Enabling anonymous pull, disables push to Docker repository

Hi all,

(I think) I am having trouble to configure authorization for docker repository image pull and push on Nexus.

I setup a private Docker Repository on Nexus (OSS 3.21.2-03). Enabled anonymous pull on the repository settings, activated docker bearer token realm, enabled the anonymous user, setup a docker-read role (docker--read, browse) for the anonymous user, and setup a docker-deploy role (docker--browse, read, edit, add) for an authorized user.

After this configuration, my expected behavior from Nexus Docker Repository was that, I can pull images anonymously(without requiring me to docker login) from the repository, but for pushing I must login.

This configuration enabled me to to anonymously pull images without any problems, but when I try to push (successfully running docker login beforehand) I get the following error:

unauthorized: access to the requested resource is not authorized

When I disabled the anonymous pull from repository settings, I can push and pull with my authorized user, but not anonymously.

Is there anything I am missing in my configuration?

Im having the exact same issue with 3.25.1 and anonymous docker pull is just not working :frowning:

I’ve the same issue too, but i find that, when I enable anonymous access to repository, then push and pull requests use http, but not https.

I’ve added X-Forwarded-Proto=https header to ingress and the issue has been resolved.