Configuring the Automotive Image Builder manifest for private container images
Configuring the Automotive Image Builder manifest for private container images¶
To embed container images from a private registry into the OS image, you must first download the image to your local storage using Podman.
Important
The automotive-image-builder tool cannot pull images from private registries directly.
You must pull the image to local storage before importing it.
Prerequisites
- Podman installed
- Registry URL, username, and password (or personal access token)
- The
automotive-image-buildertool installed - Private image downloaded on local storage
Procedure
-
Authenticate with the registry as root
console $ sudo podman login <registry_url> -
Pull the private image to local storage:
console $ sudo podman pull <registry_url>/<image>:<tag> -
Modify your
<container_private.aib.yml>:console content: container_images: - source: "<registry_url>/<image>:<tag>" tag: <tag> name: "<registry_url>/<image>" containers-transport: containers-storage auth: root_password: $6$xoLqEUz0cGGJRx01$H3H/bFm0myJPULNMtbSsOFd/2BnHqHkMD92Sfxd.EKM9hXTWSmELG8cf205l6dktomuTcgKGGtGDgtvHVXSWU. # Required for testing the image only: sshd_config: PasswordAuthentication: true PermitRootLogin: trueImportant
The target private-image
nameandtagmust be identical to the string used in the previous$ podman pullcommand -
Run the
automotive-image-buildertool to build an OS image that embeds the remote containerized application:console $ sudo -E aib-dev \ --verbose \ build-deprecated \ --distro autosd10 \ --target qemu \ --mode image \ --build-dir=_build \ --export qcow2 \ <container_private.aib.yml> \ <container_private.$arch.qcow2>
Additional resources