Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-20634

Docker allows overwriting same image with no delete/overwrite permissions

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: 6.11.3
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Sprint:
      R&D Investigation

      Description

      Currently, if you deploy an image with a user, then try to push the image again (to overwrite it) with no delete/overwrite permissions, the docker client returns a successful message. If you try to overwrite the image/tag with a different image, then there will be an error.

      Steps to reproduce:

      1. Set permissions for user to Read, Annotate, Deploy
      2. Tag (docker tag busybox mill.jfrog.info:12019/docker-local/busybox) and push docker image to Artifactory for the first time with a version tag (say v0.3) – Works fine
      3. Set permissions for user to Read, Annotate, Deploy, Delete/Overwrite
      4. Push the same image/version again – Works as well (as expected)
      5. Revoke the Delete/Overwrite permissions
      6. Push the same image/version again – Still able to push the image! This is not expected.
      7. Try to tag a different image (docker tag hello-world mill.jfrog.info:12019/docker-local/busybox) and push. See the docker client has an error this time

      The docker client should provide an error when trying to overwrite an image if delete/overwrite permissions is not granted

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mattheww Matthew Wang
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: