1 files changed, 15 insertions, 3 deletions

diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index a2683647c72..bc734465750 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -45,7 +45,12 @@ module Auth
       token.expire_time = token_expire_at
 
       token[:access] = names.map do |name|
-        { type: 'repository', name: name, actions: actions }
+        {
+          type: 'repository',
+          name: name,
+          actions: actions,
+          migration_eligible: migration_eligible(repository_path: name)
+        }.compact
       end
 
       token.encoded
@@ -119,13 +124,20 @@ module Auth
         type: type,
         name: path.to_s,
         actions: authorized_actions,
-        migration_eligible: migration_eligible(requested_project, authorized_actions)
+        migration_eligible: self.class.migration_eligible(project: requested_project)
       }.compact
     end
 
-    def migration_eligible(project, actions)
+    def self.migration_eligible(project: nil, repository_path: nil)
       return unless Feature.enabled?(:container_registry_migration_phase1)
 
+      # project has precedence over repository_path. If only the latter is provided, we find the corresponding Project.
+      unless project
+        return unless repository_path
+
+        project = ContainerRegistry::Path.new(repository_path).repository_project
+      end
+
       # The migration process will start by allowing only specific test and gitlab-org projects using the
       # `container_registry_migration_phase1_allow` FF. We'll then move on to a percentage rollout using this same FF.
       # To remove the risk of impacting enterprise customers that rely heavily on the registry during the percentage