1SKOPEO(1)                         August 2016                        SKOPEO(1)
2
3
4

NAME

6       skopeo -- Command line utility used to interact with local and remote
7       container images and container image registries
8
9

SYNOPSIS

11       skopeo [global options] command [command options]
12
13

DESCRIPTION

15       skopeo is a command line utility providing various operations with
16       container images and container image registries.
17
18
19       skopeo can copy container images between various containers image
20       stores, converting them as necessary.  For example you can use skopeo
21       to copy container images from one container registry to another.
22
23
24       skopeo can convert a Docker schema 2 or schema 1 container image to an
25       OCI image.
26
27
28       skopeo can inspect a repository on a container registry without
29       needlessly pulling the image. Pulling an image from a repository,
30       especially a remote repository, is an expensive network and storage
31       operation. Skopeo fetches the repository's manifest and displays a
32       docker inspect-like json output about the repository or a tag. skopeo,
33       in contrast to docker inspect, helps you gather useful information
34       about a repository or a tag without requiring you to run docker pull -
35       e.g. - Which tags are available for the given repository? Which labels
36       does the image have?
37
38
39       skopeo can sign and verify container images.
40
41
42       skopeo can delete container images from a remote container registry.
43
44
45       Note: skopeo does not require any container runtimes to be running, to
46       do most of its functionality.  It also does not require root, unless
47       you are copying images into a container runtime storage backend, like
48       the docker daemon or github.com/containers/storage.
49
50

IMAGE NAMES

52       Most commands refer to container images, using a transport:details
53       format. The following formats are supported:
54
55
56       containers-storage:docker-reference
57         An image located in a local containers/storage image store.  Location
58       and image store specified in /etc/containers/storage.conf
59
60
61       dir:path
62         An existing local directory path storing the manifest, layer tarballs
63       and signatures as individual files. This is a non-standardized format,
64       primarily useful for debugging or noninvasive container inspection.
65
66
67       docker://docker-reference
68         An image in a registry implementing the "Docker Registry HTTP API
69       V2". By default, uses the authorization state in either
70       $XDG_RUNTIME_DIR/containers/auth.json, which is set using (podman
71       login). If the authorization state is not found there,
72       $HOME/.docker/config.json is checked, which is set using (docker
73       login).
74
75
76       docker-archive:path[:docker-reference]
77         An image is stored in the docker save formatted file.
78       docker-reference is only used when creating such a file, and it must
79       not contain a digest.
80
81
82       docker-daemon:docker-reference
83         An image docker-reference stored in the docker daemon internal
84       storage.  docker-reference must contain either a tag or a digest.
85       Alternatively, when reading images, the format can be
86       docker-daemon:algo:digest (an image ID).
87
88
89       oci:path:tag
90         An image tag in a directory compliant with "Open Container Image
91       Layout Specification" at path.
92
93
94       ostree:image[@/absolute/repo/path]
95         An image in local OSTree repository.  /absolute/repo/path defaults to
96       /ostree/repo.
97
98

OPTIONS

100       --debug enable debug output
101
102
103       --policy path-to-policy Path to a policy.json file to use for verifying
104       signatures and deciding whether an image is trusted, overriding the
105       default trust policy file.
106
107
108       --insecure-policy Adopt an insecure, permissive policy that allows
109       anything. This obviates the need for a policy file.
110
111
112       --registries.d dir use registry configuration files in dir (e.g. for
113       container signature storage), overriding the default path.
114
115
116       --override-arch arch Use arch instead of the architecture of the
117       machine for choosing images.
118
119
120       --override-os OS Use OS instead of the running OS for choosing images.
121
122
123       --command-timeout duration Timeout for the command execution.
124
125
126       --help|-h Show help
127
128
129       --version|-v print the version number
130
131

COMMANDS

133       ┌────────────────────────────┬───────────────────────────────┐
134Command                     Description                   
135       ├────────────────────────────┼───────────────────────────────┤
136       │skopeo-copy(1)              │ Copy an image (manifest,      │
137       │                            │ filesystem layers,            │
138       │                            │ signatures) from one location │
139       │                            │ to another.                   │
140       ├────────────────────────────┼───────────────────────────────┤
141       │skopeo-delete(1)            │ Mark image-name for deletion. │
142       ├────────────────────────────┼───────────────────────────────┤
143       │skopeo-inspect(1)           │ Return low-level information  │
144       │                            │ about image-name in a         │
145       │                            │ registry.                     │
146       ├────────────────────────────┼───────────────────────────────┤
147       │skopeo-manifest-digest(1)   │ Compute a manifest digest of  │
148       │                            │ manifest-file and write it to │
149       │                            │ standard output.              │
150       ├────────────────────────────┼───────────────────────────────┤
151       │skopeo-standalone-sign(1)   │ Sign an image.                │
152       ├────────────────────────────┼───────────────────────────────┤
153       │skopeo-standalone-verify(1) │ Verity an image.              │
154       └────────────────────────────┴───────────────────────────────┘
155

FILES

157       /etc/containers/policy.json
158         Default trust policy file, if --policy is not specified.
159         The policy format is documented in
160https://github.com/containers/image/blob/master/docs/policy.json.md⟩ .
161
162
163       /etc/containers/registries.d
164         Default directory containing registry configuration, if
165       --registries.d is not specified.
166         The contents of this directory are documented in
167https://github.com/containers/image/blob/master/docs/registries.d.md
168       .
169
170

SEE ALSO

172       podman-login(1), docker-login(1)
173
174

AUTHORS

176       Antonio Murdaca ⟨runcom@redhat.com⟩, Miloslav Trmac ⟨mitr@redhat.com⟩,
177       Jhon Honce ⟨jhonce@redhat.com⟩
178
179
180
181Jhon Honce                      Skopeo Man Pages                     SKOPEO(1)
Impressum