Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-7523

Quay 3.12 list referrers V2 API should return 400 bad request when the digest with an invalid syntax

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Minor Minor
    • quay-v3.12.1
    • quay-v3.12.0
    • quay
    • False
    • None
    • False

      Description:

      This is an issue found in Quay 3.12 new feature List Referrers of manifest, as the OCI Spec mentioned when providing digest with an invalid syntax, Quay V2 API should return 400 bad request, the current results is 404 response code is returned, pls review this issue.

      OCI Spec: https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-referrers

      To fetch the list of referrers, perform a GET request to a path in the following format: /v2/<name>/referrers/<digest> end-12a.

      <name> is the namespace of the repository, and <digest> is the digest of the manifest specified in the subject field.

      Assuming a repository is found, this request MUST return a 200 OK response code. If the registry supports the referrers API, the registry MUST NOT return a 404 Not Found to a referrers API requests. If the request is invalid, such as a <digest> with an invalid syntax, a 400 Bad Request MUST be returned.

      Quay: quay-operator-bundle-container-v3.12.0-41

      Quay 3.12 list referrers V2 API  didn't return 400 bad request when the digest with an invalid syntax

      curl --location 'https://quayregistry-quay-quay-enterprise-2791.apps.quaytest-2791.qe.devcluster.openshift.com/v2/quay/listocireferrs/referrers/sha356:ffffffffffffff' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im93Z2kxbXBOdVctem5Ia08tdFdrdmliOU9TNlJ3ZHdTRE1IeUVWNWI3UXMiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJxdWF5IiwiYXVkIjoicXVheXJlZ2lzdHJ5LXF1YXktcXVheS1lbnRlcnByaXNlLTI3OTEuYXBwcy5xdWF5dGVzdC0yNzkxLnFlLmRldmNsdXN0ZXIub3BlbnNoaWZ0LmNvbSIsIm5iZiI6MTcyMTM3MzQyMiwiaWF0IjoxNzIxMzczNDIyLCJleHAiOjE3MjEzNzcwMjIsInN1YiI6InF1YXkiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InF1YXkvbGlzdG9jaXJlZmVycnMiLCJhY3Rpb25zIjpbInB1c2giLCJwdWxsIl19XSwiY29udGV4dCI6eyJ2ZXJzaW9uIjoyLCJlbnRpdHlfa2luZCI6InVzZXIiLCJlbnRpdHlfcmVmZXJlbmNlIjoiM2YzNGQ3ZjAtMWE1NS00ZWFmLWJjOWUtMjI0ZDdhMGM4NTIwIiwia2luZCI6InVzZXIiLCJ1c2VyIjoicXVheSIsImNvbS5hcG9zdGlsbGUucm9vdHMiOnsicXVheS9saXN0b2NpcmVmZXJycyI6IiRkaXNhYmxlZCJ9LCJjb20uYXBvc3RpbGxlLnJvb3QiOiIkZGlzYWJsZWQifX0.0kBapD7GGY7OuIXUR2DmiFs2MGykr6glPwkV3TdnBfxsEk1Pa8fiB85xkGw2jz7uIRyMWxe4UjfrM-FauH76Ub1BiaZIyPs9GN9em5dZ7fO0Tjqat3sRI9CB59vj65mM8JJxRTaiBXbXt9nnZW1iSoyvCeTeTdqMffIBG2icT0uwnnchuVrQo2piKtHtQ9Sp57_sZyMf6hMZ48nv4vhF392eoJyMtCV2Mu5z8g5-OPw3Ajzn3rjaAOSqdjHK576cMhNhlUUffRbAlCqevp_93BZi58-zdDS0_Vq7ydQitBIDdbl8n35Qkcb5RBSuCqsbaGVIL7Okj_c-K9qZc85Qcw' \
--header 'Cookie: 6ed0fc73fc583d730f6154e5c15a025d=eff6664348ca739abbd79edce9045b1d' -k -v | jq

0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0< HTTP/1.1 404 NOT FOUND
< server: nginx/1.22.1
< date: Fri, 19 Jul 2024 08:10:32 GMT
< content-type: application/json
< content-length: 82
< 
{ [82 bytes data]
100    82  100    82    0     0    100      0 --:--:-- --:--:-- --:--:--   100
* Connection #0 to host quayregistry-quay-quay-enterprise-2791.apps.quaytest-2791.qe.devcluster.openshift.com left intact
{
  "errors": [
    {
      "code": "MANIFEST_UNKNOWN",
      "detail": {},
      "message": "manifest unknown"
    }
  ]
}

        1. image-2024-07-19-16-11-38-818.png
          328 kB
          luffy zhang
        2. image-2024-08-15-16-05-14-498.png
          253 kB
          luffy zhang

              sleesinc Kenny Lee Sin Cheong
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: