Skip to content

Configuring the Automotive Image Builder manifest for private container images

To embed container images from a private registry into the OS image, you must first download the image to your local storage using Podman.

Important

The automotive-image-builder tool cannot pull images from private registries directly. You must pull the image to local storage before importing it.

Prerequisites

  • Podman installed
  • Registry URL, username, and password (or personal access token)
  • The automotive-image-builder tool installed
  • Private image downloaded on local storage

Procedure

  1. Authenticate with the registry as root

    $ sudo podman login <registry_url>

  2. Pull the private image to local storage:

    $ sudo podman pull <registry_url>/<image>:<tag>

  3. Modify your <container_private.aib.yml> :

    content:
  container_images:
    - source: "<registry_url>/<image>:<tag>"
      tag: <tag>
      name: "<registry_url>/<image>"
      containers-transport: containers-storage
auth:
  root_password: $6$xoLqEUz0cGGJRx01$H3H/bFm0myJPULNMtbSsOFd/2BnHqHkMD92Sfxd.EKM9hXTWSmELG8cf205l6dktomuTcgKGGtGDgtvHVXSWU.
  # Required for testing the image only:
  sshd_config:
    PasswordAuthentication: true
    PermitRootLogin: true

    Important

    The target private-image name and tag must be identical to the string used in the previous $ podman pull command

  4. Run the automotive-image-builder tool to build an OS image that embeds the remote containerized application:

    $ sudo -E aib-dev \
--verbose \
build-deprecated \
--distro autosd10 \
--target qemu \
--mode image \
--build-dir=_build \
--export qcow2 \
<container_private.aib.yml> \
<container_private.$arch.qcow2>

Additional resources

© Red Hat