github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/cli/docs/reference/commandline/trust_revoke.md (about) 1 --- 2 title: "trust revoke" 3 description: "The revoke command description and usage" 4 keywords: "revoke, notary, trust" 5 --- 6 7 # trust revoke 8 9 ```markdown 10 Usage: docker trust revoke [OPTIONS] IMAGE[:TAG] 11 12 Remove trust for an image 13 14 Options: 15 --help Print usage 16 -y, --yes Do not prompt for confirmation 17 ``` 18 19 ## Description 20 21 `docker trust revoke` removes signatures from tags in signed repositories. 22 23 ## Examples 24 25 ### Revoke signatures from a signed tag 26 27 Here's an example of a repo with two signed tags: 28 29 30 ```bash 31 $ docker trust inspect --pretty example/trust-demo 32 SIGNED TAG DIGEST SIGNERS 33 red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice 34 blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob 35 36 List of signers and their keys for example/trust-demo: 37 38 SIGNER KEYS 39 alice 05e87edcaecb 40 bob 5600f5ab76a2 41 42 Administrative keys for example/trust-demo: 43 Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 44 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 45 ``` 46 47 When `alice`, one of the signers, runs `docker trust revoke`: 48 49 ```bash 50 $ docker trust revoke example/trust-demo:red 51 Enter passphrase for delegation key with ID 27d42a8: 52 Successfully deleted signature for example/trust-demo:red 53 ``` 54 55 After revocation, the tag is removed from the list of released tags: 56 57 ```bash 58 $ docker trust inspect --pretty example/trust-demo 59 SIGNED TAG DIGEST SIGNERS 60 blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob 61 62 List of signers and their keys for example/trust-demo: 63 64 SIGNER KEYS 65 alice 05e87edcaecb 66 bob 5600f5ab76a2 67 68 Administrative keys for example/trust-demo: 69 Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 70 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 71 ``` 72 73 ### Revoke signatures on all tags in a repository 74 75 When no tag is specified, `docker trust` revokes all signatures that you have a signing key for. 76 77 ```bash 78 $ docker trust inspect --pretty example/trust-demo 79 SIGNED TAG DIGEST SIGNERS 80 red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice 81 blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob 82 83 List of signers and their keys for example/trust-demo: 84 85 SIGNER KEYS 86 alice 05e87edcaecb 87 bob 5600f5ab76a2 88 89 Administrative keys for example/trust-demo: 90 Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 91 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 92 ``` 93 94 When `alice`, one of the signers, runs `docker trust revoke`: 95 96 ```bash 97 $ docker trust revoke example/trust-demo 98 Please confirm you would like to delete all signature data for example/trust-demo? [y/N] y 99 Enter passphrase for delegation key with ID 27d42a8: 100 Successfully deleted signature for example/trust-demo 101 ``` 102 103 All tags that have `alice`'s signature on them are removed from the list of released tags: 104 105 ```bash 106 $ docker trust inspect --pretty example/trust-demo 107 108 No signatures for example/trust-demo 109 110 111 List of signers and their keys for example/trust-demo: 112 113 SIGNER KEYS 114 alice 05e87edcaecb 115 bob 5600f5ab76a2 116 117 Administrative keys for example/trust-demo: 118 Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e 119 Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949 120 ``` 121