github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/cli/docs/reference/commandline/trust_signer_add.md

github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/cli/docs/reference/commandline/trust_signer_add.md (about)

     1  ---
     2  title: "signer add"
     3  description: "The signer add command description and usage"
     4  keywords: "signer, notary, trust"
     5  ---
     6  
     7  # trust signer add
     8  
     9  ```markdown
    10  Usage:  docker trust signer add [OPTIONS] NAME REPOSITORY [REPOSITORY...]
    11  
    12  Add a signer
    13  
    14  Options:
    15        --help       Print usage
    16    -k, --key list   Path to the signer's public key file
    17  ```
    18  
    19  ## Description
    20  
    21  `docker trust signer add` adds signers to signed repositories.
    22  
    23  ## Examples
    24  
    25  ### Add a signer to a repo
    26  
    27  To add a new signer, `alice`, to this repository:
    28  
    29  ```bash
    30  $ docker trust inspect --pretty example/trust-demo
    31  
    32  No signatures for example/trust-demo
    33  
    34  
    35  List of signers and their keys:
    36  
    37  SIGNER              KEYS
    38  bob                 5600f5ab76a2
    39  
    40  Administrative keys for example/trust-demo:
    41  Repository Key: 642692c14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
    42  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
    43  ```
    44  
    45  Add `alice` with `docker trust signer add`:
    46  
    47  ```bash
    48  $ docker trust signer add alice example/trust-demo --key alice.crt
    49    Adding signer "alice" to example/trust-demo...
    50    Enter passphrase for repository key with ID 642692c:
    51  Successfully added signer: alice to example/trust-demo
    52  ```
    53  
    54  `docker trust inspect --pretty` now lists `alice` as a valid signer:
    55  
    56  ```bash
    57  $ docker trust inspect --pretty example/trust-demo
    58  
    59  No signatures for example/trust-demo
    60  
    61  
    62  List of signers and their keys:
    63  
    64  SIGNER              KEYS
    65  alice               05e87edcaecb
    66  bob                 5600f5ab76a2
    67  
    68  Administrative keys for example/trust-demo:
    69  Repository Key: 642692c14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
    70  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
    71  ```
    72  
    73  ## Initialize a new repo and add a signer
    74  
    75  When adding a signer on a repo for the first time, `docker trust signer add` sets up a new repo if it doesn't exist.
    76  
    77  ```bash
    78  $ docker trust inspect --pretty example/trust-demo
    79  
    80  No signatures or cannot access example/trust-demo
    81  ```
    82  
    83  ```bash
    84  $ docker trust signer add alice example/trust-demo --key alice.crt
    85  
    86  Initializing signed repository for example/trust-demo...
    87  Enter passphrase for root key with ID 748121c:
    88  Enter passphrase for new repository key with ID 95b9e55:
    89  Repeat passphrase for new repository key with ID 95b9e55:
    90  Successfully initialized "example/trust-demo"
    91  
    92  Adding signer "alice" to example/trust-demo...
    93  Successfully added signer: alice to example/trust-demo
    94  ```
    95  
    96  ```bash
    97  $ docker trust inspect --pretty example/trust-demo
    98  
    99  No signatures for example/trust-demo
   100  
   101  
   102  SIGNED TAG          DIGEST                                                             SIGNERS
   103  
   104  List of signers and their keys:
   105  
   106  SIGNER              KEYS
   107  alice               6d52b29d940f
   108  
   109  Administrative keys for example/trust-demo:
   110  Repository Key: 95b9e5565eac3ef5ec01406801bdfb70feb40c17808d2222427c18046eb63beb
   111  Root Key:       748121c14bd1461f6c58cb3ef39087c8fdc7633bb11a98af844fd9a04e208103
   112  ```
   113  
   114  ## Add a signer to multiple repos
   115  To add a signer, `alice`, to multiple repositories:
   116  ```bash
   117  $ docker trust inspect --pretty example/trust-demo
   118  
   119  SIGNED TAG          DIGEST                                                             SIGNERS
   120  v1                  74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4   bob
   121  
   122  List of signers and their keys:
   123  
   124  SIGNER              KEYS
   125  bob                 5600f5ab76a2
   126  
   127  Administrative keys for example/trust-demo:
   128  Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
   129  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   130  ```
   131  ```bash
   132  $ docker trust inspect --pretty example/trust-demo2
   133  
   134  SIGNED TAG          DIGEST                                                             SIGNERS
   135  v1                  74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4   bob
   136  
   137  List of signers and their keys:
   138  
   139  SIGNER              KEYS
   140  bob                 5600f5ab76a2
   141  
   142  Administrative keys for example/trust-demo2:
   143  Repository Key: ece554f14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4553d2ab20a8d9268
   144  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   145  ```
   146  Add `alice` to both repositories with a single `docker trust signer add` command:
   147  
   148  ```bash
   149  $ docker trust signer add alice example/trust-demo example/trust-demo2 --key alice.crt
   150  
   151  Adding signer "alice" to example/trust-demo...
   152  Enter passphrase for repository key with ID 95b9e55:
   153  Successfully added signer: alice to example/trust-demo
   154  
   155  Adding signer "alice" to example/trust-demo2...
   156  Enter passphrase for repository key with ID ece554f:
   157  Successfully added signer: alice to example/trust-demo2
   158  ```
   159  
   160  `docker trust inspect --pretty` now lists `alice` as a valid signer of both `example/trust-demo` and `example/trust-demo2`:
   161  
   162  
   163  ```bash
   164  $ docker trust inspect --pretty example/trust-demo
   165  
   166  SIGNED TAG          DIGEST                                                             SIGNERS
   167  v1                  74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4   bob
   168  
   169  List of signers and their keys:
   170  
   171  SIGNER              KEYS
   172  alice               05e87edcaecb
   173  bob                 5600f5ab76a2
   174  
   175  Administrative keys for example/trust-demo:
   176  Repository Key: 95b9e5514c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
   177  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   178  ```
   179  
   180  ```bash
   181  $ docker trust inspect --pretty example/trust-demo2
   182  
   183  SIGNED TAG          DIGEST                                                             SIGNERS
   184  v1                  74d4bfa917d55d53c7df3d2ab20a8d926874d61c3da5ef6de15dd2654fc467c4   bob
   185  
   186  List of signers and their keys:
   187  
   188  SIGNER              KEYS
   189  alice               05e87edcaecb
   190  bob                 5600f5ab76a2
   191  
   192  Administrative keys for example/trust-demo2:
   193  Repository Key: ece554f14c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4553d2ab20a8d9268
   194  Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
   195  ```
   196  
   197  
   198  `docker trust signer add` adds signers to repositories on a best effort basis, so it will continue to add the signer to subsequent repositories if one attempt fails:
   199  
   200  ```bash
   201  $ docker trust signer add alice example/unauthorized example/authorized --key alice.crt
   202  
   203  Adding signer "alice" to example/unauthorized...
   204  you are not authorized to perform this operation: server returned 401.
   205  
   206  Adding signer "alice" to example/authorized...
   207  Enter passphrase for repository key with ID c6772a0:
   208  Successfully added signer: alice to example/authorized
   209  
   210  Failed to add signer to: example/unauthorized
   211  ```