github.com/docker/docker-ce@v17.12.1-ce-rc2+incompatible/components/cli/docs/reference/commandline/trust_revoke.md

github.com/docker/docker-ce@v17.12.1-ce-rc2+incompatible/components/cli/docs/reference/commandline/trust_revoke.md (about)

     1  ---
     2  title: "trust revoke"
     3  description: "The revoke command description and usage"
     4  keywords: "revoke, notary, trust"
     5  ---
     6  
     7  <!-- This file is maintained within the docker/cli GitHub
     8       repository at https://github.com/docker/cli/. Make all
     9       pull requests against that repo. If you see this file in
    10       another repository, consider it read-only there, as it will
    11       periodically be overwritten by the definitive file. Pull
    12       requests which include edits to this file in other repositories
    13       will be rejected.
    14  -->
    15  
    16  # trust revoke
    17  
    18  ```markdown
    19  Usage:  docker trust revoke [OPTIONS] IMAGE[:TAG]
    20  
    21  Remove trust for an image
    22  
    23  Options:
    24        --help   Print usage
    25    -y, --yes    Do not prompt for confirmation
    26  ```
    27  
    28  ## Description
    29  
    30  `docker trust revoke` removes signatures from tags in signed repositories.
    31  
    32  `docker trust revoke` is currently experimental.
    33  
    34  ## Examples
    35  
    36  ### Revoke signatures from a signed tag
    37  
    38  Here's an example of a repo with two signed tags:
    39  
    40  
    41  ```bash
    42  $ docker trust view example/trust-demo
    43  SIGNED TAG          DIGEST                                                              SIGNERS
    44  red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
    45  blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob
    46  
    47  List of signers and their keys for example/trust-demo:
    48  
    49  SIGNER              KEYS
    50  alice               05e87edcaecb
    51  bob                 5600f5ab76a2
    52  
    53  Administrative keys for example/trust-demo:
    54  Repository Key:	ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
    55  Root Key:	3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
    56  ```
    57  
    58  When `alice`, one of the signers, runs `docker trust revoke`:
    59  
    60  ```bash
    61  $ docker trust revoke example/trust-demo:red
    62  Enter passphrase for delegation key with ID 27d42a8:
    63  Successfully deleted signature for example/trust-demo:red
    64  ```
    65  
    66  After revocation, the tag is removed from the list of released tags:
    67  
    68  ```bash
    69  $ docker trust view example/trust-demo
    70  SIGNED TAG          DIGEST                                                              SIGNERS
    71  blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob
    72  
    73  List of signers and their keys for example/trust-demo:
    74  
    75  SIGNER              KEYS
    76  alice               05e87edcaecb
    77  bob                 5600f5ab76a2
    78  
    79  Administrative keys for example/trust-demo:
    80  Repository Key:	ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
    81  Root Key:	3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
    82  ```
    83  
    84  ### Revoke signatures on all tags in a repository
    85  
    86  When no tag is specified, `docker trust` revokes all signatures that you have a signing key for.
    87  
    88  ```bash
    89  $ docker trust view example/trust-demo
    90  SIGNED TAG          DIGEST                                                              SIGNERS
    91  red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
    92  blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob
    93  
    94  List of signers and their keys for example/trust-demo:
    95  
    96  SIGNER              KEYS
    97  alice               05e87edcaecb
    98  bob                 5600f5ab76a2
    99  
   100  Administrative keys for example/trust-demo:
   101  Repository Key:	ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
   102  Root Key:	3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   103  ```
   104  
   105  When `alice`, one of the signers, runs `docker trust revoke`:
   106  
   107  ```bash
   108  $ docker trust revoke example/trust-demo
   109  Please confirm you would like to delete all signature data for example/trust-demo? [y/N] y
   110  Enter passphrase for delegation key with ID 27d42a8:
   111  Successfully deleted signature for example/trust-demo
   112  ```
   113  
   114  All tags that have `alice`'s signature on them are removed from the list of released tags:
   115  
   116  ```bash
   117  $ docker trust view example/trust-demo
   118  
   119  No signatures for example/trust-demo
   120  
   121  
   122  List of signers and their keys for example/trust-demo:
   123  
   124  SIGNER              KEYS
   125  alice               05e87edcaecb
   126  bob                 5600f5ab76a2
   127  
   128  Administrative keys for example/trust-demo:
   129  Repository Key:	ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
   130  Root Key:	3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   131  ```
   132