proxy: Misleading warning for missing HTTP secret

Description

We run registry in proxy mode (see https://distribution.github.io/distribution/recipes/mirror/).

On start up, we see the following warning log:

time="2024-03-15T15:39:38.255401096Z" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple registries are behind a load-balancer. To provide a shared secret, fill in http.secret in the configuration file or set the REGISTRY_HTTP_SECRET environment variable." go.version=go1.21.5 instance.id=08abe529-a532-48ba-93eb-b9999d29b107 service=registry version=3.0.0-alpha.1

When I look deeper, I see that the corresponding field

distribution/configuration/configuration.go

Line 81 in 0742b56

Secret string `yaml:"secret,omitempty"`

is only used in blobupload.go (

distribution/registry/handlers/blobupload.go

Line 273 in d0f5aa6

    
           state, err := hmacKey(ctx.Config.HTTP.Secret).unpackUploadState(r.FormValue("_state"))

and

distribution/registry/handlers/blobupload.go

Line 332 in d0f5aa6

token, err := hmacKey(buh.Config.HTTP.Secret).packUploadState(buh.State)

).

I think in proxy mode the blobUploadHandleris not used - you cannot upload content to a registry in proxy mode.

If the maintainers confirm that this is the case indeed, I suggest to do NOT execute

distribution/registry/handlers/app.go

Line 158 in 2f98b77

app.configureSecret(config)

if we are in in proxy mode.

@milosgajdos WDYT?