opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-29 01:28:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add --sign-by-sq-fingerprint to push operations

Browse Source 
This adds a new feature that allows signing using Sequoia-backed
keys.  The existing options to sign using GPG-backed keys (and sigstore)
remain unchanged, and continue to use the same backends as usual.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač
2025-07-11 17:54:50 +02:00
parent 2f005b67f4
commit 9e2850d0a8
25 changed files with 365 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/source/markdown/options/sign-by-sq-fingerprint.md Normal file
View File

@@ -0,0 +1,8 @@
####> This option file is used in:
####> podman artifact push, manifest push, push
####> If file is edited, make sure the changes
####> are applicable to all of those.
#### **--sign-by-sq-fingerprint**=*fingerprint*
Add a “simple signing” signature using a Sequoia-PGP key with the specified fingerprint.
(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)

2
docs/source/markdown/options/sign-passphrase-file.md
View File

@@ -4,4 +4,4 @@
####> are applicable to all of those.
#### **--sign-passphrase-file**=*path*
If signing the image (using either **--sign-by** or **--sign-by-sigstore-private-key**), read the passphrase to use from the specified path.
If signing the image (using **--sign-by**, **sign-by-sq-fingerprint** or **--sign-by-sigstore-private-key**), read the passphrase to use from the specified path.

3
docs/source/markdown/podman-artifact-push.1.md.in
View File

@@ -38,11 +38,12 @@ Add a “simple signing” signature at the destination using the specified key.
@@option sign-by-sigstore
#### **--sign-by-sigstore-private-key**=*path*
Add a sigstore signature at the destination using a private key at the specified path. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
@@option sign-by-sq-fingerprint
@@option sign-passphrase-file
@@option tls-verify

2
docs/source/markdown/podman-manifest-push.1.md.in
View File

@@ -70,6 +70,8 @@ Sign the pushed images with a “simple signing” signature using the specified
Sign the pushed images with a sigstore signature using a private key at the specified path. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
@@option sign-by-sq-fingerprint
@@option sign-passphrase-file
@@option tls-verify

2
docs/source/markdown/podman-push.1.md.in
View File

@@ -98,6 +98,8 @@ Add a “simple signing” signature at the destination using the specified key.
Add a sigstore signature at the destination using a private key at the specified path. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
@@option sign-by-sq-fingerprint
@@option sign-passphrase-file
@@option tls-verify