docker_auth icon indicating copy to clipboard operation
docker_auth copied to clipboard

Published 20 hours ago verified publisher icon cesanta

docker-registry has changed its JWT implementation, no longer supports libtrust key IDs

Open zfLQ2qx2 opened this issue 4 months ago • 1 comments

It looks like docker-registry made a breaking change on Oct 19th, 2023:

https://github.com/distribution/distribution/pull/4096

As a result the kid field of the JWT token is no longer valid - the code to process the the values produced by docker-libtrust has been removed from docker-registry completely. It is not clear if the kid format just needs to be updated or if there are additional fields needed.

It looks like the last docker-registry commit that will work with the current docker-auth is 1d410148efe6d1b7fd56457507a9dd465b105ec4

zfLQ2qx2 avatar Mar 12 '24 04:03 zfLQ2qx2

Note that the breaking change is in v3 but not in v2 of registry. see https://github.com/distribution/distribution/releases

mikecook avatar Mar 12 '24 17:03 mikecook