containerd
`nerdctl login` should warn about passing along an explicit scheme
Description
While pull and push do not allow explicit schemes (as image identifiers do not), both docker and nerdctl login DO allow it, albeit ignoring them entirely.
Our suggestion is to:
- warn the user that this syntax is only supported as a convenience and that the scheme is ignored (which docker should do too)
This will impact #3046 - which I believe still matters as there should be a way to talk TLS even with localhost.
Steps to reproduce the issue
dmp@lima-dock:/Users/dmp/Projects/go/nerdctl$ sudo nerdctl login http://192.168.5.15
Describe the results you received and expected
ERRO[0000] failed to call tryLoginWithRegHost error="failed to call rh.Client.Do: Get \"https://192.168.5.15/v2/\": dial tcp 192.168.5.15:443: connect: connection refused" i=0
What version of nerdctl are you using?
1.7.6
Are you using a variant of nerdctl? (e.g., Rancher Desktop)
None
Host information
No response
Hi @apostasie,
the scheme is not ignored during nerdctl login, there is a fallback from https to http in specific justified situations where we can add a warning message to notify the user
@fahedouch any user specified scheme in the url is just ignored entirely.
Try for example: nerdctl login http://index.docker.io
The fact that we fallback from https to http (typically through --insecure-registry) is orthogonal.
@fahedouch any user specified scheme in the url is just ignored entirely.
Try for example:
nerdctl login http://index.docker.ioThe fact that we fallback from https to http (typically through --insecure-registry) is orthogonal.
It looks like a bug. It is not the intended behavior. Let me check this.