If you have configured your Sonatype Nexus Registry with the Lacework Proxy Scanner, upon running the Proxy Scanner container it may fail with the following error:
[DEBUG]: 2022-03-31 14:18:44 - Using v2_registry authentication.
[ERROR]: 2022-03-31 14:18:44 - Authentication method is not supported for env :lacework-proxy-scanner, intg: http://ec2-3-15-153-56.us-east-2.compute.amazonaws.com:8081, repo: all
[ERROR]: 2022-03-31 14:18:44 - Error while getting access token: Authentication method is not supported.
[FATAL]: 2022-03-31 14:18:44 - Invalid credentials found for registry(ec2-3-15-153-56.us-east-2.compute.amazonaws.com:8081). Please correct credentials. Can not validate credential for registry
This issue can be caused by an incorrectly configured port for the registry in the Proxy Scanner config.yml file. You may have configured the registry using the registry's main port e.g. 8081.
Repositories in the Sonatype Nexus Registry are configured as 'connectors' with a specified port which is used to directly connect on.
When integrating the Nexus registry with the Proxy Scanner, you need to integrate each repository as a separate domain using the configured port.
It is not possible to configure the Nexus Registry at a global level and automatically detect each repository. As the repositories are only assessable on a specific port, Lacework supports Docker V2 API compatible registries with the v2/_catalog endpoint.
We can configure multiple repositories using their associated ports as follows:
- domain: ec2-3-15-153-56.us-east-2.compute.amazonaws.com:5000
- domain: ec2-3-15-153-56.us-east-2.compute.amazonaws.com:5001