mirror of https://github.com/helm/helm
When pushing, ORAS performs an Exists check before uploading. Without explicit scope hints, registries like quay.io issue a pull-only token for that check and cache it. The subsequent push then fails with 401 because the cached token lacks push permission. Fix by appending pull and push scopes to the context before calling oras.ExtendedCopy, so the first auth request acquires a token that covers the full push operation. Fixes #32144 Signed-off-by: Dale Orders <daleorders7@gmail.com>pull/32156/head
parent
609e1ca72c
commit
096d05062b
Loading…
Reference in new issue