I don’t really understand how I could sign my own custom image.
rpm-ostree status shows
ostree-unverified-registry:ghcr.io/manfredlotz/aurora-dx-nvidia-open-asus-aso:latest
I tried to set the repository id in file artifacthub-repo.yml but wasn’t yet successful as I am not totally sure how to find the repository id.
I looked here https://api.github.com/repos/manfredlotz/aurora-dx-nvidia-open-asus-aso and thought that the node_id in line 2 is the correct one. But it didn’t help to get the image signed.
As I am a dummy here any help would be appreciated.
renner
November 8, 2025, 4:20pm
2
Start here:
Build your own custom Universal Blue Image!
If you followed this already then you may just need to rebase to your signed image
sudo bootc switch --enforce-container-sigpolicy ghcr.io/manfredlotz/aurora-dx-nvidia-open-asus-aso:latest
Thanks a lot. This command I have missed.
But I am not sure about the id I have to add to the artifucthub-repo.yml Is it the node_id value at the very top at https://api.github.com/repos/manfredlotz/aurora-dx-nvidia-open-asus-aso ?
Thinking about these things: Could it be that the artifucthub-repo.yml simply has nothing to do with signing the image???
Thanks for that! I missed that a well, switching to the enforced opion.
I just noticed mine was the same thing. I think it’s because I look at my image using bootc status and not rpm-ostree status. bootc does not show that information.
renner
November 9, 2025, 4:46am
7
Yes, that’s metadata for artifacthub, it’s so other people can find your custom image more easily.
This has nothing to do with signing.