Allow anonymous access to Container Images

[ghost]

Current deployment requires an authorized token in order to download container images from gitHub.

From https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility If you have admin permissions to a container image, you can set the access permissions for the container image to private or public. Public images allow anonymous access and can be pulled without authentication or signing in via the CLI.

I am not very familiar with GitHub Container Registry, but from an end-user perspective, there are a few disadvantages with requiring authentication:

• GitHub account needed
• Token needed, extra admin and tokens can expire. IT-complexity increasing
• Risk organizations create tokens with too broad access, meaning exposure other containers as well

If we would productify Matcha-Kontraktet in our environment with auto-update, then we most probably would want to create a specific GitHub user for this. This means an entry in AD.

Hope you understand my reasons for requesting anonymous access.

[osirisguitar]

When the project was created, the repos were private. Now they (as planned) have been made public. I see no reason not to allow anonymous access to the images.

[osirisguitar]

In fact - aren't they already public since the repo was made public? @Vincent-Nikkelen-mkb

[anderslarsson]

I can access the images without being logged in. Does that mean we could remove the docker login from the deployment.sh?

[osirisguitar]

Yes, we could and should.

[ghost]

Hi, I tried to remove the login from deployment.sh before and it didn't work. A little search resulted in many rants on the internet that there is a bug in GitHub that disallows this. Seems to be the case since 2019.

Note, I tried this a couple of days before. Can try again if you want me to and provide the more specific error.

[osirisguitar]

We're working on a parallel approach with Docker Hub.