secrets.htpassword - htpasswd: invalid entry at line 1: "./htpasswd"
cmoulliard opened this issue · 3 comments
cmoulliard commented
Issue
When I create a htpasswd and next pass it to the helm chart
htpasswd -Bbc htpasswd cmoulliard dabou
cat <<EOF > registry-values.yaml
service:
type: NodePort
nodePort: 31000
secrets:
htpasswd: ./htpasswd
persistence:
size: 10Gi
EOF
kc create ns default
helm install registry twuni/docker-registry -n default --values registry-values.yaml
the log of the pod reports this error when it is called docker login 95.217.159.244:31000 -u cmoulliard -p dabou
time="2021-03-05T17:58:57.643883309Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.11.2 http.request.host="95.217.159.244:31000" http.request.id=b36c3cb6-0b4d-4426-8464-ed3490c90a60 http.request.method=GET http.request.remoteaddr="10.244.0.1:50599" http.request.uri="/v2/" http.request.useragent="docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \(linux\))"
10.244.0.1 - - [05/Mar/2021:17:58:57 +0000] "GET /v2/ HTTP/1.1" 400 0 "" "docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \\(linux\\))"
time="2021-03-05T17:58:57.648234035Z" level=error msg="error checking authorization: htpasswd: invalid entry at line 1: "./htpasswd"" go.version=go1.11.2 http.request.host="95.217.159.244:31000" http.request.id=2446f99d-f6b1-4953-8213-363f96465735 http.request.method=GET http.request.remoteaddr="10.244.0.1:51685" http.request.uri="/v2/" http.request.useragent="docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \(linux\))"
canterberry commented
Ah, I see what is happening.
The value of \`secrets.htpasswd\` should be the \*\*contents\*\* of the htpasswd file (vs a path to a file on the host).
\-------- Original Message --------
On Mar 5, 2021, 10:05, Charles Moulliard < ***@***.***> wrote:
## Issue ##
When I create a htpasswd and next pass it to the helm chart
```
htpasswd -Bbc htpasswd cmoulliard dabou
cat <<EOF > registry-values.yaml
service:
type: NodePort
nodePort: 31000
secrets:
htpasswd: ./htpasswd
persistence:
size: 10Gi
EOF
kc create ns default
helm install registry twuni/docker-registry -n default --values registry-values.yaml
```
the log of the pod reports this error when it is called `docker login 95.217.159.244:31000 -u cmoulliard -p dabou`
```
time="2021-03-05T17:58:57.643883309Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.11.2 http.request.host="95.217.159.244:31000" http.request.id=b36c3cb6-0b4d-4426-8464-ed3490c90a60 http.request.method=GET http.request.remoteaddr="10.244.0.1:50599" http.request.uri="/v2/" http.request.useragent="docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \(linux\))"
10.244.0.1 - - [05/Mar/2021:17:58:57 +0000] "GET /v2/ HTTP/1.1" 400 0 "" "docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \\(linux\\))"
time="2021-03-05T17:58:57.648234035Z" level=error msg="error checking authorization: htpasswd: invalid entry at line 1: "./htpasswd"" go.version=go1.11.2 http.request.host="95.217.159.244:31000" http.request.id=2446f99d-f6b1-4953-8213-363f96465735 http.request.method=GET http.request.remoteaddr="10.244.0.1:51685" http.request.uri="/v2/" http.request.useragent="docker/20.10.5 go/go1.13.15 git-commit/363e9a8 kernel/3.10.0-1160.15.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.5 \(linux\))"
```
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, [view it on GitHub][], or [unsubscribe][].![AA65WIX7UY3NJRZ3JO4KCB3TCEMONA5CNFSM4YVUZOZ2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4MISUVGQ.gif][]
[view it on GitHub]: #13
[unsubscribe]: https://github.com/notifications/unsubscribe-auth/AA65WIX3CJCNMMABNUOEIE3TCEMONANCNFSM4YVUZOZQ
[AA65WIX7UY3NJRZ3JO4KCB3TCEMONA5CNFSM4YVUZOZ2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4MISUVGQ.gif]: https://github.com/notifications/beacon/AA65WIX7UY3NJRZ3JO4KCB3TCEMONA5CNFSM4YVUZOZ2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4MISUVGQ.gif
canterberry commented
@cmoulliard To elaborate on the above:
If you change your script as follows, it should address your issue:
cat <<EOF > registry-values.yaml
service:
type: NodePort
nodePort: 31000
secrets:
htpasswd: |
$(htpasswd -nbB cmoulliard dabou | xargs)
persistence:
size: 10Gi
EOF
kc create ns default
helm install registry twuni/docker-registry -n default --values registry-values.yaml
This repo's README is ambiguous on what secrets.htpasswd does and what kind of value it expects. It might be better for that to be documented as:
secrets.htpasswd- The contents of an htpasswd file to use for authenticating requests to the registry.
cmoulliard commented
This repo's README is ambiguous on what
secrets.htpasswddoes and what kind of value it expects. It might be better for that to be documented as:
Can you then improve the documentation = README please ?