github.com/khulnasoft/cli@v0.0.0-20240402070845-01bcad7beefa/docs/reference/commandline/trust_signer_add.md (about) 1 # trust signer add 2 3 <!---MARKER_GEN_START--> 4 Add a signer 5 6 ### Options 7 8 | Name | Type | Default | Description | 9 |:--------|:-------|:--------|:-------------------------------------| 10 | `--key` | `list` | | Path to the signer's public key file | 11 12 13 <!---MARKER_GEN_END--> 14 15 ## Description 16 17 `docker trust signer add` adds signers to signed repositories. 18 19 ## Examples 20 21 ### Add a signer to a repository 22 23 To add a new signer, `alice`, to this repository: 24 25 ```console 26 $ docker trust inspect --pretty example/trust-demo 27 28 No signatures for example/trust-demo 29 30 31 List of signers and their keys: 32 33 SIGNER KEYS 34 bob 5600f5ab76a2 35 36 Administrative keys for example/trust-demo: 37 Repository Key: 642692c14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 38 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 39 ``` 40 41 Add `alice` with `docker trust signer add`: 42 43 ```console 44 $ docker trust signer add alice example/trust-demo --key alice.crt 45 Adding signer "alice" to example/trust-demo... 46 Enter passphrase for repository key with ID 642692c: 47 Successfully added signer: alice to example/trust-demo 48 ``` 49 50 `docker trust inspect --pretty` now lists `alice` as a valid signer: 51 52 ```console 53 $ docker trust inspect --pretty example/trust-demo 54 55 No signatures for example/trust-demo 56 57 58 List of signers and their keys: 59 60 SIGNER KEYS 61 alice 05e87edcaecb 62 bob 5600f5ab76a2 63 64 Administrative keys for example/trust-demo: 65 Repository Key: 642692c14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 66 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 67 ``` 68 69 ## Initialize a new repository and add a signer 70 71 When adding a signer on a repository for the first time, `docker trust signer add` sets up a new repository if it doesn't exist. 72 73 ```console 74 $ docker trust inspect --pretty example/trust-demo 75 76 no signatures or cannot access example/trust-demo 77 ``` 78 79 ```console 80 $ docker trust signer add alice example/trust-demo --key alice.crt 81 82 Initializing signed repository for example/trust-demo... 83 Enter passphrase for root key with ID 748121c: 84 Enter passphrase for new repository key with ID 95b9e55: 85 Repeat passphrase for new repository key with ID 95b9e55: 86 Successfully initialized "example/trust-demo" 87 88 Adding signer "alice" to example/trust-demo... 89 Successfully added signer: alice to example/trust-demo 90 ``` 91 92 ```console 93 $ docker trust inspect --pretty example/trust-demo 94 95 No signatures for example/trust-demo 96 97 98 SIGNED TAG DIGEST SIGNERS 99 100 List of signers and their keys: 101 102 SIGNER KEYS 103 alice 6d52b29d940f 104 105 Administrative keys for example/trust-demo: 106 Repository Key: 95b9e5565eac3ef5ec01406801bdfb70feb40c17808d2222427c18046eb63beb 107 Root Key: 748121c14bd1461f6c58cb3ef39087c8fdc7633bb11a98af844fd9a04e208103 108 ``` 109 110 ## Add a signer to multiple repositories 111 112 To add a signer, `alice`, to multiple repositories: 113 114 ```console 115 $ docker trust inspect --pretty example/trust-demo 116 117 SIGNED TAG DIGEST SIGNERS 118 v1 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 bob 119 120 List of signers and their keys: 121 122 SIGNER KEYS 123 bob 5600f5ab76a2 124 125 Administrative keys for example/trust-demo: 126 Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 127 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 128 ``` 129 130 ```console 131 $ docker trust inspect --pretty example/trust-demo2 132 133 SIGNED TAG DIGEST SIGNERS 134 v1 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 bob 135 136 List of signers and their keys: 137 138 SIGNER KEYS 139 bob 5600f5ab76a2 140 141 Administrative keys for example/trust-demo2: 142 Repository Key: ece554f14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4553d2ab20a8d9268 143 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 144 ``` 145 146 Add `alice` to both repositories with a single `docker trust signer add` command: 147 148 ```console 149 $ docker trust signer add alice example/trust-demo example/trust-demo2 --key alice.crt 150 151 Adding signer "alice" to example/trust-demo... 152 Enter passphrase for repository key with ID 95b9e55: 153 Successfully added signer: alice to example/trust-demo 154 155 Adding signer "alice" to example/trust-demo2... 156 Enter passphrase for repository key with ID ece554f: 157 Successfully added signer: alice to example/trust-demo2 158 ``` 159 160 `docker trust inspect --pretty` now lists `alice` as a valid signer of both `example/trust-demo` and `example/trust-demo2`: 161 162 163 ```console 164 $ docker trust inspect --pretty example/trust-demo 165 166 SIGNED TAG DIGEST SIGNERS 167 v1 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 bob 168 169 List of signers and their keys: 170 171 SIGNER KEYS 172 alice 05e87edcaecb 173 bob 5600f5ab76a2 174 175 Administrative keys for example/trust-demo: 176 Repository Key: 95b9e5514c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 177 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 178 ``` 179 180 ```console 181 $ docker trust inspect --pretty example/trust-demo2 182 183 SIGNED TAG DIGEST SIGNERS 184 v1 74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4 bob 185 186 List of signers and their keys: 187 188 SIGNER KEYS 189 alice 05e87edcaecb 190 bob 5600f5ab76a2 191 192 Administrative keys for example/trust-demo2: 193 Repository Key: ece554f14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4553d2ab20a8d9268 194 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 195 ``` 196 197 `docker trust signer add` adds signers to repositories on a best effort basis. 198 It continues to add the signer to subsequent repositories if one attempt fails: 199 200 ```console 201 $ docker trust signer add alice example/unauthorized example/authorized --key alice.crt 202 203 Adding signer "alice" to example/unauthorized... 204 you are not authorized to perform this operation: server returned 401. 205 206 Adding signer "alice" to example/authorized... 207 Enter passphrase for repository key with ID c6772a0: 208 Successfully added signer: alice to example/authorized 209 210 failed to add signer to: example/unauthorized 211 ```