Milos Gajdos
Milos Gajdos
There is some silly reflection stuff in `configuration` package to enable the ENV var shortcuts via cli...we should try fixing it
@DHmc133 can you please 1. Describe what you are trying to achieve and the motivations behind the PR 2. Always sign your commit Looks like there is a conflict that...
@DHmc133 your PR is broken and fails to build. As I said, you also need to sign your commit.
I feel like your trusted keys are not being loaded properly or you're not loading them at all: https://github.com/distribution/distribution/blob/d9815da9cba94fd9ca2e52c4781f0373e57323a8/registry/auth/token/accesscontroller.go#L282-L287 You need to provide a path to your [JWKS](https://datatracker.ietf.org/doc/html/rfc7517#section-5) and pass...
> if the key is not present in the registry config it results in a panic - "panic: unable to configure authorization (token): token auth requires at least one token...
Can you please format your message properly? It's impossible to parse useful info from it, I'm afraid. Also, it's hard to investigate in general if I can't see the JWT...
Thanks, that's useful. Off the top of my head, I can see that your JWT contains the [_optional_ `kid` value.](https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) > The "kid" (key ID) Header Parameter is a hint...
Yeah we're missing `jwks` section in the docs: https://github.com/distribution/distribution/blob/c49220d492233615f22c1eea91e3121a681751eb/registry/auth/token/accesscontroller.go#L184 Basically, it lets you specify the path to the keys you can use for verifying the JWT tokens -- in the...
I would strongly encourage you to use the `v3` release that contains a LOT of changes and fixes the now "in-maintainance" `v2.x` release does.
I just wanted to point out that _if_ there is some bug in `v2.x` it will not be fixed at this point and thus likely not even investigated I'm afraid,...