opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-03 11:49:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
23cd1928ec36a80f491b329dda3789b2dac32bcc
podman/docs/podman-image-sign.1.md
Ed Santiago beb71323b1 man pages - consistency fixes 
podman-generate and -play had the wrong NAMEs.

podman-restart and -volume-prune the wrong SYNOPSIS.

All the rest are varying degrees of minor:

  - missing a space between the NAME and description
  - multi-line SYNOPSIS that could be collapsed into one
  - use of UPPER CASE in synopsis instead of *asterisks*
  - improper use of **double asterisks** for options
  - varlink and version were transposed in podman-1
  - fixed inconsistencies between the description in
    the man page and that in the parent manpage. These
    are too numerous for me to fix all.

Added: script that could be used in CI to prevent future
such inconsistencies. It cannot be enabled yet because
there are still 35+ inconsistencies in need of cleaning.

This will be difficult to review on github. I suggest
pulling the PR and running 'git log -1 -p | cdif | less'

'cdif' is a handy tool for colorizing individual diffs between
lines:

   http://kaz-utashiro.github.io/cdif/

There are other such tools; use your favorite. Comparing
without visual highlights may be painful.

I also encourage you to run hack/man-page-checker and suggest
more fixes for the problems it's finding.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2019-03-20 14:37:59 -06:00

1.9 KiB
Raw Blame History

% podman-image-sign(1)

NAME

podman-image-sign - Create a signature for an image

SYNOPSIS

podman image sign [--help|-h] [--directory|-d] [--sign-by] [ IMAGE... ]

DESCRIPTION

podmain image sign will create a local signature for one or more local images that have been pulled from a registry. The signature will be written to a directory derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory.

OPTIONS

--help -h Print usage statement.

--directory -d Store the signatures in the specified directory. Default: /var/lib/containers/sigstore

--sign-by Override the default identity of the signature.

EXAMPLES

Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.

sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar

RELATED CONFIGURATION

The write (and read) location for signatures is defined in YAML-based configuration files in /etc/containers/registries.d/. When you sign an image, podman will use those configuration files to determine where to write the signature based on the the name of the originating registry or a default storage value unless overriden with the --directory option. For example, consider the following configuration file.

docker: privateregistry.example.com: sigstore: file:///var/lib/containers/sigstore

When signing an image preceeded with the registry name 'privateregistry.example.com', the signature will be written into subdirectories of /var/lib/containers/sigstore/privateregistry.example.com. The use of 'sigstore' also means the signature will be 'read' from that same location on a pull-related function.

HISTORY

November 2018, Originally compiled by Qi Wang (qiwan at redhat dot com)

Reference in New Issue View Git Blame Copy Permalink