carvel-dev/imgpkg

imgpkg Registry API does not honor secret provided via keychain

rashedkvm opened this issue · 0 comments

What steps did you take:

I have upgraded imgpkg to the latest version (v0.35.0) in my application. After the upgrade unit test for pulling images from an authenticated registry is failing with HTTP status 401.

What happened:

HTTP GET request by imgpkg is missing Authorization from the request header when registry auth data is provided via keychain.

What did you expect:

I expect imgpkg registry API to use the user-provided keychain for authentication.

Anything else you would like to add:

I believe the bug is in this line of code where imgpkg is using its default keychain for authentication.

resolvedAuth, err := r.keychain.Resolve(ref.Context())

Environment:

  • imgpkg version (use imgpkg --version): v0.35.0
  • Docker registry used (e.g. Docker HUB): Harbor, GCR, Docker Hub
  • OS (e.g. from /etc/os-release):

Vote on this request

This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.

👍 "I would like to see this addressed as soon as possible"
👎 "There are other more important things to focus on right now"

We are also happy to receive and review Pull Requests if you want to help working on this issue.