Regardless of your registry actual domain name, the Parse method https://github.com/docker/distribution/blob/v2.7.0/reference/reference.go#L189 is always receiving:

docker.io/foo/bar or docker.io/library/foo (where foo/bar or foo is your image).

It seems to be because we are calling https://github.com/docker/distribution/blob/v2.7.0/reference/normalize.go#L33 on vars.name from the context, which is apparently just the repo name (without the domain).

This makes the implementation deviate from the stated intent of the grammar.

If NameTotalLengthMax https://github.com/docker/distribution/blob/v2.7.0/reference/reference.go#L37 was meant to limit the total size of the image name including the domain, then it must use the actual registry domain (+port).

If NameTotalLengthMax should be applied just on the path component, regardless of the domain, then we should not normalize vars.name before validating it (this is what the WithName method does, by the way).

A fix for this need to be carefully thought, as in the current situation the actual restriction is on repo names at 237 characters (with single components) and 245 characters if they contain a slash regardless of the domain component - introducing proper domain name validation may render existing images invalid.

Let me know if I'm missing something here.

cc @caervs @dmcgowan @tiborvass