zot: [Bug]: requested access to the resource is denied

zot version

v2.0.0-rc5

Describe the bug

requested access to the resource is denied with not default docker repo example I have docker repo https://docker.io/test when I trying to pull from localhost:5000/test/hybrid-adm:hybrid it give error in pulling images.

To reproduce

  1. Configuration "sync": { "credentialsFile": "/secret/dockercfg.json", "enable": true, "registries": [ { "urls": [ "https://docker.io/test" ], "content": [ { "destination": "/test", "prefix": "**" } ], "onDemand": true, "tlsVerify": true } ] }
  2. Client tool used
  3. Seen error {"level":"error","error":"reading manifest hybrid in docker.io/library/hybrid-adm: requested access to the resource is denied","repo":"hybrid-adm","reference":"hybrid","goroutine":77,"caller":"zotregistry.io/zot/pkg/extensions/sync/service.go:361","time":"2023-07-02T17:35:15.044407894Z","message":"couldn't get upstream image manifest details"} {"level":"error","error":"reading manifest hybrid in docker.io/library/hybrid-adm: requested access to the resource is denied","repository":"test/hybrid-adm","reference":"hybrid","goroutine":75,"caller":"zotregistry.io/zot/pkg/api/routes.go:1727","time":"2023-07-02T17:35:15.044625869Z","message":"error encounter while syncing image"}

Expected behavior

No response

Screenshots

No response

Additional context

No response

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 15 (5 by maintainers)

Most upvoted comments

@andaaron Thanks Working!

+2
BorisKofman on Jul 4, 2023

@peusebiu Thanks for your help so found the issue with your providen configuration I still get same error. After trying to debug the issue found that when adding test to rewrite-target in ingress fix the issue example: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: test-oci-ingress-v2 namespace: test labels: k8slens-edit-resource-version: v1 annotations: nginx.ingress.kubernetes.io/rewrite-target: /v2/test/$2 spec: ingressClassName: nginxv2 rules: - host: test http: paths: - path: /v2(/|$)(.*) pathType: ImplementationSpecific backend: service: name: oci-middleware port: number: 5000 probably ZOT not receiving the /test from docker pull @peusebiu Thanks for help

+1
BorisKofman on Jul 3, 2023
Read more comments on GitHub
← serum-dex: Error: 410 Gone: {"jsonrpc":"2.0","error":{"code": 410, "message":"The RPC call or parameters have been disabled."}
zot: crane cp fails →