a086: Layer already exists
865c2d40902c: Layer already exists
d6df4d8f1d2b: Layer already exists
814b91d8ce2a: Pushing [==================================================>] 427.3MB
243673d2c35b: Layer already exists
e0e5c14f683a: Pushing [=======================> ] 212.8MB/459.5MB
3e8300fe133b: Layer already exists
cd6c2464dc51: Layer already exists
f7f303b50df0: Pushing [==================================================>] 240.8MB
d5fcc5cffc99: Pushing [==================================================>] 268.5MB
1fdbf5f06e1e: Layer already exists
eb5e1abd9327: Pushed
1059c10ff87a: Pushed
3cdaf4f3899c: Pushed
57d046864aa6: Pushed
3eb0486809d0: Pushed
1efc5401b6f1: Pushed
b31fe8530467: Pushed
c151effcd197: Pushed
0b0b8e9d2e04: Pushed
a9ed1f92fa62: Pushing [==================================================>] 13.28MB
6e28a572644e: Waiting
67b5ce3064ab: Waiting
88cd9b949e2e: Waiting
e2ef8a51359d: Waiting
unauthorized: authentication required
In logs I found:
registry_1 | time="2023-08-12T11:07:55.859035163Z" level=warning msg="error authorizing context: invalid token" go.version=go1.19.9 http.request.host=registry.mydomain.com http.request.id=1e427dd3-f10a-4be5-8eff-d7fac425db04 http.request.method=PATCH http.request.remoteaddr=XX.XX.XX.XX http.request.uri="/v2/someimage/blobs/uploads/8c879921-b2e4-43eb-982e-e41eb42e174c?_state=S26m-OteMyJ3enZXXezp-PB6ZJCrGYnk-PxV_pxbtTJ7Ik5hbWUiOiJjb3JvZmxleCIsIlVVSUQiOiI4Yzg3OTkyMS1iMmU0LTQzZWItOTgyZS1lNDFlYjQyZTE3NGMiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMjMtMDgtMTJUMTE6MDU6MzguODQ1MzI0MjA2WiJ9" http.request.useragent="docker/24.0.2 go/go1.20.4 git-commit/659604f kernel/5.15.90.1-microsoft-standard-WSL2 os/linux arch/amd64 UpstreamClient(Docker-Client/24.0.2 \(linux\))" vars.name=someimage vars.uuid=8c879921-b2e4-43eb-982e-e41eb42e174c
I'm using NGINX Proxy Manager, so I'm not sure if it's actually registry-admin problem.
i push to docker registry successed , but i get "Repositories entry not found"(always) in registry admin
i follow the example : basic_auth
at the beginning every thing is ok
i can login registry-admin ,i can manager user , when i request docker registry the basic auth is worked also.
but ..... i always get "Repositories entry not found" with registry-admin , i tried to click 'sync' nothing changed.
why i get this , what i should to do , can you help me please
oh, by the way , i changed admin default password and i also changed base64 string which used in registry config file , i think it is ok.
i checked registry config , i found this
notifications: events: includereferences: true endpoints: - name: ra-listener disabled: false url: http://{registry_admin_host:port}/api/v1/registry/events
i think this is to set registry to notify registry admin repositery changed then i turned on registry-admin logout , then i'm not found any request to '/api/v1/registry/events' , is that wrong ?
Delete access when delete event handle
Should delete access for deleted repository when an delete event is occurring
Repositories list form display incorrect size of repository
Repositories list form should display summary size of each repository entries. For display list without tag used groupBy condition in SQL query, which select size only of a top entry.
Required fix this.
Error occured when sorting by resource type field in accesses
When user try sorting by resource type field in accesses server return error. Resource type reserved and predefined and should be hide from UI.
Create and publish docker image to Docker Hub
Create and publish docker image to Docker Hub
Prepare builder for cross-platform binary
Prepare CI builder for cross-platform binary when release push.
Delete access after user delete
When user delete from RegistryAdmin it also should be delete from access list
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.