This was originally a part of a --sign-by paragraph. I don't think
we _really_ need it, the "add a signature" wording should be clear
enough. If we did move it back to --sign-by, we should add it
to all the --sign-... options; it's simpler to just drop it.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Extends the --multi-arch flag to accept platform specifications,
allowing users to copy specific platforms from multi-architecture
images without requiring digest hashes.
Users can now specify platforms using OS/Architecture pairs:
skopeo copy --multi-arch=linux/amd64,linux/arm64 docker://src docker://dst
This feature:
- Parses comma-separated platform specifications (e.g., linux/amd64,linux/arm64)
- Copies ALL instances matching each specified platform (including all
compression variants and other variations)
- Works alongside existing --multi-arch options (system, all, index-only)
- Leverages the InstancePlatforms field added in containers/image
The implementation follows the design from containers/image#1938 and
containers/container-libs#656, providing a more user-friendly alternative
to specifying digest hashes via the Instances field.
Signed-off-by: Alex Guidi <aguidi@redhat.com>
In bootc, we want the ability to assert that signature verification is
enforced.
Add a new top-level `--require-signed` switch. When passed, we use the
new `RequireSignatureVerification()` method to ensure that signature
verification is enforced.
Part of https://github.com/containers/skopeo/issues/1829.
Signed-off-by: Jonathan Lebon <jonathan@jlebon.com>
I want this for https://github.com/bootc-dev/bootc/issues/1686
so we can distinguish pulls there.
But more generally it's can be a good idea for people writing
scripts using skopeo to set custom user agents so that registries
can more easily trace which actors are performing tasks.
Assisted-by: Claude Code
Signed-off-by: Colin Walters <walters@verbum.org>
- Don't claim that Windows uses XDG_RUNTIME_DIR, defer to the authoritative
man page.
- Consistently document the (regrettable?) REGISTRY_AUTH_FILE environment
variable.
- Consistently refer to "registry credentials file", not "authentication file".
- (Also deemphasizes (docker login), I'm not sure we want that.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
- Add option to set a fixed delay between retries.
- Clarify that if delay is unset, skopeo uses an exponential delay for
retries.
Fixes#2476
Signed-off-by: Adam Kaplan <adam.kaplan@redhat.com>
* Digest file output would have docker reference of source
and sha of of the mainfest sync'd with the target. This
file would not be created if dry-run flag is enabled
* improved the sync document to include the correct output for manifest file.
* added new line for the manifest file once all images are sync'd
* Ensuring we log on manifest digest if the copy operation was successful.
* Check for errors if any once sync process is complete.
* Ensure to capture the failure when closing the manifest file.
* Ensure we are not writing manifest sha for failed copy of imagesand aborting the process in case write to file fails
Signed-off-by: Ankit Agarwal <aagarwal@cloudsmith.io>
Correct the summary for standalone-sign. The old summary appears to be a
bad copy-and-paste from "skopeo copy".
Clarify that both of these tools are debugging tools, only operating on
local files.
Signed-off-by: Ken Dreyer <kdreyer@ibm.com>
This commit makes skopeo return a different exit code when an
input is not found. The use case is `osbuild` which uses skopeo
to inspect images and it would be nice to differenciate between
an image that is not found and general skopeo errors (or errors
like network issues etc).
I picked exit code `2` for `not found` because it is also the value
of `ENOENT`.
Man page and a test are added.
Signed-off-by: Michael Vogt <mvogt@redhat.com>
Add the ability to use an on-disk trust store to verify signatures. Also allow the user to trust any known fingerprint instead of having to specify one.
Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>
- Add a prompt to the skopeo commands.
- Add a "console" identifier to fenced code
blocks which has a prompt, not "sh".
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
(skopeo copy) and (skopeo sync) now support --sign-by-sigstore=param-file,
using the containers-sigstore-signing-params.yaml(5) file format.
That notably adds support for Fulcio and Rekor signing.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Patch created by re-running the two example commands and manually
abbreviating long lists in the output.
Fixes#1766.
Signed-off-by: Fabian P. Schmidt <kerel@mailbox.org>
If a passphrase is not provided, prompt for one.
Outstanding:
- Should have integration tests.
- The signing options shared between copy and sync should live in utils.go.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This enables pushing to registries where the push and pull uris may be
different, for example where pushed images are mirrored to a read only
replica for distribution.
Closes#1588
Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>