Description

While pull and push do not allow explicit schemes (as image identifiers do not), both docker and nerdctl login DO allow it, albeit ignoring them entirely.

Our suggestion is to:

• warn the user that this syntax is only supported as a convenience and that the scheme is ignored (which docker should do too)

This will impact #3046 - which I believe still matters as there should be a way to talk TLS even with localhost.

Steps to reproduce the issue

dmp@lima-dock:/Users/dmp/Projects/go/nerdctl$ sudo nerdctl login http://192.168.5.15

Describe the results you received and expected

ERRO[0000] failed to call tryLoginWithRegHost            error="failed to call rh.Client.Do: Get \"https://192.168.5.15/v2/\": dial tcp 192.168.5.15:443: connect: connection refused" i=0

What version of nerdctl are you using?

1.7.6

Are you using a variant of nerdctl? (e.g., Rancher Desktop)

None

Host information

No response

Hi @apostasie,
the scheme is not ignored during nerdctl login, there is a fallback from https to http in specific justified situations where we can add a warning message to notify the user

@fahedouch any user specified scheme in the url is just ignored entirely.

Try for example: nerdctl login http://index.docker.io

The fact that we fallback from https to http (typically through --insecure-registry) is orthogonal.

@fahedouch any user specified scheme in the url is just ignored entirely.

Try for example: nerdctl login http://index.docker.io

The fact that we fallback from https to http (typically through --insecure-registry) is orthogonal.

It looks like a bug. It is not the intended behavior. Let me check this.