1 files changed, 35 insertions, 0 deletions

diff --git a/lib/tasks/gitlab/container_registry.rake b/lib/tasks/gitlab/container_registry.rake
new file mode 100644
index 00000000000..7687cb237cc
--- /dev/null
+++ b/lib/tasks/gitlab/container_registry.rake
@@ -0,0 +1,35 @@
+namespace :gitlab do
+  namespace :container_registry do
+    desc "GitLab | Container Registry | Configure"
+    task configure: :gitlab_environment do
+      configure
+    end
+
+    def configure
+      registry_config = Gitlab.config.registry
+
+      unless registry_config.enabled && registry_config.api_url.presence
+        puts "Registry is not enabled or registry api url is not present.".color(:yellow)
+        return
+      end
+
+      warn_user_is_not_gitlab
+
+      url = registry_config.api_url
+      # registry_info will query the /v2 route of the registry API. This route
+      # requires authentication, but not authorization (the response has no body,
+      # only headers that show the version of the registry). There is no
+      # associated user when running this rake, so we need to generate a valid
+      # JWT token with no access permissions to authenticate as a trusted client.
+      token = Auth::ContainerRegistryAuthenticationService.access_token([], [])
+      client = ContainerRegistry::Client.new(url, token: token)
+      info = client.registry_info
+
+      Gitlab::CurrentSettings.update!(
+        container_registry_vendor: info[:vendor] || '',
+        container_registry_version: info[:version] || '',
+        container_registry_features: info[:features] || []
+      )
+    end
+  end
+end