From: Tim Orling <ticotimo@gmail.com>
To: meta-virtualization@lists.yoctoproject.org
Subject: [RFC PATCH 0/4] Initial functional vcontainer --config feature for CI auth
Date: Mon, 27 Apr 2026 18:13:10 -0700 [thread overview]
Message-ID: <cover.1777337030.git.tim.orling@konsulko.com> (raw)
This is an initial attempt to share a new feature for vcontainer which
mounts credentials (e.g. ~/.docker/config.json or podman's auth.json)
into QEMU as a 9p mount. This avoids some ugly hoops we would have to
jump through to pass the credentials with --password-stdin.
This series was heavily reliant on Claude Cowork, and hence is a bit
verbose in places. I chose to share it as is (and as tested) for this
initial RFC.
The tests (test_vcontainer_auth_config.py) all pass in a local Yocto
AutoBuilder test run.
The feature itself was also tested on a local Yocto AutoBuilder
'containers-library' run which successfully pushed a 'python' container
to registry.yocto.io[1] and quay.io/yocto[2] with the "Robot Account" or
equivalent credentials.
Once we agree upon a functional state of this patch series, the changes
for yocto-autobuilder2 and yocto-autobuilder-helper can be shared in a
meaningful way, since they are dependent upon this feature.
[1] https://registry.yocto.io/account/sign-in?globalSearch=library
[2] https://quay.io/repository/yocto/python?tab=tags
Tim Orling (4):
vcontainer: add --config / VDKR_CONFIG for docker/podman auth
credentials
tests: add vcontainer --config / VDKR_CONFIG auth plumbing tests
vcontainer-initramfs-create.inc: depend on virtual/kernel:do_deploy
vcontainer-tarball: fix SDK environment script for CI
.gitignore | 1 +
recipes-containers/vcontainer/README.md | 54 ++
.../vcontainer/files/vcontainer-common.sh | 18 +
.../files/vcontainer-init-common.sh | 54 ++
.../vcontainer/files/vdkr-init.sh | 58 ++
.../vcontainer/files/vpdmn-init.sh | 61 ++
.../vcontainer/files/vrunner.sh | 147 ++++
.../vcontainer-initramfs-create.inc | 19 +-
.../vcontainer/vcontainer-tarball.bb | 69 +-
tests/test_vcontainer_auth_config.py | 642 ++++++++++++++++++
10 files changed, 1106 insertions(+), 17 deletions(-)
create mode 100644 tests/test_vcontainer_auth_config.py
--
2.50.1 (Apple Git-155)
next reply other threads:[~2026-04-28 1:13 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-28 1:13 Tim Orling [this message]
2026-04-28 1:13 ` [RFC PATCH 1/4] vcontainer: add --config / VDKR_CONFIG for docker/podman auth credentials Tim Orling
2026-04-28 1:13 ` [RFC PATCH 2/4] tests: add vcontainer --config / VDKR_CONFIG auth plumbing tests Tim Orling
2026-04-28 1:13 ` [RFC PATCH 3/4] vcontainer-initramfs-create.inc: depend on virtual/kernel:do_deploy Tim Orling
2026-04-28 11:55 ` [meta-virtualization] " Bruce Ashfield
2026-04-28 1:13 ` [RFC PATCH 4/4] vcontainer-tarball: fix SDK environment script for CI Tim Orling
2026-04-28 11:56 ` [meta-virtualization] " Bruce Ashfield
2026-04-28 21:41 ` Tim Orling
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1777337030.git.tim.orling@konsulko.com \
--to=ticotimo@gmail.com \
--cc=meta-virtualization@lists.yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.