Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Logout automatically after logging in #2634

Open
irus99 opened this issue Sep 6, 2024 · 7 comments
Open

[Bug]: Logout automatically after logging in #2634

irus99 opened this issue Sep 6, 2024 · 7 comments
Labels
awaiting-feedback bug Something isn't working no-issue-activity rm-external Roadmap item submitted by non-maintainers

Comments

@irus99
Copy link

irus99 commented Sep 6, 2024

zot version

v2.1.0

Describe the bug

I log into zot and it logs me out about 10 seconds later.

To reproduce

config.json
{
"distSpecVersion":"1.0.1",
"storage":{
"dedupe": true,
"gc": true,
"gcDelay": "1h",
"gcInterval": "6h",
"rootDirectory":"/data/zot/"
},
"http": {
"address":"x.x.x.x",
"port":"8080",
"realm":"zot",
"auth": {
"htpasswd": {
"path": "/etc/zot/htpasswd"
},
"failDelay": 5
}
},
"log":{
"level":"debug",
"output":"/var/log/zot/zot.log",
"audit":"/var/log/zot/zot-audit.log"
},
"extensions": {
"ui": {
"enable": true
},
"search": {
"enable": true,
"cve": {
"updateInterval": "24h"
}
},
"sync": {
"enable": false,
"registries": [
{
"urls": ["https://mirror.gcr.io/library"],
"onDemand": true,
"maxRetries": 3,
"retryDelay": "5m",
"pollInterval": "6h"
},
{
"urls": ["https://docker.io/library"],
"onDemand": true
}
]
},
"scrub": {
"interval": "24h"
}
}
}

Expected behavior

After I log in I expected to stay logged in not get logged out.

Screenshots

No response

Additional context

Not sure if this would cause it to log me out but this is the error i'm getting in zot.log

