docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve notary setup for DTR (#4603)

This commit is contained in:
Joao Fernandes 2017-09-12 16:36:41 -07:00 committed by GitHub
parent ff4d39fa90
commit 753901936b
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
datacenter/dtr/2.3/guides/user/access-dtr/configure-your-notary-client.md
View File

@ -50,7 +50,7 @@ or using a configuration file.
Run the Notary command with: Run the Notary command with:
```bash ```bash
notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem> notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem> --help
``` ```
Here's what the flags mean: Here's what the flags mean:
@ -64,13 +64,25 @@ Here's what the flags mean:
To avoid having to type all the flags when using the command, you can set an To avoid having to type all the flags when using the command, you can set an
alias: alias:
```none
# Bash
alias notary="notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem>"
# PowerShell <ul class="nav nav-tabs">
<li class="active"><a data-toggle="tab" data-target="#tab3">Bash</a></li>
<li><a data-toggle="tab" data-target="#tab4">PowerShell</a></li>
</ul>
<div class="tab-content">
<div id="tab3" class="tab-pane fade in active" markdown="1">
```
alias notary="notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem>"
```
<hr>
</div>
<div id="tab4" class="tab-pane fade" markdown="1">
```
set-alias notary "notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem>" set-alias notary "notary --server https://<dtr-url> --trustDir ~/.docker/trust --tlscacert <dtr-ca.pem>"
``` ```
<hr>
</div>
</div>
### With a configuration file ### With a configuration file
@ -90,9 +102,8 @@ the following content:
To validate your configuration, try running the `notary list` command on a To validate your configuration, try running the `notary list` command on a
DTR repository that already has signed images: DTR repository that already has signed images:
```none ```bash
# Assumes you've configured notary notary list <dtr-url>/<account>/<repository>
notary list <dtr-repository>
``` ```
The command should print a list of digests for each signed image on the The command should print a list of digests for each signed image on the
@ -106,8 +117,7 @@ key of your UCP client bundle.
Import the private key in your UCP bundle into the Notary CLI client: Import the private key in your UCP bundle into the Notary CLI client:
```none ```bash
# Assumes you've configured notary
notary key import <path-to-key.pem> notary key import <path-to-key.pem>
``` ```
@ -116,7 +126,7 @@ password to encrypt it.
You can validate what keys Notary knows about by running: You can validate what keys Notary knows about by running:
```none ```bash
notary key list notary key list
``` ```