install: Add --copy-container-credentials
#428
Labels
area/install
Issues related to `bootc install`
enhancement
New feature or request
triaged
This looks like a valid issue
We document that registry credentials are honored from
/etc/ostree/auth.json
, but it's easy to miss (and needs to highlighted much better) (there's also the general issue with embedding the pull secret in the image itself, cc #22 )Now when using
bootc install to-filesystem
with a private registry, we could addbootc install --copy-container-credentials
where we go and slurp out~/.config/containers/auth.json
and inject it into the final system as/etc/ostree/auth.json
.This way we get a flow where we
podman login
on the original hostbootc install to-filesystem --copy-container-credentials
And the original podman credentials (injected into
~/.config/containers/auth.json
) could have come from e.g. cloud-init (which is arguably more secure than embedding them into the image itself).The text was updated successfully, but these errors were encountered: