Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with public ECR since 0.2.21 #167

Open
gdlx opened this issue Oct 22, 2024 · 3 comments
Open

Issue with public ECR since 0.2.21 #167

gdlx opened this issue Oct 22, 2024 · 3 comments

Comments

@gdlx
Copy link

gdlx commented Oct 22, 2024

Since upgrading to 0.2.21+, I get the following error when trying to get some tags from a public ECR repo:

from oras.client import OrasClient
client = OrasClient('public.ecr.aws')
client.get_tags('/aws-controllers-k8s/acm-chart')

Your Authorization Token is invalid.
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "[...]/.venv/lib/python3.12/site-packages/oras/decorator.py", line 36, in __call__
    return self.func(cls, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "[...]/.venv/lib/python3.12/site-packages/oras/provider.py", line 356, in get_tags
    self._do_paginated_request(tags_url, callable=extract_tags)
  File "[...]/.venv/lib/python3.12/site-packages/oras/provider.py", line 382, in _do_paginated_request
    self._check_200_response(response)
  File "[...]/.venv/lib/python3.12/site-packages/oras/provider.py", line 651, in _check_200_response
    raise ValueError(f"Issue with {response.request.url}: {response.reason}")
ValueError: Issue with https://public.ecr.aws/v2/aws-controllers-k8s/acm-chart/tags/list: Bad Request

When downgrading to 0.2.2:

from oras.client import OrasClient
client = OrasClient('public.ecr.aws')
client.get_tags('/aws-controllers-k8s/acm-chart')

['0.0.13', '0.0.19', '0.0.20', 'v0.0.6', '0.0.4', '0.0.5', '0.0.11', '0.0.7', 'v0.0.4', '0.0.17', '0.0.16', 'v0.0.3', '0.0.6', 'v0.0.5', 'v0.0.1', '0.0.10', 'v0.0.2', '0.0.2', '0.0.8', '0.0.18', '0.0.3', '0.0.1', '0.0.15', '0.0.12', '0.0.9', '0.0.14']

I think it's caused by 81c4b04.

Using the debugger, I've seen the sent authorization header has the value Bearer None, which isn't accepted by ECR.

With 0.2.2, no authorization header is sent, which is what's expected for an anonymous request.
@tarilabs
Copy link
Contributor

Hi, am I correct to assume there is no entry in ~/.docker/config.json for public.ecr.aws on the environment where this is found?

@gdlx
Copy link
Author

gdlx commented Oct 22, 2024
edited
Loading

There is not and there is no reason to get authenticated on this public repo.

cat ~/.docker/config.json
{
        "auths": {},
        "currentContext": "buildx"
}

@tarilabs
Copy link
Contributor

thanks, this way I have more element to ensure proper reproduction

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gdlx @tarilabs