Being on a test system without any layered software finally I was successful to build a new custom image: GitHub - manfredlotz/aurora-cust: A first test to build my own image
But when I run: sudo bootc switch ``ghcr.io/manfred-lotz/aurora-custI get
``
error: Switching: Preparing import: Fetching manifest: failed to invoke method OpenImage: Requesting bearer token: received unexpected HTTP status: 403 Forbidden
```
I have no idea what I did wrong.
inffy
2
Is your custom image signed with your cosign key?
If yes you need to add --enforce-container-sigpolicyswitch
I hope so. At least I created cosign.{key,pub} and pasted the cosign.key into the Repository Secret
To be on the safe side I did it again
I tried bootc switch --enforce-container-sigpolicy ``ghcr.io/manfred-lotz/aurora-cust and got the same message
This cosign verify --key cosign.pub ``ghcr.io/manfred-lotz/aurora-cust gave
```
setting TUF refresh period to 24h0m0s
Error: GET https://ghcr.io/token?scope=repository%3Amanfred-lotz%2Faurora-cust%3Apull&service=ghcr.io: DENIED: requested access to the resource is denied
error during command execution: GET https://ghcr.io/token?scope=repository%3Amanfred-lotz%2Faurora-cust%3Apull&service=ghcr.io: DENIED: requested access to the resource is denied
```
so something is wrong with the cosign stuff, I guess
ledif
5
Your bootc switch command has a few typos. Adjusting the username and adding the :latest tag seems to work for me:
$ sudo bootc switch ghcr.io/manfredlotz/aurora-cust:latest
layers already present: 0; layers needed: 73 (6.3 GB)
Fetching layers ░░░░░░░░░░░░░░░░░░░░ 0/73
└ Fetching ██████████░░░░░░░░░░ 10.17 MiB/18.75 MiB (9.76 MiB/s) ostree chunk 93293a6abf765c6cb0f37
@ledif Oops. I just didn’t see it.
Of course, you are right with latest. I took the Aurora stable image but the new image is latest
Thanks a lot.