Skip to content

docker/image_dest: ask for pull action in token scope #258

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mtrmac merged 1 commit into from
Mar 28, 2017
Merged

docker/image_dest: ask for pull action in token scope #258

mtrmac merged 1 commit into from
Mar 28, 2017

Conversation

@lucab
Copy link
Member

@lucab lucab commented Mar 28, 2017

After PR #202, PutBlob() now goes through an initial HasBlob()
which may require authentication in order to perform the check;
in such case a push-only scoped token will fail with:

service="registry.docker.io",scope="repository:<name>:pull",error="insufficient_scope"

This fixes the above case by changing the scope of the token
requested for uploads, allowing pull+push.

Signed-off-by: Luca Bruno [email protected]

@lucab
docker/image_dest: ask for pull action in token scope
0062a02 
After PR containers#202, PutBlob() now goes through an initial HasBlob()
which may require authentication in order to perform the check;
in such case a push-only scoped token will fail with:
```
service="registry.docker.io",scope="repository:<name>:pull",error="insufficient_scope"
```

This fixes the above case by changing the scope of the token
requested for uploads, allowing pull+push.

Signed-off-by: Luca Bruno <[email protected]>
@lucab
Copy link
Member Author

lucab commented Mar 28, 2017

/cc @mtrmac as #202 author

@lucab lucab force-pushed the ups/docker-dest-scope-pull-action branch from 77a3551 to 0062a02 Compare March 28, 2017 14:59
@runcom
Copy link
Member

runcom commented Mar 28, 2017
edited
Loading

LGTM

Approved with PullApprove

@mtrmac
Copy link
Collaborator

mtrmac commented Mar 28, 2017
edited by runcom
Loading

👍

Thanks!

(Note to self: docker/docker/distribution.v2Pusher.Push is also using both push and pull, so this is, if anything, likely to be more compatible than the previous code.)

Approved with PullApprove

@mtrmac mtrmac merged commit 72d9323 into containers:master Mar 28, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lucab @runcom @mtrmac