Docker registry with native basic auth not working #106
Description
Hi guys
I have been trying to get docker registry with native basic authentication working with the new image tag (2.7.1) without success.
Doc -> https://docs.docker.com/registry/deploying/#native-basic-auth
Specifically when I execute this command:
$ docker run --entrypoint htpasswd registry:2 -Bbn testuser testpassword > auth/htpasswd
This is the error I get:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"htpasswd\": executable file not found in $PATH": unknown. ERRO[0001] error waiting for container: context canceled
Investigating a little further, seems that the "htpasswd" was removed in the image tag 2.7.1.
$ docker run -it --rm registry:2.7.1 find / -name "htpasswd"
Although, looking in the previous version (tag 2.6.2) the file is there:
$ docker run -it --rm registry:2.6.2 find / -name "htpasswd" /usr/bin/htpasswd
And the initial command works was expected was well:
$ docker run --entrypoint htpasswd registry:2.6.2 -Bbn testuser testpassword testuser:$2y$05$KiRgtd4w8zO7ucC7LX8zguW58DBlm8E0yZ5gI64NXypIVtsosNvMu
Activity
avelytchko commentedon Jun 22, 2020
As I can see it has been removed from container in this commit due to CVE-2020-1927 and CVE-2020-1934.
edsantiago commentedon Jun 22, 2020
This is a regression, and is inconsistent with published documentation. It breaks CI processes which rely on the
--entrypoint htpasswd
behavior (still) documented indocs.docker.com
. If that is to be deprecated, it would be courteous to (1) indicate so in the documentation, and (2) offer a grace period. Please consider both.chanseokoh commentedon Jun 22, 2020
We are affected. We'd like to see a resolution (whatever it is) and correct docs. Also a migration path if
htpasswd
is going to be permanent removed.anonymouse64 commentedon Jun 22, 2020
If the decision is to not support htpasswd in the container, then there needs to be a docs change on the website: https://docs.docker.com/registry/deploying/#native-basic-auth
dejo1307 commentedon Jun 28, 2020
This broke lot of everyone's automation, and it is a problem fixing it without at least docs being updated since no one is 100% sure what is going to be fix.
Use registry:2.7.0 instead of registry:2
Update git submodules
Use registry:2.7.0 instead of registry:2
Use registry:2.7.0 instead of registry:2
buildah test helper: run registry:2.6, not :2
5 remaining items