Emphasis the importance of auth registry

The container registry requires the `auth` config to be set up properly or users will be able to download images that they are not authorized to do so. For example https://gitlab.com/gitlab-org/gitlab-runner/issues/3652

Emphasis the importance of auth registry
The container registry requires the `auth` config to be set up properly or users will be able to download images that they are not authorized to do so. For example https://gitlab.com/gitlab-org/gitlab-runner/issues/3652
e64b0116 · Steve Azzopardi · d19a6f68 · e64b0116
Commit e64b0116 authored Nov 06, 2018 by Steve Azzopardi
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

doc/administration/container_registry.md doc/administration/container_registry.md +4 -1

No files found.
--- a/doc/administration/container_registry.md
+++ b/doc/administration/container_registry.md
@@ -71,7 +71,7 @@ A Registry init file is not shipped with GitLab if you install it from source.
 Hence, [restarting GitLab][restart gitlab] will not restart the Registry should
 you modify its settings. Read the upstream documentation on how to achieve that.
-At the absolute minimum, make sure your [Registry configuration][registry-auth]
+At the **absolute** minimum, make sure your [Registry configuration][registry-auth]
 has `container_registry` as the service and `https://gitlab.example.com/jwt/auth`
 as the realm:
@@ -84,6 +84,9 @@ auth:
    rootcertbundle: /root/certs/certbundle
 ```
+CAUTION: **Caution:**
+If `auth` is not set up, users will be able to pull docker images without authentication.
 ## Container Registry domain configuration
 There are two ways you can configure the Registry's external domain.