Comments (10)
hashmap
commented on June 12, 2024
In fact Klar was built to work with a private registry. Klar mimics docker images behaviour, so Docker registry is used only for "short" names, you can specify the full name like docker-registry.domain.com/skynetservices/skydns:2.3 see some examples https://github.com/optiopay/klar/blob/master/docker/docker_test.go#L18
from klar.
berendt
commented on June 12, 2024
I tried to scan an image on a private password protected registry:
CLAIR_ADDR=clair DOCKER_USER=xxx DOCKER_PASSWORD=xxx klar registry.xzy/infrastructure/jenkins:1.2.3
This failed with the following error message on Clair:
2017-01-09 07:22:00.123609 W | detectors: could not download layer: got status code 401, expected 2XX
2017-01-09 07:22:00.123708 E | worker: layer sha256:75a822cd7888e394c49828b951061402d31745f596b1f502758570f2d0ee79e2: failed to extract data from https://registry.xzy/v2/infrastructure/jenkins/blobs/sha256:75a822cd7888e394c49828b951061402d31745f596b1f502758570f2d0ee79e2: could not find layer
A manual download of the failed layer with the username/password is working like expected.
from klar.
hashmap
commented on June 12, 2024
Thanks for the report, it seems that registry credentials were not passed to Clair, I'll check it.
from klar.
berendt
commented on June 12, 2024
@hashmap Any news here?
from klar.
supereagle
commented on June 12, 2024
Have checked the code, there is no error to pass the registry credentials. At the same time, have tested several times, not reproduce this error. @hashmap Any clues?
from klar.
hashmap
commented on June 12, 2024
@berendt I assume you have a password-protected web server in front of your private registry, am I right? In this case you need support of HTTP basic auth (for example) in addition to registry auth dance. It looks like valuable feature.
from klar.
berendt
commented on June 12, 2024
@hashmap I am using Nexus OSS as private Docker registry. I am not sure if it requires an additional HTTP authentication. I can directly login to the registry with the docker login command.
from klar.
supereagle
commented on June 12, 2024
Maybe this issue is the same as #12, has been fixed by PR #14
from klar.
supereagle
commented on June 12, 2024
@berendt You can have a try on the latest release v1.2.1. If this error still exists, please report to us. Thanks.
from klar.
hashmap
commented on June 12, 2024
@berendt I'm closing this issue, feel free to reopen it if problem still exists
from klar.
Related Issues (20)
- Allow for comments in whitelist file HOT 1
- bug: Basic Auth Header should be Case-Insensitive => Nexus 3 Registry does not work with klar HOT 1
- Do you consider add builded image to hub.docker.com? HOT 1
- Can't pull image: Token request returned 400
- Unable to install klar from the source code using the go get command.
- Change whitelist and blacklist terms HOT 6
- Can't pull fsLayers "authentication required" HOT 2
- go get fails HOT 10
- [Help Needed]How to fetch layer information from klar reponse.
- Repo seems abandoned, is it? HOT 2
- Is Klar getting a release to support clair 4.0.4?
- Klar not able to connect to clair server
- support oci images
- Klar giving empty json o/p intermittently
- Feature: Show all vulnerabilities regardless of CLAIR_OUTPUT value with only selected level and higher are count towards the CLAIR_THRESHOLD
- Klar can not be connectred with clair deployed on openshift
- Klar(2.4.0) does not white list specific images HOT 1
- Feature: Klar check whitelisted CVEs and notify on CVE changed Vector (Score)
- Feature: Klar should be able to scan OCI images
- [BUG] Klar always scans amd64 architecture image although DOCKER_PLATFORM_ARCH=arm64 for multi architecture images
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from klar.