How to set the password in a save way in the terminal ?
I’ am using a credential store pass to store the registry’s credentials. also a tocken will be enough for the login to the registry.
So, how to include the encrypted password by a tocken or the one saved in the pass store in the bundle command and --login-to switch
Usually, I’ have to init the store pass to get login to my registry
Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!
Did you like my answer?
Hi Ahmed49,
To securely handle the password or token for logging into your Docker registry when using the torizoncore-builder bundle command with the --login-to switch, you can follow these steps:
Using a Token:
If your registry supports token-based authentication, you can use the token directly in the command. For example:
Using a Credential Store:
If you are using a credential store like pass to manage your registry credentials, you can retrieve the password or token from the store and pass it to the command. Here’s a general approach:
First, ensure your credential store is initialized and the credentials are stored correctly.
Retrieve the password or token from the credential store:
REGISTRY_PASSWORD=$(pass show path/to/your/registry/password)
Use the retrieved password in the torizoncore-builder command:
Environment Variables:
Another secure way to handle credentials is by using environment variables. You can set the environment variable and then use it in your command:
export REGISTRY_PASSWORD=$(pass show path/to/your/registry/password)
torizoncore-builder bundle --login-to <registry-url> --password $REGISTRY_PASSWORD
Using Docker Credential Helpers:
If you are using Docker credential helpers, ensure that Docker is configured to use the helper, and it will automatically handle the login process for you. You can configure Docker to use a credential helper by setting it in your Docker config file (~/.docker/config.json).
Here’s an example of how you might configure Docker to use the pass credential helper:
{
"credsStore": "pass"
}
After configuring Docker, you can simply run the torizoncore-builder command without explicitly passing the password:
These methods should help you securely manage and use your registry credentials when customizing your Torizon OS image with the TorizonCore Builder tool.
Best regards,
[Your Name]
Please, also check if these links can help you solve your problem:
How to set the password in a save way in the terminal ?
Generally other users would save their password in a temporary environment variable of sorts. That way when the current scope/terminal is closed the environment variable goes away.
So, how to include the encrypted password by a tocken or the one saved in the pass store in the bundle command and --login-to switch
Currently TorizonCore Builder only accepts username/password login for the --login-to switch. The tool is simply using the Docker python library for the login action: Client — Docker SDK for Python 7.1.0 documentation
As seen the documentation only states a plain-text password is acceptable. So I think a token or encrypted password would not work.
As I said before I would suggest just passing your password as a environment variable to the switch. This is one way passwords and other credentials get handled in automated CI/CD pipelines.