[root@localhost zot]# tail -n 50 zot.log
{"level":"error","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:46495->170.52.0.22:53: i/o timeout\n\n","dbDir":"/data/zot/_trivy","dbRepository":"ghcr.io/aquasecurity/trivy-db:2","goroutine":56,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:588","time":"2024-09-06T14:50:35.304592968-04:00","message":"failed to download trivy-db to destination dir"}
{"level":"error","component":"scheduler","worker":4,"task":"{Name: DBUpdateTask}","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:46495->170.52.0.22:53: i/o timeout\n\n","goroutine":56,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:144","time":"2024-09-06T14:50:35.304650847-04:00","message":"failed to execute task"}
{"level":"debug","component":"scheduler","worker":4,"task":"{Name: DBUpdateTask}","goroutine":56,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:155","time":"2024-09-06T14:50:35.30466526-04:00","message":"finished task"}
{"level":"debug","component":"scheduler","worker":5,"task":"{Name: DBUpdateTask}","goroutine":57,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:133","time":"2024-09-06T14:51:39.322760884-04:00","message":"starting task"}
{"level":"info","goroutine":57,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/update.go:101","time":"2024-09-06T14:51:39.322829059-04:00","message":"updating cve-db"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":57,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:578","time":"2024-09-06T14:51:39.322862521-04:00","message":"download Trivy DB to destination dir"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":57,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:582","time":"2024-09-06T14:51:39.322879704-04:00","message":"started downloading trivy-db to destination dir"}
{"level":"error","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:60144->170.52.0.22:53: i/o timeout\n\n","dbDir":"/data/zot/_trivy","dbRepository":"ghcr.io/aquasecurity/trivy-db:2","goroutine":57,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:588","time":"2024-09-06T14:52:09.738897803-04:00","message":"failed to download trivy-db to destination dir"}
{"level":"error","component":"scheduler","worker":5,"task":"{Name: DBUpdateTask}","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:60144->170.52.0.22:53: i/o timeout\n\n","goroutine":57,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:144","time":"2024-09-06T14:52:09.738943309-04:00","message":"failed to execute task"}
{"level":"debug","component":"scheduler","worker":5,"task":"{Name: DBUpdateTask}","goroutine":57,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:155","time":"2024-09-06T14:52:09.738959621-04:00","message":"finished task"}
{"level":"debug","component":"scheduler","worker":6,"task":"{Name: DBUpdateTask}","goroutine":58,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:133","time":"2024-09-06T14:54:17.772193744-04:00","message":"starting task"}
{"level":"info","goroutine":58,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/update.go:101","time":"2024-09-06T14:54:17.772286871-04:00","message":"updating cve-db"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":58,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:578","time":"2024-09-06T14:54:17.772314286-04:00","message":"download Trivy DB to destination dir"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":58,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:582","time":"2024-09-06T14:54:17.772330584-04:00","message":"started downloading trivy-db to destination dir"}
{"level":"error","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:47472->170.52.0.22:53: i/o timeout\n\n","dbDir":"/data/zot/_trivy","dbRepository":"ghcr.io/aquasecurity/trivy-db:2","goroutine":58,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:588","time":"2024-09-06T14:54:48.185236994-04:00","message":"failed to download trivy-db to destination dir"}
{"level":"error","component":"scheduler","worker":6,"task":"{Name: DBUpdateTask}","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:47472->170.52.0.22:53: i/o timeout\n\n","goroutine":58,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:144","time":"2024-09-06T14:54:48.185275748-04:00","message":"failed to execute task"}
{"level":"debug","component":"scheduler","worker":6,"task":"{Name: DBUpdateTask}","goroutine":58,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:155","time":"2024-09-06T14:54:48.185288089-04:00","message":"finished task"}
{"level":"debug","component":"scheduler","worker":7,"task":"{Name: DBUpdateTask}","goroutine":59,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:133","time":"2024-09-06T14:59:04.222314472-04:00","message":"starting task"}
{"level":"info","goroutine":59,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/update.go:101","time":"2024-09-06T14:59:04.222385742-04:00","message":"updating cve-db"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":59,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:578","time":"2024-09-06T14:59:04.222424489-04:00","message":"download Trivy DB to destination dir"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":59,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:582","time":"2024-09-06T14:59:04.222440902-04:00","message":"started downloading trivy-db to destination dir"}
{"level":"error","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:35860->170.52.0.22:53: i/o timeout\n\n","dbDir":"/data/zot/_trivy","dbRepository":"ghcr.io/aquasecurity/trivy-db:2","goroutine":59,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:588","time":"2024-09-06T14:59:34.66034897-04:00","message":"failed to download trivy-db to destination dir"}
{"level":"error","component":"scheduler","worker":7,"task":"{Name: DBUpdateTask}","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:35860->170.52.0.22:53: i/o timeout\n\n","goroutine":59,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:144","time":"2024-09-06T14:59:34.660390615-04:00","message":"failed to execute task"}
{"level":"debug","component":"scheduler","worker":7,"task":"{Name: DBUpdateTask}","goroutine":59,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:155","time":"2024-09-06T14:59:34.660418524-04:00","message":"finished task"}
{"level":"debug","component":"scheduler","generator":"CVEScanGenerator","goroutine":14,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:308","time":"2024-09-06T15:01:31.272482105-04:00","message":"waiting generator is ready, pushing to ready generators"}
{"level":"info","component":"cve","goroutine":14,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/scan.go:141","time":"2024-09-06T15:01:31.272561911-04:00","message":"finished scanning available images during scheduled cve scan"}
{"level":"debug","component":"scheduler","generator":"CVEScanGenerator","goroutine":14,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:478","time":"2024-09-06T15:01:31.272578975-04:00","message":"generator is done"}
{"level":"debug","component":"scheduler","worker":12,"task":"{Name: DBUpdateTask}","goroutine":64,"caller":"zotregistry.dev/zot/pkg/scheduler/scheduler.go:133","time":"2024-09-06T15:08:06.672727752-04:00","message":"starting task"}
{"level":"info","goroutine":64,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/update.go:101","time":"2024-09-06T15:08:06.672841807-04:00","message":"updating cve-db"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":64,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:578","time":"2024-09-06T15:08:06.672878187-04:00","message":"download Trivy DB to destination dir"}
{"level":"debug","dbDir":"/data/zot/_trivy","goroutine":64,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:582","time":"2024-09-06T15:08:06.672894766-04:00","message":"started downloading trivy-db to destination dir"}
{"level":"error","error":"failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:\n\t* Get "https://ghcr.io/v2/\": dial tcp: lookup ghcr.io on 170.52.0.22:53: read udp 170.52.0.42:50064->170.52.0.22:53: i/o timeout\n\n","dbDir":"/data/zot/_trivy","dbRepository":"ghcr.io/aquasecurity/trivy-db:2","goroutine":64,"caller":"zotregistry.dev/zot/pkg/extensions/search/cve/trivy/scanner.go:588","time":"2024-09-06T15:08:37.114724808-04:00","message":"failed to download trivy-db to destination dir"}
@irus99 irus99 added the bug Something isn't working label Sep 6, 2024
@rchincha rchincha added the rm-external Roadmap item submitted by non-maintainers label Sep 6, 2024
@rchincha
Copy link
Contributor

rchincha commented Sep 6, 2024

@irus99 do you mind doing "inspect" browser network activity and telling us what you see?
Also, any chance you are on some restricted network that is blocking the CVE db download?

@irus99
Copy link
Author

irus99 commented Sep 8, 2024

zot

Yes, this is being stood up in a server that does not have internet access. TIA

@rchincha
Copy link
Contributor

rchincha commented Sep 10, 2024
edited
Loading

@irus99 currently, having the ability to download the cve db and scan images is considered mandatory.
We will take a look at how to handle this air-gap requirement.

@Cdx1711311
Copy link

@irus99 I also encountered the same problem, and after configuring tls, the problem was solved.

@vanhtuan0409
Copy link
Contributor

vanhtuan0409 commented Oct 17, 2024
edited
Loading

this is because zot use cookie for saving user authentication info. The cookie is set to be secured. If zot is hosted without tls, web browser will not allow a secured cookie to be set.

There should be a configurable for in-secure cookie support

@rchincha could you take a look into this?

@andaaron
Copy link
Contributor

Maybe we should document this instead. Is there a use case for authentication without tls? @rchincha

@rchincha
Copy link
Contributor

If zot is hosted without tls, web browser will not allow a secured cookie to be set.

Except for testing or demo-ing zot, this is not really a valid use case. Do we really want to fix for such use cases??

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting-feedback bug Something isn't working no-issue-activity rm-external Roadmap item submitted by non-maintainers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@vanhtuan0409 @irus99 @andaaron @rchincha @Cdx1711311