Full implementation of Docker registry scope (JWT authentication)
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Description
As I'm using GitLab to provide JWT authentication tokens to use as bearer token when using the docker registry API, I want to have a full implementation of the Docker registry scope so that it is possible to use all features of the Docker registry API without getting an insufficient_scope error.
Proposal
Expand the scope configuration currently available in Gitlab. Check out the Docker docs for more information about the allowed scopes in the Docker registry: https://docs.docker.com/registry/spec/auth/scope/#resource-actions
Links / references
Relates to gitlab-ce#26465 and gitlab-ce!13248, which are only requesting the asterisk.
Overview
What is it?
Expansion of the current scope implementation.
Why should someone use this feature?
The Docker registry is only manageable using the API. To allow the usage of all enhances features, you need a more complete implementation of the scope to prevent issues like an insufficient_scope error.
What is the underlying (business) problem?
At the moment, it isn't possible to manage the registry itself because of the missing scopes in GitLab (GitLab will returns a 500 error when trying).
How do you use this feature?
API only
Use cases
Everyone who's using the GitLab JWT authentication in conjunction with Docker registry and wanting to use the more enhanced feature of the Docker registry API.
Feature checklist
-
Feature assurance -
Documentation -
Added to features.yml
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.