1podman-push(1) General Commands Manual podman-push(1)
2
3
4
6 podman-push - Push an image, manifest list or image index from local
7 storage to elsewhere
8
9
11 podman push [options] image [destination]
12
13
14 podman image push [options] image [destination]
15
16
18 Pushes an image, manifest list or image index from local storage to a
19 specified destination. Push is mainly used to push images to reg‐
20 istries, however podman push can be used to save images to tarballs and
21 directories using the following transports: dir:, docker-archive:,
22 docker-daemon: and oci-archive:.
23
24
26 Images are pushed from those stored in local image storage.
27
28
30 DESTINATION is the location the container image is pushed to. It sup‐
31 ports all transports from containers-transports(5). If no transport is
32 specified, the docker (i.e., container registry) transport is used.
33 For remote clients, including Mac and Windows (excluding WSL2) ma‐
34 chines, docker is the only supported transport.
35
36
37 # Push to a container registry
38 $ podman push quay.io/podman/stable
39
40 # Push to a container registry via the docker transport
41 $ podman push docker://quay.io/podman/stable
42
43 # Push to a container registry with another tag
44 $ podman push myimage quay.io/username/myimage
45
46 # Push to a local directory
47 $ podman push myimage dir:/tmp/myimage
48
49 # Push to a tarball in the docker-archive format
50 $ podman push myimage docker-archive:/tmp/myimage
51
52 # Push to a local docker daemon
53 $ sudo podman push myimage docker-daemon:docker.io/library/myimage:33
54
55 # Push to a tarball in the OCI format
56 $ podman push myimage oci-archive:/tmp/myimage
57
58
59
61 --authfile=path
62 Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/contain‐
63 ers/auth.json, which is set using podman login. If the authorization
64 state is not found there, $HOME/.docker/config.json is checked, which
65 is set using docker login.
66
67
68 Note: There is also the option to override the default path of the au‐
69 thentication file by setting the REGISTRY_AUTH_FILE environment vari‐
70 able. This can be done with export REGISTRY_AUTH_FILE=path.
71
72
73 --cert-dir=path
74 Use certificates at path (*.crt, *.cert, *.key) to connect to the reg‐
75 istry. (Default: /etc/containers/certs.d) Please refer to containers-
76 certs.d(5) for details. (This option is not available with the remote
77 Podman client, including Mac and Windows (excluding WSL2) machines)
78
79
80 --compress
81 Compress tarball image layers when pushing to a directory using the
82 'dir' transport. (default is same compression type, compressed or un‐
83 compressed, as source) Note: This flag can only be set when using the
84 dir transport
85
86
87 --compression-format=gzip | zstd | zstd:chunked
88 Specifies the compression format to use. Supported values are: gzip,
89 zstd and zstd:chunked. The default is gzip unless overridden in the
90 containers.conf file.
91
92
93 --creds=[username[:password]]
94 The [username[:password]] to use to authenticate with the registry, if
95 required. If one or both values are not supplied, a command line
96 prompt will appear and the value can be entered. The password is en‐
97 tered without echo.
98
99
100 --digestfile=Digestfile
101 After copying the image, write the digest of the resulting image to the
102 file. (This option is not available with the remote Podman client, in‐
103 cluding Mac and Windows (excluding WSL2) machines)
104
105
106 --disable-content-trust
107 This is a Docker-specific option to disable image verification to a
108 container registry and is not supported by Podman. This option is a
109 NOOP and provided solely for scripting compatibility.
110
111
112 --format, -f=format
113 Manifest Type (oci, v2s2, or v2s1) to use when pushing an image.
114
115
116 --quiet, -q
117 When writing the output image, suppress progress output
118
119
120 --remove-signatures
121 Discard any pre-existing signatures in the image.
122
123
124 --sign-by=key
125 Add a “simple signing” signature at the destination using the specified
126 key. (This option is not available with the remote Podman client, in‐
127 cluding Mac and Windows (excluding WSL2) machines)
128
129
130 --sign-by-sigstore-private-key=path
131 Add a sigstore signature at the destination using a private key at the
132 specified path. (This option is not available with the remote Podman
133 client, including Mac and Windows (excluding WSL2) machines)
134
135
136 --sign-passphrase-file=path
137 If signing the image (using either --sign-by or --sign-by-sigstore-pri‐
138 vate-key), read the passphrase to use from the specified path.
139
140
141 --tls-verify
142 Require HTTPS and verify certificates when contacting registries (de‐
143 fault: true). If explicitly set to true, TLS verification will be
144 used. If set to false, TLS verification will not be used. If not
145 specified, TLS verification will be used unless the target registry is
146 listed as an insecure registry in containers-registries.conf(5)
147
148
150 This example pushes the image specified by the imageID to a local di‐
151 rectory in docker format.
152
153
154 # podman push imageID dir:/path/to/image
155
156
157 This example pushes the image specified by the imageID to a local di‐
158 rectory in oci format.
159
160
161 # podman push imageID oci-archive:/path/to/layout:image:tag
162
163
164 This example pushes the image specified by the imageID to a container
165 registry named registry.example.com
166
167
168 # podman push imageID docker://registry.example.com/repository:tag
169
170
171 This example pushes the image specified by the imageID to a container
172 registry named registry.example.com and saves the digest in the speci‐
173 fied digestfile.
174
175
176 # podman push --digestfile=/tmp/mydigest imageID docker://registry.ex‐
177 ample.com/repository:tag
178
179
180 This example pushes the image specified by the imageID and puts it into
181 the local docker container store
182
183
184 # podman push imageID docker-daemon:image:tag
185
186
187 This example pushes the alpine image to umohnani/alpine on dockerhub
188 and reads the creds from the path given to --authfile
189
190
191 # podman push --authfile temp-auths/myauths.json alpine docker://docker.io/umohnani/alpine
192 Getting image source signatures
193 Copying blob sha256:5bef08742407efd622d243692b79ba0055383bbce12900324f75e56f589aedb0
194 4.03 MB / 4.03 MB [========================================================] 1s
195 Copying config sha256:ad4686094d8f0186ec8249fc4917b71faa2c1030d7b5a025c29f26e19d95c156
196 1.41 KB / 1.41 KB [========================================================] 1s
197 Writing manifest to image destination
198 Storing signatures
199
200
201
202 This example pushes the rhel7 image to rhel7-dir with the "oci" mani‐
203 fest type
204
205
206 # podman push --format oci registry.access.redhat.com/rhel7 dir:rhel7-dir
207 Getting image source signatures
208 Copying blob sha256:9cadd93b16ff2a0c51ac967ea2abfadfac50cfa3af8b5bf983d89b8f8647f3e4
209 71.41 MB / 71.41 MB [======================================================] 9s
210 Copying blob sha256:4aa565ad8b7a87248163ce7dba1dd3894821aac97e846b932ff6b8ef9a8a508a
211 1.21 KB / 1.21 KB [========================================================] 0s
212 Copying config sha256:f1b09a81455c351eaa484b61aacd048ab613c08e4c5d1da80c4c46301b03cf3b
213 3.01 KB / 3.01 KB [========================================================] 0s
214 Writing manifest to image destination
215 Storing signatures
216
217
218
220 podman(1), podman-pull(1), podman-login(1), containers-certs.d(5), con‐
221 tainers-registries.conf(5), containers-transports(5)
222
223
224
225 podman-push(1)