1skopeo-standalone-sign(1)() skopeo-standalone-sign(1)()
2
6 skopeo-standalone-sign - Debugging tool - Publish and sign an image in
7 one step.
8
11 skopeo standalone-sign [options] manifest docker-reference key-finger‐
12 print --output|-o signature
13
16 This is primarily a debugging tool, useful for special cases, and usu‐
17 ally should not be a part of your normal operational workflow; use
18 skopeo copy --sign-by instead to publish and sign an image in one step.
19 manifest Path to a file containing the image manifest
22 docker-reference A docker reference to identify the image with
25 key-fingerprint Key identity to use for signing
28
31 --help, -h
32 Print usage statement
35 --output, -o output file
38 Write signature to output file.
41 --passphrase-file=path
44 The passphare to use when signing with the key ID from --sign-by. Only
47 the first line will be read. A passphrase stored in a file is of ques‐
48 tionable security if other users can read this file. Do not use this
49 option if at all avoidable.
50
53 $ skopeo standalone-sign busybox-manifest.json registry.example.com/example/busybox 1D8230F6CDB6A06716E414C1DB72F2188BB46CC8 --output busybox.signature
54 $
55
59 This command is intended for use with local signatures e.g. OpenPGP (
60 other signature formats may be added in the future ), as per contain‐
61 ers-signature(5). Furthermore, this command does not interact with the
62 artifacts generated by Docker Content Trust (DCT). For more informa‐
63 tion, please see containers-signature(5) ⟨https://github.com/contain‐
64 ers/image/blob/main/docs/containers-signature.5.md⟩.
65
68 skopeo(1), skopeo-copy(1), containers-signature(5)
69
72 Antonio Murdaca runcom@redhat.com ⟨mailto:runcom@redhat.com⟩, Miloslav
73 Trmac mitr@redhat.com ⟨mailto:mitr@redhat.com⟩, Jhon Honce jhonce@red‐
74 hat.com ⟨mailto:jhonce@redhat.com⟩
75 skopeo-standalone-sign(1)()