Nvcrfix #238
Nvcrfix #238
Conversation
imagegw/shifter_imagegw/dockerv2.py
Outdated
| if creds and self.username is not None and self.password is not None: | ||
| if self.username=='$oauthtoken': | ||
| self.private = True | ||
| headers['Authoriation'] = 'Bearer %s' % (self.password) |
There was a problem hiding this comment.
authoriation is probably a typo
There was a problem hiding this comment.
the password is just sent plaintext? not even the base64 encoded to assure special characters don't derail the whole thing?
There was a problem hiding this comment.
yeah it is just a bearer token of some sort. Good catch on the misspelling. I'm confused as to how this worked now. Let me test this again.
There was a problem hiding this comment.
It winds up the typo was part of why it worked. I need to figure out what is going on here.
|
@scanon any news on this PR? Pulling from nvcr doesn't work for us currently. |
|
@uvNikita Sorry. This fell of my radar. Let me push on it again. |
uvNikita
left a comment
uvNikita
left a comment
There was a problem hiding this comment.
I've added changes suggestion that I think fixed the issue for us. If I recall it correctly, the problem was that the scope parameter was not parsed properly.
| auth_data = {} | ||
| auth_data = {'service':'', 'scope':'pull'} | ||
| for item in filter(None, re.split(r'(\w+=".*?"),', auth_data_str)): | ||
| (key, val) = item.split('=', 2) |
There was a problem hiding this comment.
| (key, val) = item.split('=', 2) | |
| (key, val) = item.split('=', 1) |
| auth_data = {'service':'', 'scope':'pull'} | ||
| for item in filter(None, re.split(r'(\w+=".*?"),', auth_data_str)): | ||
| (key, val) = item.split('=', 2) | ||
| auth_data[key] = val.replace('"', '') |
There was a problem hiding this comment.
| auth_data[key] = val.replace('"', '') | |
| auth_data[key] = val.replace('"', '') | |
| if '?scope=' in auth_data['realm']: | |
| auth_data['realm'], auth_data['scope'] = auth_data['realm'].split('?scope=', 1) |
4 participants
Pulls from Nvidia's registry didn't work for a few reasons. This addresses those issues. One thing I had to do was remove the check for application/json because the Nvidia registry sets it to text.