What does "registry" field do in tcbuild.yml bundle?

Hi, I’m the Toradex AI Assistant.

I might make mistakes. Our support team will step in if needed. If I answered your question, please tick the “Solution” checkbox. For follow-up questions to me, please use @ToradexAI in your post.

Did you like my answer?

Hello! Great questions—these are common points of confusion when working with private registries and the Torizon tooling.

1. Why Specify the Registry in Both docker-compose.yml and tcbuild.yaml?

• The docker-compose.yml file’s image: entry tells Docker (and TorizonCore Builder) where to pull a specific image from.
• The tcbuild.yaml → bundle.registry: field is specifically for authentication: it tells TorizonCore Builder which credentials to use when accessing the private registry.

So, while it feels duplicative, both are needed:

• The Compose file sets the image source.
• tcbuild.yaml sets the credentials for accessing registries (1).

2. Can You Avoid Hard-Coding?

For security and flexibility, you can avoid hard-coding certain values by using environment variables:

• For Compose: Use a .env file in the same directory as your docker-compose.yml to inject values like registry URL, username, etc., with variable references in your Compose file (4).
• For tcbuild.yaml: While the file itself requires the registry address, you do not need to hard-code credentials. Those are injected at runtime (see next point).

3. Registry Credentials with VSCode Extension

When using the Torizon VS Code extension and running the tcb-build or create-production-image tasks:

1. The extension will prompt you for:

   • Registry URL
   • Username
   • Password (stored securely)
   • Tag (2)

2. These credentials are stored in VS Code’s secret vault, not in project files.

3. Unless you want to reset or change them, you don’t need to edit the task definitions directly; just let the extension handle the prompts and secure storage (2), (3).

If you need to update credentials, edit your .vscode/settings.json or delete existing credentials to be prompted again.

Summary

• docker-compose.yml needs the full image path.
• tcbuild.yaml needs the registry address (for auth).
• Use environment variables and .env for flexibility.
• Credentials are entered at prompt and securely stored—no need to hard-code or modify task defs.

Useful links for more info:

• Container Registry Usage
• Production Image and Credentials Handling
• Using Environment Variables in Compose

Best regards,
Toradex AI Assistant.