oci not working with Artifactory Repositories

[conting]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

So currently we are trying to get Artifactory Repositories to work with Fleet and the oci annotation. Our fleet.yaml looks like this:

defaultNamespace: test
helm:
  releaseName: test-deploy
  chart: "oci://artifactory.testdomain.com/repo-local/test-chart"
  repo: ""
  version: "0.0.0"

And we are getting the following error:
level=info msg="Error logging in to endpoint, trying next endpoint" error="Get "https://artifactory.testdomain.com/v2/\": Forbidden"

So instead of logging in into artifactory.testdomain.com/repo-local/v2/ it uses artifactory.testdomain.com/v2/. In Artifactory you can have multiple of those Repositories and set user explicitly to those repos. The credentials for this Repo are set in the GitRepo CR.

Expected Behavior

We expect fleet to try the next endpoint when it tries to login.

Steps To Reproduce

Create a Artifactory Docker Repository.
Set this Repository with oci:// in fleet.yaml

Environment

- Architecture:
- Fleet Version: fleet:102.0.0+up0.6.0
- Cluster:
  - Provider:
  - Options:
  - Kubernetes Version:  v1.24.10

Logs

No response

Anything else?

No response

[conting]

We dug deeper into and found out that the error message was misleading. It was actually a proxy error on our airgapped environment. We had to add testdomain.com to the no_proxy variable und upgrade rancher. after that the repository was available. See: https://ranchermanager.docs.rancher.com/v2.7/reference-guides/single-node-rancher-in-docker/http-proxy-configuration