opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-12 19:14:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b5d1d89a377e38762a75c2042dcc50a370ba6707
podman/docs/source/markdown/podman-image-sign.1.md
Paul Holzinger 52a8694705 Add anchors for flag names on docs.podman.io 
Change the docs markdown so that flag names will be h4 headers.
Sphinx will automatically add anchors to headers. Add css to
make sure the flag names are not to big compared to the text.

The man pages also still renders fine but it looks a bit different.

Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
2020-11-10 15:27:08 +01:00

58 lines
2.1 KiB
Markdown
Raw Blame History

% podman-image-sign(1)
## NAME
podman-image-sign - Create a signature for an image
## SYNOPSIS
**podman image sign** [*options*] *image* [*image* ...]
## DESCRIPTION
**podman image sign** will create a local signature for one or more local images that have
been pulled from a registry. The signature will be written to a directory
derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory.
## OPTIONS
#### **--help**, **-h**
Print usage statement.
#### **--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
#### **--directory**, **-d**=*dir*
Store the signatures in the specified directory. Default: /var/lib/containers/sigstore
#### **--sign-by**=*identity*
Override the default identity of the signature.
## EXAMPLES
Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.
sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar
## RELATED CONFIGURATION
The write (and read) location for signatures is defined in YAML-based
configuration files in /etc/containers/registries.d/. When you sign
an image, Podman will use those configuration files to determine
where to write the signature based on the the name of the originating
registry or a default storage value unless overridden with the --directory
option. For example, consider the following configuration file.
docker:
privateregistry.example.com:
sigstore: file:///var/lib/containers/sigstore
When signing an image preceded with the registry name 'privateregistry.example.com',
the signature will be written into sub-directories of
/var/lib/containers/sigstore/privateregistry.example.com. The use of 'sigstore' also means
the signature will be 'read' from that same location on a pull-related function.
## HISTORY
November 2018, Originally compiled by Qi Wang (qiwan at redhat dot com)
Reference in New Issue View Git Blame Copy Permalink