Skip to content

Latest commit

 

History

History
50 lines (29 loc) · 1.87 KB

skopeo-standalone-sign.1.md

File metadata and controls

50 lines (29 loc) · 1.87 KB

% skopeo-standalone-sign(1)

NAME

skopeo-standalone-sign - Debugging tool - Sign an image locally without uploading.

SYNOPSIS

skopeo standalone-sign [options] manifest docker-reference key-fingerprint --output|-o signature

DESCRIPTION

This is primarily a debugging tool, useful for special cases, and usually should not be a part of your normal operational workflow; use skopeo copy --sign-by instead to publish and sign an image in one step.

manifest Path to a file containing the image manifest

docker-reference A docker reference to identify the image with

key-fingerprint Key identity to use for signing

OPTIONS

See also skopeo(1) for options placed before the subcommand name.

--help, -h

Print usage statement

--output, -o output file

Write signature to output file.

--passphrase-file=path

The passphare to use when signing with the key ID from --sign-by. Only the first line will be read. A passphrase stored in a file is of questionable security if other users can read this file. Do not use this option if at all avoidable.

EXAMPLES

$ skopeo standalone-sign busybox-manifest.json registry.example.com/example/busybox 1D8230F6CDB6A06716E414C1DB72F2188BB46CC8 --output busybox.signature
$

NOTES

This command is intended for use with local signatures e.g. OpenPGP ( other signature formats may be added in the future ), as per containers-signature(5). Furthermore, this command does not interact with the artifacts generated by Docker Content Trust (DCT). For more information, please see containers-signature(5).

SEE ALSO

skopeo(1), skopeo-copy(1), containers-signature(5)

AUTHORS

Antonio Murdaca [email protected], Miloslav Trmac [email protected], Jhon Honce [email protected]