Full implementation of Docker registry scope (JWT authentication)

Description

As I'm using GitLab to provide JWT authentication tokens to use as bearer token when using the docker registry API, I want to have a full implementation of the Docker registry scope so that it is possible to use all features of the Docker registry API without getting an insufficient_scope error.

Proposal

Expand the scope configuration currently available in Gitlab. Check out the Docker docs for more information about the allowed scopes in the Docker registry: https://docs.docker.com/registry/spec/auth/scope/#resource-actions

Links / references

Relates to #26465 (closed) and !13248 (merged), which are only requesting the asterisk.

Overview

What is it?

Expansion of the current scope implementation.

Why should someone use this feature?

The Docker registry is only manageable using the API. To allow the usage of all enhances features, you need a more complete implementation of the scope to prevent issues like an insufficient_scope error.

What is the underlying (business) problem?

At the moment, it isn't possible to manage the registry itself because of the missing scopes in GitLab (GitLab will returns a 500 error when trying).

How do you use this feature?

API only

Use cases

Everyone who's using the GitLab JWT authentication in conjunction with Docker registry and wanting to use the more enhanced feature of the Docker registry API.

Feature checklist

• Feature assurance
• Documentation
• Added to features.yml