search

home-assistant / supervisor

:house_with_garden: Home Assistant Supervisor
https://home-assistant.io/hassio/
Apache License 2.0
1.74k stars 637 forks source link

Unable to save private container registries settings including port number #5119

Closed pikatenor closed 2 months ago

pikatenor commented 4 months ago

Describe the issue you are experiencing

I am using a self-hosted private docker registry with authority that includes the port number and the image tag is like this: registry.example.com:5000/image-name

However, when I register the credentials for this registry to Supervisor, the API returns success, but the result is not actually saved.

~ # curl -v -XPOST \
-H "Authorization: Bearer $SUPERVISOR_TOKEN" \
-H 'Content-type: application/json' \
-d '{"registry.example.com:5000": {"username": "me", "password": "supersecret"}}' \
http://172.30.32.2/docker/registries

Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 172.30.32.2:80...
* Connected to 172.30.32.2 (172.30.32.2) port 80
> POST /docker/registries HTTP/1.1
> Host: 172.30.32.2
> User-Agent: curl/8.7.1
> Accept: */*
> Authorization: Bearer XXX
> Content-type: application/json
> Content-Length: 76
> 
* upload completely sent off: 76 bytes
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Content-Length: 25
< Date: Tue, 04 Jun 2024 15:59:50 GMT
< Server: Python/3.12 aiohttp/3.9.5
< 
* Connection #0 to host 172.30.32.2 left intact
{"result":"ok","data":{}}

~ # curl -v -XGET -H "Authorization: Bearer $SUPERVISOR_TOKEN" http://172.30.32.2/docker/registries

Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying 172.30.32.2:80...
* Connected to 172.30.32.2 (172.30.32.2) port 80
> GET /docker/registries HTTP/1.1
> Host: 172.30.32.2
> User-Agent: curl/8.7.1
> Accept: */*
> Authorization: Bearer XXX
> 
* Request completely sent off
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Content-Length: 40
< Date: Tue, 04 Jun 2024 15:59:57 GMT
< Server: Python/3.12 aiohttp/3.9.5
< 
* Connection #0 to host 172.30.32.2 left intact
{"result":"ok","data":{"registries":{}}}

Also, if I edit docker.json directly, Supervisor cannot read it.

~ # docker exec -it hassio_supervisor /bin/bash -c 'cat /data/docker.json'
{
  "registries": {
    "registry.example.com:5000": {
      "username": "me",
      "password": "supersecret"
    }
  }

~ # curl -v -XGET -H "Authorization: Bearer $SUPERVISOR_TOKEN" http://172.30.32.2/docker/registries
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying 172.30.32.2:80...
* Connected to 172.30.32.2 (172.30.32.2) port 80
> GET /docker/registries HTTP/1.1
> Host: 172.30.32.2
> User-Agent: curl/8.7.1
> Accept: */*
> Authorization: Bearer XXX
> 
* Request completely sent off
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Content-Length: 40
< Date: Tue, 04 Jun 2024 16:06:07 GMT
< Server: Python/3.12 aiohttp/3.9.5
< 
* Connection #0 to host 172.30.32.2 left intact
{"result":"ok","data":{"registries":{}}}

What type of installation are you running?

Home Assistant OS

Which operating system are you running on?

Home Assistant Operating System

Steps to reproduce the issue

Using REST API:

  1. Call POST /docker/registries with this json: {"registry.example.com:5000": {"username": "me", "password": "supersecret"}}

Using dashboard (Websocket API):

  1. (Advanced mode enabled)
  2. Go to add-on store
  3. Press 3-dot menu -> "Registry"
  4. "Add new registry" with
    • Registry: registry.example.com:5000
    • Username: whatever
    • Password: whatever
screenshot 2024-06-05 1 19 08

Anything in the Supervisor logs that might be useful for us?

When I try to save the configuration or edit docker.json and restart Supervisor, I get the following logs:

2024-06-05 00:53:23.423 CRITICAL (MainThread) [supervisor.utils.common] Can't parse data: does not match regular expression ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ @ data['registries']['registry.example.com:5000']. Got {'username': 'me', 'password': 'supersecret'}
2024-06-05 00:53:23.428 WARNING (MainThread) [supervisor.utils.common] Resetting /data/docker.json to last version

System Health information

System Information

version core-2024.5.5
installation_type Home Assistant OS
dev false
hassio true
docker true
user root
virtualenv false
python_version 3.12.2
os_name Linux
os_version 6.6.28-haos-raspi
arch aarch64
timezone Asia/Tokyo
config_dir /config
Home Assistant Cloud logged_in | false -- | -- can_reach_cert_server | ok can_reach_cloud_auth | ok can_reach_cloud | ok
Home Assistant Supervisor host_os | Home Assistant OS 12.3 -- | -- update_channel | stable supervisor_version | supervisor-2024.05.1 agent_version | 1.6.0 docker_version | 25.0.5 disk_total | 116.8 GB disk_used | 4.0 GB healthy | true supported | true board | rpi4-64 supervisor_api | ok version_api | ok installed_addons | Advanced SSH & Web Terminal (18.0.0), NGINX Home Assistant SSL proxy (3.9.0)
Dashboards dashboards | 2 -- | -- resources | 0 views | 0 mode | storage
Recorder oldest_recorder_run | June 2, 2024 at 4:36 AM -- | -- current_recorder_run | June 4, 2024 at 1:23 PM estimated_db_size | 0.63 MiB database_engine | sqlite database_version | 3.44.2

Supervisor diagnostics

No response

Additional information

I think the value violates this validation rule, and it prevents reloading the config after saving.

https://github.com/home-assistant/supervisor/blob/c4452a85b4cabaabdeb35f548cd4cf3b7c850f66/supervisor/validate.py#L50

https://github.com/home-assistant/supervisor/blob/c4452a85b4cabaabdeb35f548cd4cf3b7c850f66/supervisor/validate.py#L169-L180

I have not been able to identify how the registry location is specified in the OCI specification, but at least the Docker implementation allows the image name with port numbers.

https://docs.docker.com/reference/cli/docker/image/tag/#description

PORT_NUMBER: If a hostname is present, it may optionally be followed by a registry port number in the format :8080.

github-actions[bot] commented 3 months ago

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.