I've configured a secure authorization token service, but I found it that was needed to add a space in the service value.

working config:

auth:
  token:
    realm: {{AUTH_URL}}
    service: nmx registry
    issuer: nmx_registry
    rootcertbundle: /usr/registry/certs/registry-auth.crt

Note that the value nmx registry needed a space. The previous value nmx_registry produced this error on bow Update:

[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] Building parents tree for [ registry ]                                                            [0/1897]
[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] DB: GET BUCKET: open bucket for READ  [ registry->catalog ]
[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] DB: GET BUCKET: Done
[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] DB: CREATE BUCKET: open bucket for WRITE [ registry->_namesgraph ]
[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] DB: CREATE BUCKET: creating bucket [ _namesgraph ]
[ Fri, 18 Aug 2017 02:17:47 UTC ][ L1 ] MakeQuery: Code [401] : Bearer auth. Trying to get auth token.
panic: runtime error: slice bounds out of range

goroutine 18 [running]:
panic(0x800b60, 0xc82000a050)
        /usr/lib/go-1.6/src/runtime/panic.go:481 +0x3e6
qurl.getbearertoken(0xc820310080, 0x71, 0xc82000b660, 0x6, 0xc82000b638, 0x8, 0x1, 0x0, 0x0, 0xc820050900)
        /app/src/qurl/qurl.go:73 +0xa36
qurl.MakeQuery(0x8cb930, 0x15, 0x8823f8, 0x3, 0xc820013560, 0xc820013590, 0x7551c0, 0xc8203e80c0, 0xc8203e8060, 0x0)
        /app/src/qurl/qurl.go:118 +0xa17
checker.checkRepos(0xc82011a000)
        /app/src/checker/repository.go:17 +0x191
created by checker.DaemonManager
        /app/src/checker/checker.go:23 +0x395

qurl.go:73 is slicing a string on the Index of space that I didn't have. Knowing next to nothing about JWT, I can't be sure what an appropriate service value looks like.

My auth service works when a space is added, so I'm not blocked at all by this; just thought it was curious.

conf/conf.go:29: os.Mkdir(Env["dbpath"], 0600) should be os.Mkdir(Env["dbpath"], 0700)
When running as non-root user with permissions to create the directory, then bow fails to create the db file in the directory.

Recently, I had deleted all of the tags out of some given repository that I had set up for a test. The repository still shows up when calling /v2/_catalog. If you were to call /v2/REPONAME/tags/list, you'd get a 404 because there are no tags for this repo.

This 404 causes the checker daemon to stop working. It'll read the tags in each repo until it gets to the empty one. In my case, I removed the repository and the checker was able to continue, but the checker shouldn't choke on a 404 like that. It should be expected that some repos are empty.

запускаю скрипт ~/scripts/docker/Bowship/0run.sh

docker pull evedel/bow;
docker rm -vf Bowship;
docker run -d
--name=Bowship
-e BS_LOG_SILENT=yes
-v /home/root/db/bow:/var/lib/bow
-p 5001:19808
evedel/bow;

контейнер сразу крашится
docker logs --tail=100 Bowship выдаёт вот это

[ Tue, 04 Oct 2016 04:53:19 UTC ][ L2 ] Server listening at [:19808]
[ Tue, 04 Oct 2016 04:53:19 UTC ][ L2 ] DaemonManager: Sleep time is : 300 seconds
panic: interface conversion: interface is nil, not []interface {}

goroutine 7 [running]:
panic(0x8012a0, 0xc820048e00)
/usr/lib/go-1.6/src/runtime/panic.go:481 +0x3e6
checker.CheckTags()
/app/src/checker/checker.go:96 +0x667
created by checker.DaemonManager
/app/src/checker/checker.go:21 +0x1a4

подскажи куда копать?

Our registry has 500 or more images, and a couple of features seem to fall apart at that scale.

The left-side repo list appears to top out at 100 images. It'd be neat if there was a namespace level instead of one list of everything.

To illustrate, and hoping that formatting works, it'd go from:

registry     namespace/app1    {tags}
             namespace/app2

to:

registry     namespace    app1    {tags}
                          app2

Likewise with the Graph, it looks to print everything (well, 100) and in no particular order. It'd be great if the left-hand drill-down worked for the graphs view; limiting drawn hierarchies to those include the selected image or tag if one if chosen.

bow is looking good. Keep it up!

Hi,

alpine-latest image configured with my local registry (with 1 image pushed) looks like this:

I'm using Firefox Nightly, and Developer tools shows this:

My css-fu is weak, it can't grok 90% vs 4.05px result :)

Hey, first of all, thank you for writing this! The supply of bearer-auth supporting registry UIs is pretty lacking...

Okay, so I use the docker-auth project to handle token generation for me and the password for one of my users happens to have a "%" symbol in it. I found that I get an error when fetching things from this registry using the supplied password.

In this example my username/ password was testuser examplepassword!%#$#$%

Seems like usernames and passwords might just need to be URL encoded before sending the request. Alternatively, an even better solution would be to base64 encode the <username>:<password> and throw it into a header like so:

Authorization: Basic <base 64 encoded username password string>

[ Tue, 14 Feb 2017 22:05:40 UTC ][ L1 ] CheckManifests Daemon: started work
[ Tue, 14 Feb 2017 22:05:40 UTC ][ L3 ] parse https://testuser:examplepassword!%: invalid URL escape "%"
[ Tue, 14 Feb 2017 22:05:40 UTC ][ L3 ] CheckRepos Daemon: cannot recieve response from registry, stopping work

Hi,

I am getting a panic when the repository is first indexed:

panic: interface conversion: interface is nil, not []interface {}

goroutine 21 [running]:
panic(0x8041e0, 0xc820302100)
/usr/lib/go-1.6/src/runtime/panic.go:481 +0x3e6
checker.checkParents(0xc82011e150)
/app/src/checker/parents.go:37 +0x1a05
created by checker.DaemonManager
/app/src/checker/checker.go:26 +0x4d0
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] DB: INIT: Start
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] DB: INIT: DB Upgrade: Version: 2
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] DB: INIT: DB Upgrade: Actual version
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] DB: INIT: Done
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] Server listening at [:19808]
[ Fri, 03 Feb 2017 19:23:15 UTC ][ L2 ] DaemonManager: Sleep time is : 300 seconds
panic: interface conversion: interface is nil, not []interface {}

goroutine 21 [running]:
panic(0x8041e0, 0xc820281f80)
/usr/lib/go-1.6/src/runtime/panic.go:481 +0x3e6
checker.checkParents(0xc82011e150)
/app/src/checker/parents.go:37 +0x1a05
created by checker.DaemonManager
/app/src/checker/checker.go:26 +0x4d0

I tried restarting the docker registry and ran a registry garbage-collect.

Thank you for the great work (the bearer token is really a great feature) !

I'm getting this error in my Bow container logs:
[ Wed, 06 Feb 2019 12:04:40 UTC ][ L2 ] DaemonManager: Started all checkers manually [ Wed, 06 Feb 2019 12:04:41 UTC ][ L3 ] MakeQuery: Code [401] : Unauthorized response is returned (credentials problem, check user/pass pair) [ Wed, 06 Feb 2019 12:04:41 UTC ][ L3 ] CheckRepos Daemon: cannot recieve response from registry, stopping work

Config: