summaryrefslogtreecommitdiff
path: root/devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html
diff options
context:
space:
mode:
authorCraig Jennings <c@cjennings.net>2024-04-07 13:41:34 -0500
committerCraig Jennings <c@cjennings.net>2024-04-07 13:41:34 -0500
commit754bbf7a25a8dda49b5d08ef0d0443bbf5af0e36 (patch)
treef1190704f78f04a2b0b4c977d20fe96a828377f1 /devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html
new repository
Diffstat (limited to 'devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html')
-rw-r--r--devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html80
1 files changed, 80 insertions, 0 deletions
diff --git a/devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html b/devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html
new file mode 100644
index 00000000..fd8a5b81
--- /dev/null
+++ b/devdocs/docker/engine%2Freference%2Fcommandline%2Ftrust_sign%2Findex.html
@@ -0,0 +1,80 @@
+<h1>docker trust sign</h1> <p><br></p> <p>Sign an image</p> <h2 id="usage">Usage</h2> <div class="highlight"><pre class="highlight" data-language="">$ docker trust sign IMAGE:TAG
+</pre></div> <p>Refer to the <a href="#options">options section</a> for an overview of available <a href="#options"><code class="language-plaintext highlighter-rouge">OPTIONS</code></a> for this command.</p> <h2 id="description">Description</h2> <p name="extended-description"><code class="language-plaintext highlighter-rouge">docker trust sign</code> adds signatures to tags to create signed repositories.</p> <p>For example uses of this command, refer to the <a href="#examples">examples section</a> below.</p> <h2 id="options">Options</h2> <table> <thead> <tr> <td>Name, shorthand</td> <td>Default</td> <td>Description</td> </tr> </thead> <tbody> <tr> <td><code class="language-plaintext highlighter-rouge">--local</code></td> <td></td> <td>Sign a locally tagged image</td> </tr> </tbody> </table> <h2 id="examples">Examples</h2> <h3 id="sign-a-tag-as-a-repo-admin">Sign a tag as a repo admin</h3> <p>Given an image:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust inspect --pretty example/trust-demo
+
+SIGNED TAG DIGEST SIGNERS
+v1 c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41 (Repo Admin)
+
+Administrative keys for example/trust-demo:
+Repository Key: 36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942
+Root Key: 246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b
+</pre></div> <p>Sign a new tag with <code class="language-plaintext highlighter-rouge">docker trust sign</code>:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust sign example/trust-demo:v2
+
+Signing and pushing trust metadata for example/trust-demo:v2
+The push refers to a repository [docker.io/example/trust-demo]
+eed4e566104a: Layer already exists
+77edfb6d1e3c: Layer already exists
+c69f806905c2: Layer already exists
+582f327616f1: Layer already exists
+a3fbb648f0bd: Layer already exists
+5eac2de68a97: Layer already exists
+8d4d1ab5ff74: Layer already exists
+v2: digest: sha256:8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56 size: 1787
+Signing and pushing trust metadata
+Enter passphrase for repository key with ID 36d4c36:
+Successfully signed docker.io/example/trust-demo:v2
+</pre></div> <p>Use <code class="language-plaintext highlighter-rouge">docker trust inspect --pretty</code> to list the new signature:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust inspect --pretty example/trust-demo
+
+SIGNED TAG DIGEST SIGNERS
+v1 c24134c079c35e698060beabe110bb83ab285d0d978de7d92fed2c8c83570a41 (Repo Admin)
+v2 8f6f460abf0436922df7eb06d28b3cdf733d2cac1a185456c26debbff0839c56 (Repo Admin)
+
+Administrative keys for example/trust-demo:
+Repository Key: 36d4c3601102fa7c5712a343c03b94469e5835fb27c191b529c06fd19c14a942
+Root Key: 246d360f7c53a9021ee7d4259e3c5692f3f1f7ad4737b1ea8c7b8da741ad980b
+</pre></div> <h3 id="sign-a-tag-as-a-signer">Sign a tag as a signer</h3> <p>Given an image:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust inspect --pretty example/trust-demo
+
+No signatures for example/trust-demo
+
+
+List of signers and their keys for example/trust-demo:
+
+SIGNER KEYS
+alice 05e87edcaecb
+bob 5600f5ab76a2
+
+Administrative keys for example/trust-demo:
+Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
+Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
+</pre></div> <p>Sign a new tag with <code class="language-plaintext highlighter-rouge">docker trust sign</code>:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust sign example/trust-demo:v1
+
+Signing and pushing trust metadata for example/trust-demo:v1
+The push refers to a repository [docker.io/example/trust-demo]
+26b126eb8632: Layer already exists
+220d34b5f6c9: Layer already exists
+8a5132998025: Layer already exists
+aca233ed29c3: Layer already exists
+e5d2f035d7a4: Layer already exists
+v1: digest: sha256:74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 size: 1357
+Signing and pushing trust metadata
+Enter passphrase for delegation key with ID 27d42a8:
+Successfully signed docker.io/example/trust-demo:v1
+</pre></div> <p><code class="language-plaintext highlighter-rouge">docker trust inspect --pretty</code> lists the new signature:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker trust inspect --pretty example/trust-demo
+
+SIGNED TAG DIGEST SIGNERS
+v1 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 alice
+
+List of signers and their keys for example/trust-demo:
+
+SIGNER KEYS
+alice 05e87edcaecb
+bob 5600f5ab76a2
+
+Administrative keys for example/trust-demo:
+Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
+Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
+</pre></div> <h2 id="parent-command">Parent command</h2> <table> <thead> <tr> <th style="text-align: left">Command</th> <th style="text-align: left">Description</th> </tr> </thead> <tbody> <tr> <td style="text-align: left"><a href="../trust/index">docker trust</a></td> <td style="text-align: left">Manage trust on Docker images</td> </tr> </tbody> </table> <h2 id="related-commands">Related commands</h2> <table> <thead> <tr> <td>Command</td> <td>Description</td> </tr> </thead> <tbody> <tr> <td><a href="../trust_inspect/index">docker trust inspect</a></td> <td>Return low-level information about keys and signatures</td> </tr> <tr> <td><a href="../trust_key/index">docker trust key</a></td> <td>Manage keys for signing Docker images</td> </tr> <tr> <td><a href="../trust_revoke/index">docker trust revoke</a></td> <td>Remove trust for an image</td> </tr> <tr> <td><a href="index">docker trust sign</a></td> <td>Sign an image</td> </tr> <tr> <td><a href="../trust_signer/index">docker trust signer</a></td> <td>Manage entities who can sign Docker images</td> </tr> </tbody> </table> <div class="_attribution">
+ <p class="_attribution-p">
+ &copy; 2019 Docker, Inc.<br>Licensed under the Apache License, Version 2.0.<br>Docker and the Docker logo are trademarks or registered trademarks of Docker, Inc. in the United States and/or other countries.<br>Docker, Inc. and other parties may also have trademark rights in other terms used herein.<br>
+ <a href="https://docs.docker.com/engine/reference/commandline/trust_sign/" class="_attribution-link">https://docs.docker.com/engine/reference/commandline/trust_sign/</a>
+ </p>
+</div>
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-27 09:11:49 +0000