Skip to main content
Version: latest

Edge Artifact Build Configurations

During the EdgeForge process, you provide an .arg document that contains a list of parameters to configure the build of both the provider images and the Edge Installer ISO. This page lists the parameters available in the .arg file.

ArgumentDescriptionAllowed Values
ARCHArchitecture of the image. Required.amd64, arm64.
AUTO_ENROLL_SECUREBOOT_KEYSDetermines whether to auto enroll keys used for Trusted Boot.true, false. Default is false.
BASE_IMAGEBase image to be used for building installer and provider images. You only need to provide a value for this parameter when building a FIPS-enabled image.Image URL
CIS_HARDENINGWhether to harden Edge artifacts according to Center for Internet Security (CIS) standards.true, false, Default is false.
CLUSTERCONFIGPath to a cluster definition file. For more information refer to Export Cluster Definition.URL string.
CUSTOM_TAGA custom tag for the provider images. This custom tag will be appended to the IMAGE_REGISTRY and IMAGE_REPO parameters to form the full image tag.Lowercase alphanumeric string without spaces.
DISABLE_SELINUXDisable Security-Enhanced Linux (SELinux) in the operating system. Set this to true when your cluster has applications are not compatible with SELinux, such as KubeVirt.true, false
EDGE_CUSTOM_CONFIGPath to the Edge custom configuration file. The file is used to provide public keys for the host to verify signatures. Refer to Embed a Public Key in Edge Artifacts for more information..edge_custom_config.yaml
FIPS_ENABLEDWhether to generate FIPS compliant binaries.true, false. Default is false
HTTP_PROXYURL of the HTTP Proxy server.URL string.
HTTPS_PROXYURL of the HTTPS Proxy server.URL string.
IMAGE_REGISTRYThe image registry to use for tagging the generated provider images. Required.Your image registry hostname, without http or https
Example: docker.io/spectrocloud.
IMAGE_REPOThe image repository to use for tagging the generated provider images. Required.Your image repository name.
INCLUDE_MS_SECUREBOOT_KEYSWhether to include Microsoft's secure boot keys in the set of keys to enroll in your device for secure boot. Almost every machine requires these keys.true, false. Default is true.
ISO_NAMEName of the Installer ISO file. Required.Lowercase alphanumeric string without spaces. The characters - and _ are allowed.
IS_UKIDetermines whether to build a Unified Kernel Image (UKI) to enabled Trusted Boot. Refer to Trusted Boot for more information.true, false. Default is false.
K8S_DISTRIBUTIONKubernetes distribution. k3s, rke2, kubeadm, kubeadm-fips.
MY_ORGName of the org to use during secure boot key generation. For more information, refer to Generate Keys.String.
NO_PROXYURLS that should be excluded from the proxy.Comma-separated URL string.
OS_DISTRIBUTIONOperating System (OS) distribution.ubuntu, opensuse-leap, rhel.
OS_VERSIONOS version. This applies to Ubuntu only.20, 22.
PROXY_CERT_PATHAbsolute path of the SSL Proxy certificate in the PEM format. This parameter is deprecated and will be removed in a future version. Provide the certificates in the certs folder in the root directory of the CanvOS repository instead. For more information, refer to Build Installer ISO.Absolute path string.
UBUNTU_PRO_KEYSubscription key to a Ubuntu Pro subscription. A Ubuntu Pro subscription is needed to generate FIPS-compliant Edge artifacts with Ubuntu as the OS.String.
UKI_BRING_YOUR_OWN_KEYSWhether to use your own Certificate Authority (CA) to generate secure boot keys. For more information, refer to the Generate Keys using an Existing CA tab in Generate Keys.false
UPDATE_KERNELDetermines whether to upgrade the Kernel version to the latest from the upstream OS provider.true, false.