726d982ceb
Differentiate, again, between (skopeo --tls-verify subcommand) and (skope subcommand --tls-verify), by - using a "local" Corba flag for the (skopeo --tls-verify ...) variant - adding separate --tls-verify flags to subcommands that only accept them as legacy, available through deprecatedTLSVerifyFlags (unlike the non-legacy path of dockerImageFlags()); - using TraverseChildren: true; this causes the global and per-subcommand flags to be treated separately by Corba, i.e. they no longer happen to share the "Hidden" flag and Corba actually sets the right flag variable now. So, we can now warn on (skopeo --tls-verify command) again, and --help lists the flag correctly (it is hidden at the global level, and in subcommands like copy that deprecated it, but visible in subcommands like inspect where it's not deprecated). NOTE: This removes --tls-verify from (skopeo manifest-digest) and the three signing commands; it never made sense there. This change could, in principle, break some users. Also update man pages to match. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2.8 KiB
% skopeo-inspect(1)
NAME
skopeo-inspect - Return low-level information about image-name in a registry.
SYNOPSIS
skopeo inspect [options] image-name
DESCRIPTION
Return low-level information about image-name in a registry
image-name name of image to retrieve information about
OPTIONS
--authfile path
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json, which is set using skopeo login.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login.
--cert-dir path
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry.
--config
Output configuration in OCI format, default is to format in JSON format.
--creds username[:password]
Username and password for accessing the registry.
--daemon-host host
Use docker daemon host at host (docker-daemon: transport only)
--format, -f=format
Format the output using the given Go template. The keys of the returned JSON can be used as the values for the --format flag (see examples below).
--help, -h
Print usage statement
--no-creds
Access the registry anonymously.
--raw
Output raw manifest or config data depending on --config option. The --format option is not supported with --raw option.
--registry-token Bearer token
Registry token for accessing the registry.
--retry-times
The number of times to retry; retry wait time will be exponentially increased based on the number of failed attempts.
--shared-blob-dir directory
Directory to use to share blobs across OCI repositories.
--tls-verify=bool
Require HTTPS and verify certificates when talking to the container registry or daemon (defaults to true)
EXAMPLES
To review information for the image fedora from the docker.io registry:
$ skopeo inspect docker://docker.io/fedora
{
"Name": "docker.io/library/fedora",
"Digest": "sha256:a97914edb6ba15deb5c5acf87bd6bd5b6b0408c96f48a5cbd450b5b04509bb7d",
"RepoTags": [
"20",
"21",
"22",
"23",
"24",
"heisenbug",
"latest",
"rawhide"
],
"Created": "2016-06-20T19:33:43.220526898Z",
"DockerVersion": "1.10.3",
"Labels": {},
"Architecture": "amd64",
"Os": "linux",
"Layers": [
"sha256:7c91a140e7a1025c3bc3aace4c80c0d9933ac4ee24b8630a6b0b5d8b9ce6b9d4"
]
}
$ /bin/skopeo inspect --config docker://registry.fedoraproject.org/fedora --format "{{ .Architecture }}"
amd64
$ /bin/skopeo inspect --format '{{ .Env }}' docker://registry.access.redhat.com/ubi8
[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci]
SEE ALSO
skopeo(1), skopeo-login(1), docker-login(1), containers-auth.json(5)
AUTHORS
Antonio Murdaca runcom@redhat.com, Miloslav Trmac mitr@redhat.com, Jhon Honce jhonce@redhat.com