-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Zarf 0.28.0/0.28.1 unauthenticated OCI registry error #1881
Labels
Comments
5 tasks
5 tasks
Racer159
pushed a commit
that referenced
this issue
Jul 10, 2023
## Description Fixes what I broke. This does re-architect some portions of OrasRemote and locks it down more. Everything in `*remote.Registry` is no longer exposed to outside usage and users of this remote client are restricted to the public receiver methods written in `pkg/oci`. The context is now private as it really should not be edited outside of private receivers within OrasRemote. During the writing of this PR I found out that ORAs already handles scopes at the request level and there is zero need to handle scopes yourself. I have not checked if I never had to do this, or if ORAs updated. ## Related Issue Fixes #1881 Fixes #1795 Fixes #1821 ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Signed-off-by: razzle <harry@razzle.cloud>
cmwylie19
pushed a commit
that referenced
this issue
Jul 10, 2023
## Description Fixes what I broke. This does re-architect some portions of OrasRemote and locks it down more. Everything in `*remote.Registry` is no longer exposed to outside usage and users of this remote client are restricted to the public receiver methods written in `pkg/oci`. The context is now private as it really should not be edited outside of private receivers within OrasRemote. During the writing of this PR I found out that ORAs already handles scopes at the request level and there is zero need to handle scopes yourself. I have not checked if I never had to do this, or if ORAs updated. ## Related Issue Fixes #1881 Fixes #1795 Fixes #1821 ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Signed-off-by: razzle <harry@razzle.cloud>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environment
Device and OS: macOS
App version: 0.28.0, 0.28.1
Kubernetes distro being used: N/A, k3d
Steps to reproduce
Zarf 0.28.0/1 appear to be unable to pull/deploy from an OCI registry unless authenticated.
I am running into the exact same issue described in #1677 - I won't duplicate all the description but this is my way of reproducing:
Expected result
Zarf should be able to pull unauthenticated, as oras is able to.
Actual Result
Zarf fails to pull unless authenticated.
The text was updated successfully, but these errors were encountered: