diff options
| author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2026-02-09 03:17:24 +0000 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2026-02-09 03:34:12 +0000 |
| commit | 52fc4ca7c75594fe8b3c92a9f88df19f8f4d0944 (patch) | |
| tree | f003083cf14ecb0543303ab0023d39fd3457eb78 /classes/container-bundle.bbclass | |
| parent | 092aa81983335b2346a725eebd2a75fc785bb42b (diff) | |
| download | meta-virtualization-52fc4ca7c75594fe8b3c92a9f88df19f8f4d0944.tar.gz | |
container-registry: add target image TLS integration
Install CA certificates and registry configuration into target images
so they can pull from the secure registry at runtime.
docker-registry-config.bb: When CONTAINER_REGISTRY_SECURE=1, install
the CA cert to /etc/docker/certs.d/{host}/ca.crt instead of adding
insecure-registries to daemon.json. Translates localhost/127.0.0.1 to
10.0.2.2 for QEMU targets where the host registry is accessed via
slirp networking.
container-oci-registry-config.bb: Same secure mode support for
podman/CRI-O with insecure=false in registries.conf.
container-registry-ca.bb: New recipe that installs the CA certificate
to Docker, podman/CRI-O, and system trust store paths on the target.
container-cross-install.bbclass: Auto-add docker-registry-config or
container-oci-registry-config to IMAGE_INSTALL when
CONTAINER_REGISTRY_SECURE=1, based on the configured container engine.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Diffstat (limited to 'classes/container-bundle.bbclass')
0 files changed, 0 insertions, 0 deletions