docker-compose registry setup breaks when a proxy is defined

Description

I'm setting up portus for my team wiuthin our company network. To get out of said network, we need a HTTP proxy. Because most docker builds require a proxy for installing external assets, e.g. installing RPMs from official repos, I use ~/.docker/config.json to define a proxy and proxy exclusions. This was picked up by portus when trying to configure the initial registry causing confusing errors such as "Error: registry does not implement v2 of the API" while clearly using a v2 registry image.

Steps to reproduce

Be in a network that uses a HTTP proxy
Use portus in a docker-compose setup
Ensure that HTTP requests to the registry container will go via the proxy (can be on a per container basis or using ~/.docker/config.json
Attempt to configure your registry without much success

I often find myself dealing with the proxy doing unexpected things, so I'm semi-used to it being a point of pain. That said, it would be nice to have some kind of toggle to use the configured proxy or not for contacting the registry. Jenkins starts off with no proxy (maybe that's a systemd thing) and allows you to configure one if needed if you'd like to follow that model. If there's no need for using a proxy in Portus ever, then I'm happy to be told to unconfigure my proxy and be on my way.

Expected behavior: Proactively expect proxy to punish you in new and unexpected ways.
Actual behavior: Spend many hours wondering why something is failing. Spend more time than you'd like to admit trying to figure out the OS of the image to find the package manager., including realising uname -a reports the host OS after wondering where apt went. Install nslookup to try to blame DNS. Install nmap to cast blame on lack of open ports. Finally install curl and realise your foolishness.

Relevant error message comes from here: https://github.com/SUSE/Portus/blob/c00c7c39d155018a47beded115b98601b20843ff/app/models/registry.rb#L132 Not much in the way of logs to help debug this further - you just have to intuit that a proxy is your problem.

Deployment information

Deployment method: docker-compose:

version: '3'
services:
  nginx:
    image: nginx:1.17-alpine
    restart: always
    ports:
      - 0.0.0.0:443:443
    volumes:
      - ./volumes/nginx/nginx.conf:/etc/nginx/nginx.conf
      - ./volumes/certs:/certs:ro

  registry:
    image: registry:2.7
    expose:
      - 5000
    volumes:
      - registry:/var/lib/registry/
      - ./volumes/certs:/certs:ro
      - ./volumes/registry/config.yml:/etc/docker/registry/config.yml:ro
    restart: always

  portus:
    image: opensuse/portus:2.4.3
    expose:
      - 3000
    volumes:
      - ./volumes/portus/config-local.yml:/config/config-local.yaml
      - ./volumes/certs:/certs:ro
    restart: always
    environment:
      - CCONFIG_PREFIX=PORTUS
      - PORTUS_MACHINE_FQDN_VALUE=example.com
      - PORTUS_CHECK_SSL_USAGE_ENABLED=false

      # secrets
      - PORTUS_SECRET_KEY_BASE=secret
      - PORTUS_KEY_PATH=/certs/auth.internal.key
      - PORTUS_PASSWORD=secret

      # database config
      - PORTUS_DB_HOST=db
      - PORTUS_DB_DATABASE=portus
      - PORTUS_DB_PASSWORD=secret
      - PORTUS_DB_POOL=5

      # make rails serve assets rather than using webpack
      - RAILS_SERVE_STATIC_FILES=true

      # ldap config
      - PORTUS_LDAP_ENABLED=true
      - PORTUS_LDAP_HOSTNAME=ldap.example.com
      - PORTUS_LDAP_PORT=636
      - PORTUS_LDAP_UID=uid
      - PORTUS_LDAP_BASE=o=example.com
      - PORTUS_LDAP_GROUP_BASE=ou=Groups
      - PORTUS_LDAP_ENCRYPTION_METHOD=simple_tls
      - PORTUS_LDAP_ENCRYPTION_OPTIONS_CA_FILE=/certs/ca.crt
      - PORTUS_LDAP_ENCRYPTION_OPTIONS_SSL_VERSION=TLSv1_2
      - PORTUS_LDAP_GUESS_EMAIL_ENABLED=true
      - PORTUS_LDAP_GUESS_EMAIL_ATTR=mail

      # allow anonymous browsing
      - PORTUS_ANONYMOUS_BROWSING_ENABLED=true

  db:
    image: mariadb:10.5.4
    expose:
      - 3306
    volumes:
      - database:/var/lib/mysql
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=secret
      - MYSQL_DATABASE=portus

volumes:
  database:
  registry:

Configuration:

email:
  from: portus@example.com
  name: Portus
  reply_to: ''
  smtp:
    enabled: false
    address: smtp.example.com
    port: 587
    domain: example.com
    ssl_tls: ''
    enable_starttls_auto: false
    openssl_verify_mode: none
    ca_path: ''
    ca_file: ''
    user_name: ''
    password: "****"
    authentication: login
gravatar:
  enabled: true
delete:
  enabled: true
  contributors: false
  garbage_collector:
    enabled: false
    older_than: 30
    tag: ''
ldap:
  enabled: true
  hostname: <redacted>
  port: 636
  timeout: 5
  encryption:
    method: simple_tls
    options:
      ca_file: "/certs/ca.crt"
      ssl_version: TLSv1_2
  base: o=hp.com
  filter: ''
  uid: uid
  authentication:
    enabled: false
    bind_dn: ''
    password: "****"
  guess_email:
    enabled: true
    attr: mail
oauth:
  local_login:
    enabled: true
  google_oauth2:
    enabled: false
    id: ''
    secret: ''
    domain: ''
    options:
      hd: ''
  open_id:
    enabled: false
    identifier: ''
    domain: ''
  github:
    enabled: false
    client_id: ''
    client_secret: ''
    organization: ''
    team: ''
    domain: ''
  gitlab:
    enabled: false
    application_id: ''
    secret: ''
    group: ''
    domain: ''
    server: ''
  bitbucket:
    enabled: false
    key: ''
    secret: ''
    domain: ''
    options:
      team: ''
first_user_admin:
  enabled: true
signup:
  enabled: true
check_ssl_usage:
  enabled: false
registry:
  jwt_expiration_time:
    value: 15
  catalog_page:
    value: 100
  timeout:
    value: 2
  read_timeout:
    value: 120
machine_fqdn:
  value: <redacted>
display_name:
  enabled: false
user_permission:
  change_visibility:
    enabled: true
  create_team:
    enabled: true
  manage_team:
    enabled: true
  create_namespace:
    enabled: true
  manage_namespace:
    enabled: true
  create_webhook:
    enabled: true
  manage_webhook:
    enabled: true
  push_images:
    policy: allow-teams
security:
  clair:
    server: ''
    health_port: 6061
    timeout: 900
  zypper:
    server: ''
  dummy:
    server: ''
anonymous_browsing:
  enabled: true
background:
  registry:
    enabled: true
  sync:
    enabled: true
    strategy: initial
pagination:
  limit: 10
  per_page: 10
  before_after: 2

Portus version: 2.4.3@5a616c0ef860567df5700708256f42505cdb9952

SUSE / Portus