Ramkumar Chinchani
Ramkumar Chinchani
We should really be using #936 for this.
Not a bug! `search` is the only extension exposed via HTTP and without that exposing discover API is not useful.
ideally, this URI should only accept `localhost` connections
Can `docker` cli push to OCI compliant registries by talking OCI dist-spec on the wire directly? As a workaround, can do it in two steps. 1. Use docker/buildx to output...
An update on this, more formalized as as OCI dist-spec extension: https://github.com/project-zot/zot/blob/main/pkg/extensions/search/search.md discoverable via: https://github.com/opencontainers/distribution-spec/tree/main/extensions https://github.com/opencontainers/distribution-spec/blob/main/extensions/_oci.md
Thanks, works nicely with registry features like so: https://zotregistry.io/latest/admin-guide/admin-configuration/?h=lint#linting-uploaded-images
@seniorquico `zot` also supports social logins. We had a little trouble with coordinating all these paths wrt basic/bearer authN. Will follow this up with a more complete answer.
@alexstan12 can you answer this pls?
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate @seniorquico Currently, we return only one "auth-scheme". In theory, multiple WWW-Authenticate (w auth-scheme) should be possible, however, not sure if clients will break if we did that. @peusebiu maybe...
https://github.com/opencontainers/wg-auth/issues/12 ^ we have filed an issue with OCI, let's wait and see what they say.