Bug #37925
open
podman login via smart proxy fails on GMT+x timezones
Description
Login to the container registry via smart proxy container gateway always fails when the timezone is in a GMT+x timezone (East of GMT, for Example Europe/Berlin which is currently at GMT+2)
So it it is not possible to pull images from via smart proxy with "Unauthenticated Pull: No"
I think i found the underlying issue. It is a sequel framework timestamp issue.
The token is added to the DB and immediately removed again.
I’m in timezone CEST (currently GMT+2)
if it is 11:00:00 local time, the token is added to the DB as
09:05:00, then the query
database.connection[:authentication_tokens].where { expire_at < Sequel::CURRENT_TIMESTAMP }.delete
will immediately delete the token
The postgres datetime field is created as a “timestamp without timezone”
Changing the field type to “timestamp with timezone” fixes the issue, but seems this is not wanted by the sequel developers, see also
https://github.com/jeremyevans/sequel/issues/874
So not sure what the best way is to fix this
Another possible solution is setting
Sequel.database_timezone = :local
https://sequel.jeremyevans.net/rdoc/classes/Sequel/Timezones.html
The postgresql timezone defaults to to the OS timezone
See also community discussion:
https://community.theforeman.org/t/podman-login-to-smart-proxy-fails/39818/7
Updated by 
Updated by 
Updated by