docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
docs/_data/engine-cli/docker_trust_sign.yaml

61 lines
4.2 KiB
YAML
Raw Blame History

command: docker trust sign
short: Sign an image
long: '`docker trust sign` adds signatures to tags to create signed repositories.'
usage: docker trust sign IMAGE:TAG
pname: docker trust
plink: docker_trust.yaml
options:
- option: local
value_type: bool
default_value: "false"
description: Sign a locally tagged image
deprecated: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
examples: "### Sign a tag as a repo admin\n\nGiven an image:\n\n```bash\n$ docker
trust view example/trust-demo\nSIGNED TAG DIGEST SIGNERS\nv1
\ c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41
\ (Repo Admin)\n\nAdministrative keys for example/trust-demo:\nRepository Key:\t36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942\nRoot
Key:\t246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b\n```\n\nSign
a new tag with `docker trust sign`:\n\n```bash\n$ docker trust sign example/trust-demo:v2\nSigning
and pushing trust metadata for example/trust-demo:v2\nThe push refers to a repository
[docker.io/example/trust-demo]\need4e566104a: Layer already exists\n77edfb6d1e3c:
Layer already exists\nc69f806905c2: Layer already exists\n582f327616f1: Layer already
exists\na3fbb648f0bd: Layer already exists\n5eac2de68a97: Layer already exists\n8d4d1ab5ff74:
Layer already exists\nv2: digest: sha256:8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56
size: 1787\nSigning and pushing trust metadata\nEnter passphrase for repository
key with ID 36d4c36:\nSuccessfully signed docker.io/example/trust-demo:v2\n```\n\n`docker
trust view` lists the new signature:\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nv1
\ c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41
\ (Repo Admin)\nv2 8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56
\ (Repo Admin)\n\nAdministrative keys for example/trust-demo:\nRepository Key:\t36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942\nRoot
Key:\t246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b\n```\n\n###
Sign a tag as a signer\n\nGiven an image:\n\n```bash\n$ docker trust view example/trust-demo\n\nNo
signatures for example/trust-demo\n\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER
\ KEYS\nalice 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```\n\nSign
a new tag with `docker trust sign`:\n\n```bash\n$ docker trust sign example/trust-demo:v1\nSigning
and pushing trust metadata for example/trust-demo:v1\nThe push refers to a repository
[docker.io/example/trust-demo]\n26b126eb8632: Layer already exists\n220d34b5f6c9:
Layer already exists\n8a5132998025: Layer already exists\naca233ed29c3: Layer already
exists\ne5d2f035d7a4: Layer already exists\nv1: digest: sha256:74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4
size: 1357\nSigning and pushing trust metadata\nEnter passphrase for delegation
key with ID 27d42a8:\nSuccessfully signed docker.io/example/trust-demo:v1\n```\n\n`docker
trust view` lists the new signature:\n\n```bash\n$ docker trust view example/trust-demo\nSIGNED
TAG DIGEST SIGNERS\nv1
\ 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4
\ alice\n\nList of signers and their keys for example/trust-demo:\n\nSIGNER KEYS\nalice
\ 05e87edcaecb\nbob 5600f5ab76a2\n\nAdministrative
keys for example/trust-demo:\nRepository Key:\tecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e\nRoot
Key:\t3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949\n```"
deprecated: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
Reference in New Issue View Git Blame Copy Permalink