Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- cat /etc/containers/registries.d/default.yaml | grep sigstore
- # sigstore: indicates a location that is read and write
- # sigstore-staging: indicates a location that is only for write
- # sigstore and sigstore-staging take a value of the following:
- # sigstore: {schema}://location
- # sigstore: file:///var/lib/atomic/sigstore
- sigstore-staging: file:///var/www/html/
- # sigstore: http://privateregistry.com/sigstore/
- # sigstore-staging: /mnt/nfs/privateregistry/sigstore
- cat /etc/containers/registries.d/docker.io-fatherlinux.yaml
- docker:
- docker.io/fatherlinux:
- sigstore: file:///var/www/html
- # Simple Demo
- docker tag docker.io/fatherlinux/sign-test:latest docker.io/fatherlinux/sign-test:signed
- [root@rhel7 software]# atomic push docker.io/fatherlinux/sign-test:signed
- Registry Username: fatherlinux
- Registry Password:
- docker run -it docker.io/fatherlinux/sign-test:latest
- / # touch /tmp/test
- / # exit
- [root@rhel7 software]# docker ps -a
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- 31b5c900c515 docker.io/fatherlinux/sign-test:latest "sh" 11 seconds ago Exited (0) 3 seconds ago modest_einstein
- [root@rhel7 software]# docker commit 31b5c900c515 docker.io/fatherlinux/sign-test:unsigned
- sha256:4ed6fa71efcf1b09464ebf9094e513519a50cdf6f4850b6d14af38c2fa3dd9fd
- [root@rhel7 software]# atomic push dock^C.io/fatherlinux/sign-test:signed
- [root@rhel7 software]# docker push docker.io/fatherlinux/sign-test:unsigned
- The push refers to a repository [docker.io/fatherlinux/sign-test]
- d49850ef8ebe: Pushed
- 8ac8bfaff55a: Layer already exists
- unsigned: digest: sha256:ad8a9ca64aca37b5ddae1de61dfdddcee64db0eb2ee784b1265f54ca44b61484 size: 712
- (reverse-i-search)`pu': docker ^Csh docker.io/fatherlinux/sign-test:unsigned
- [root@rhel7 software]# atomic pull docker.io/fatherlinux/sign-test:unsigned
- Image docker.io/fatherlinux/sign-test:unsigned is being pulled to docker ...
- FATA[0001] Source image rejected: A signature was required, but no signature exist
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement