-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Jenkins: 2.263.4 (LTS)
Image Tag Parameter: 1.9
Reading tags from our local docker registry does not work. On the build page there is the error message "HTTP status: Unauthorized" despite providing suitable credentials.
Relevant log:
März 10, 2021 1:40:09 NACHM. WARNUNG io.jenkins.plugins.luxair.ImageTag getAuthService No AuthService available from https://registry:5000/v2/ März 10, 2021 1:40:09 NACHM. INFORMATION io.jenkins.plugins.luxair.ImageTag getAuthToken Basic authentication März 10, 2021 1:40:09 NACHM. SCHWERWIEGEND io.jenkins.plugins.luxair.ErrorInterceptor onFail null März 10, 2021 1:40:09 NACHM. WARNUNG io.jenkins.plugins.luxair.ImageTag getAuthToken Token not received März 10, 2021 1:40:09 NACHM. WARNUNG io.jenkins.plugins.luxair.ImageTag getImageTagsFromRegistry HTTP status: Unauthorized
On the registry server there is a corresponding log message:
[10/Mar/2021:12:40:09 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "unirest-java/3.1.00" time="2021-03-10T12:40:09.103392767Z" level=warning msg="error authorizing context: authorization token required" go.version=go1.11.2 http.request.host="registry:5000" http.request.id=69f6942d-62b0-4658-bd91-e008b43b8e6c http.request.method=GET http.request.remoteaddr="REMOTE_IP:38834" http.request.uri="/v2/MY_IMAGE/tags/list" http.request.useragent="unirest-java/3.1.00" vars.name="MY_IMAGE"
I used curl to see whats going on:
$ curl https://registry:5000/v2/
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}
Using "-v" I can see that the www-authenticate header points correctly to our auth-service (which is running on the same server, but on different port)
www-authenticate: Bearer realm="https://registry:5001/auth",service="Docker registry"
Running
curl --user USERNAME:PASSWORD https://registry:5001/auth
correctly returns an access_token.