-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
quay-v3.16.1
-
None
-
Quality / Stability / Reliability
-
False
-
-
False
-
-
Description:
According to https://github.com/quay/quay/pull/4796,
- Admin
scope for proxy cache orgs
should be blocked in this kind orgs.
But from UI, we can see the repo and tag can still editable
#podman push from cli is blocked with is correct #not exist podman push localhost:8080/proxycacheorg/repo1:busybox --tls-verify=false Getting image source signatures Copying blob sha256:b24b2272e25f702b65c501d8edfd10d2fd306defe50a83f726e4843fe2ada486 Copying blob sha256:c632c18da752b68a8b703d8d09b07216198275c8fdeba1058aae60cb111e4d6e Error: writing blob: initiating layer upload to /v2/proxycacheorg/repo1/blobs/uploads/ in localhost:8080: unauthorized: access to the requested resource is not authorized #exist % podman push localhost:8080/proxycacheorg/quay-qetest/oraclelinux --tls-verify=false Getting image source signatures Copying blob sha256:a68802128a1f62f94a310b4dc3a3a25aa0fecd10bed6eea19416626ddc1e5f79 Copying config sha256:f4a1f2c861ca52c254cdbddcd1a8c8626e3da036f092b0f485480dbb8aee1226 Writing manifest to image destination Error: writing manifest: uploading manifest latest to localhost:8080/proxycacheorg/quay-qetest/oraclelinux: unauthorized: access to the requested resource is not authorized
