after the latest version 3.4.0 of the VS Code extension was installed, the ‘create-production-image’ task always asks for the docker registry password. Then the entry in settings.json gets overwritten. Is it possible to suppress this feature and skip the password query? I already have a correct password in settings.json.
I also tried to fill the Docker_password User setting of the extension, but it kept asking for the password anyway. I think the extension should not ask for the password if it finds it in the settings.
Meanwhile I reverted to the version 3.3.0 of the extension.
I might make mistakes or occasionally get you wrong. Our support team will step in if needed.
Docker Password Management in Torizon IDE Extension
The behavior you’re experiencing with the password prompts in version 3.4.0 is related to how the Torizon IDE Extension manages Docker credentials. Let me explain the expected behavior based on the documentation.
How Docker Password Handling Works
According to the documentation, the docker_password property is managed automatically by the extension(1). When you run the create-production-image task for the first time, the extension asks for your DockerHub password and stores it securely(1).
The password handling follows this pattern:
The password is stored in the VS Code vault for security(1)
The docker_password property in settings.json shows the value secret when the real value is stored in the vault(1)
The extension should use the stored password in subsequent runs(1)
Expected Behavior vs. Your Issue
The documentation indicates that the password should only be requested during the first run of the create-production-image task(1). If the extension continues asking for the password even when it’s already stored, this suggests a potential issue with the credential retrieval mechanism in version 3.4.0.
Potential Workarounds
Based on the documented behavior, you can try:
Clear and reset the password: Remove the docker_password property from your settings.json or set it to an empty string, then run the task once to re-establish the credential storage(1)
Verify the stored credentials: Check that your settings.json contains the correct docker_login and docker_registry values, as these work together with the password(1)
Settings Configuration
Ensure your workspace settings include the required Docker properties(1):
docker_login: Your DockerHub username
docker_registry: The Docker namespace/registry
docker_password: Should show secret when properly stored
docker_tag: The tag for your production image
Since you mentioned that reverting to version 3.3.0 resolved the issue, this appears to be a regression in the credential handling mechanism in version 3.4.0.
Best regards, Toradex AI Assistant.
Did you like my answer?
If I answered your question, please tick the “Solution” checkbox.
For follow-up questions to me, please use @ToradexAI in your post.
I checked with our team about this and it is due to a behavior change in version 3.4.0. The behavior is as follows:
Before the password was tucked away in a json file and if you input the wrong password it would be difficult to change later because it wasn’t obvious where it was. So now it shows the prompt every time but its always filled with your password so if you don’t want to change it all you have to do is press enter (which you already had to do before to select device arch, so its one additional enter press)
So in theory you should be able to just quickly hit enter on successive executions, without needing to retype your password. Can you confirm if this is the case on your side? Is this acceptable for you?
it works, with a side-effect that the “docker_password” field value in settings.json gets replaced by “secret”. Can you please explain this and also where the entered password is actually stored?
At this moment I can bypass the password entry by setting
“DOCKER_PASSWORD”: “${config:docker_password}”,
in tasks.json.
I understand that storing passwords in sources is a bad practice, so the new extension behavior may be a step in the right direction. I just need to understand the use case.
Can you please explain this and also where the entered password is actually stored?
Our extension uses the VSCode API to store secrets in the OS vault of your system where VSCode is running. That way the secrets are available to your instance of VSCode, without exposing them in plain-text actually in your project.
