What is content of X-Registry-Auth for Docker push to private registry

Question

What should the content of the X-Registry-Auth header be when pushing a Docker image to a private registry using the REST API? Per Using Docker API to push to private registry, an X-Registry-Auth header is required. https://groups.google.com/forum/#!topic/docker-user/vXcA8fsCNZM suggests that the value should be a base64 encoded JSON string of the form:

{'username': string, 'password': string, 'email': string, 'serveraddress' : string}

After setting suitable environment variables, I did:

XRA=`echo "{\"username\": \"${USERNAME}\", \"password\": \"${PASSWORD}\", \"email\": \"${EMAIL_ADDRESS}\", \"serveraddress\" : \"${SERVER_ADDRESS}\"}" | base64 --wrap=0`
curl  -v --request POST --header "X-Registry-Auth: $XRA" http://$DOCKER_HOST/v1/images/$REGISTRY/$NAMESPACE/$REPOSITORY?tag=$TAG

And get a 403 Forbidden response.

Perhaps the problem is just that I don't know what the values should be. How can I determine them? Docker seems to have a way; sudo docker push $REGISTRY/$NAMESPACE/$REPOSITORY:$TAG works just fine.

Answer 1

I had a private nexus docker repo (Docker Api v2), and for me, that was the solution:

 XRA=`echo "{ \"username\": \"yourname\", \"password\": \"yourpass\", \"email\": \"[email protected]\" }" | base64 --wrap=0`
 curl  -X POST  -d "" -H "X-Registry-Auth: $XRA" http://localhost:4243/images/create?fromImage=private.host:19003/imagename&tag=latest

Answer 2

The following worked for me in node.js (after hours of frustrating trials...):

var authInfo2 = `{\"username\": \"${user}\", \"password\": \"${passwd}\", \"email\": \"${email}\", \"serveraddress\": \"${registry}\"}`

var authInfo = Buffer.from(authInfo2).toString('base64')

var result = await fetch(url, {
    method: 'POST',
    headers: {
        'Content-Type': 'application/json',
        'X-Registry-Auth' : authInfo }
})