Prisma Cloud Compute: How to enable registry scanning for self-hosted gitlab container registry

Prisma Cloud Compute: How to enable registry scanning for self-hosted gitlab container registry

327
Created On 07/06/25 21:26 PM - Last Modified 07/09/25 17:26 PM


Symptom


Initial setup of gitlab container registry scanning results in the following error. Instructions are not clear as to what to define in the registry settings:

Error: failed to list repositories for group elite: received status 404 Not Found for api /api/v4/groups/<group>/registry/repositories?per_page=100, 404 page not found

Environment


  • PC enterprise SAAS
  • PC compute edition self-hosted

Cause


The public article on how to set-up gitlab container registry scanning is not entirely representative of how to set-up scanning for a self-hosted gitlab here.

 

Resolution


  1. Make sure gitlab container registry is publicly accessible on the port (usually 443 or 5050)
  2. Input container registry address in "Registry" (ex. https://1.22.333.444:5050)
  3. Input gitlab IP in API domain (ex. https://1.22.333.444:443)
  4. Input one of User ID, Group ID, or Project ID
  5. Generate personal access token and input in Credential. Give at least read_api permissions.
  6. Scan

Alternatively, you may also scan via Docker Registry v2. You will need to define gitlab container registry IP in Registry (ex. https://1.22.333.444:5050), Credential as basic token auth, and a CA certificate to scan.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000k9wGKAQ&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail