I am trying to bundle some docker images. After realizing tcbuild will not actually build docker images from a Dockerfile, I decided to put the images on my company’s docker registry and pull from there. This means in my docker compose, I have a line like:
image: git.mycompany.com:1234/myapp:latest
Meanwhile the “bundle” section of my tcbuild.yml has a line like this:
bundle: registry: git.mycompany.com:1234
So, If I am already hard-coding this information into the docker compose, why do I also need to hard-code it into the tcbuild.yml? Is there a way to avoid hard-coding it at all?
Also, my company’s registry has a username and password. How do I pass those into the tcbuild.yml file using the VSCode extension’s tcb-build task? Do I need to edit the task definition?
Hi, I’m the Toradex AI Assistant.
I might make mistakes. Our support team will step in if needed. If I answered your question, please tick the “Solution” checkbox. For follow-up questions to me, please use @ToradexAI in your post.
Did you like my answer?

Hello! Great questions—these are common points of confusion when working with private registries and the Torizon tooling.
1. Why Specify the Registry in Both docker-compose.yml
and tcbuild.yaml
?
- The
docker-compose.yml
file’s image:
entry tells Docker (and TorizonCore Builder) where to pull a specific image from.
- The
tcbuild.yaml
→ bundle.registry:
field is specifically for authentication: it tells TorizonCore Builder which credentials to use when accessing the private registry.
So, while it feels duplicative, both are needed:
- The Compose file sets the image source.
tcbuild.yaml
sets the credentials for accessing registries (1).
2. Can You Avoid Hard-Coding?
For security and flexibility, you can avoid hard-coding certain values by using environment variables:
- For Compose: Use a
.env
file in the same directory as your docker-compose.yml
to inject values like registry URL, username, etc., with variable references in your Compose file (4).
- For
tcbuild.yaml
: While the file itself requires the registry address, you do not need to hard-code credentials. Those are injected at runtime (see next point).
3. Registry Credentials with VSCode Extension
When using the Torizon VS Code extension and running the tcb-build
or create-production-image
tasks:
-
The extension will prompt you for:
- Registry URL
- Username
- Password (stored securely)
- Tag (2)
-
These credentials are stored in VS Code’s secret vault, not in project files.
-
Unless you want to reset or change them, you don’t need to edit the task definitions directly; just let the extension handle the prompts and secure storage (2), (3).
If you need to update credentials, edit your .vscode/settings.json
or delete existing credentials to be prompted again.
Summary
docker-compose.yml
needs the full image path.
tcbuild.yaml
needs the registry address (for auth).
- Use environment variables and
.env
for flexibility.
- Credentials are entered at prompt and securely stored—no need to hard-code or modify task defs.
Useful links for more info:
Best regards,
Toradex AI Assistant.
Thank you, but the tcb-build task is not prompting me for a registry, username, or password.