1podman-manifest-push(1)     General Commands Manual    podman-manifest-push(1)
2
3
4

NAME

6       podman-manifest-push  -  Push  a manifest list or image index to a reg‐
7       istry
8
9

SYNOPSIS

11       podman manifest push [options] listnameorindexname [destination]
12
13

DESCRIPTION

15       Pushes a manifest list or image index to a registry.
16
17

RETURN VALUE

19       The list image's ID and the digest of the image's manifest.
20
21

OPTIONS

23   --add-compression=compression
24       Makes sure that requested compression  variant  for  each  platform  is
25       added to the manifest list keeping original instance intact in the same
26       manifest list. Supported values are (gzip, zstd and zstd:chunked). Fol‐
27       lowing flag can be used multiple times.
28
29
30       Note  that --compression-format controls the compression format of each
31       instance in the manifest list. --add-compression will add another vari‐
32       ant  for  each  instance  in  the list with the specified compressions.
33       --compression-format gzip --add-compression zstd will push  a  manifest
34       list  with  each instance being compressed with gzip plus an additional
35       variant of each instance being compressed with zstd.
36
37
38   --all
39       Push the images mentioned in the manifest list or image index, in addi‐
40       tion to the list or index itself. (Default true)
41
42
43   --authfile=path
44       Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/contain‐
45       ers/auth.json on Linux, and $HOME/.config/containers/auth.json on  Win‐
46       dows/macOS.   The file is created by podman login. If the authorization
47       state is not found there, $HOME/.docker/config.json is  checked,  which
48       is set using docker login.
49
50
51       Note:  There is also the option to override the default path of the au‐
52       thentication file by setting the REGISTRY_AUTH_FILE  environment  vari‐
53       able. This can be done with export REGISTRY_AUTH_FILE=path.
54
55
56   --cert-dir=path
57       Use  certificates at path (*.crt, *.cert, *.key) to connect to the reg‐
58       istry. (Default: /etc/containers/certs.d) For details, see  containers-
59       certs.d(5).   (This  option  is  not  available  with the remote Podman
60       client, including Mac and Windows (excluding WSL2) machines)
61
62
63   --compression-format=gzip | zstd | zstd:chunked
64       Specifies the compression format to use.  Supported values  are:  gzip,
65       zstd  and  zstd:chunked.   The default is gzip unless overridden in the
66       containers.conf file.
67
68
69   --compression-level=level
70       Specifies the compression level to use.  The value is specific  to  the
71       compression  algorithm  used,  e.g. for zstd the accepted values are in
72       the range 1-20 (inclusive) with a default of 3, while for  gzip  it  is
73       1-9 (inclusive) and has a default of 5.
74
75
76   --creds=[username[:password]]
77       The  [username[:password]] to use to authenticate with the registry, if
78       required.  If one or both values  are  not  supplied,  a  command  line
79       prompt  appears  and  the value can be entered. The password is entered
80       without echo.
81
82
83       Note that the specified  credentials  are  only  used  to  authenticate
84       against  target  registries.  They are not used for mirrors or when the
85       registry gets rewritten (see containers-registries.conf(5)); to authen‐
86       ticate against those consider using a containers-auth.json(5) file.
87
88
89   --digestfile=Digestfile
90       After copying the image, write the digest of the resulting image to the
91       file.
92
93
94   --force-compression
95       If set, push uses the specified compression algorithm even if the  des‐
96       tination  contains  a differently-compressed variant already.  Defaults
97       to true if --compression-format is explicitly specified on the command-
98       line, false otherwise.
99
100
101   --format, -f=format
102       Manifest  list type (oci or v2s2) to use when pushing the list (default
103       is oci).
104
105
106   --quiet, -q
107       When writing the manifest, suppress progress output
108
109
110   --remove-signatures
111       Don't copy signatures when pushing images.
112
113
114   --rm
115       Delete the manifest list or image index from local storage  if  pushing
116       succeeds.
117
118
119   --sign-by=fingerprint
120       Sign  the  pushed  images  with  a “simple signing” signature using the
121       specified key. (This option is not available  with  the  remote  Podman
122       client, including Mac and Windows (excluding WSL2) machines)
123
124
125   --sign-by-sigstore=*param-file***
126       Add  a  sigstore signature based on further options specified in a con‐
127       tainer's sigstore signing parameter file param-file.   See  containers-
128       sigstore-signing-params.yaml(5) for details about the file format.
129
130
131   --sign-by-sigstore-private-key=path
132       Sign the pushed images with a sigstore signature using a private key at
133       the specified path. (This option is not available with the remote  Pod‐
134       man client, including Mac and Windows (excluding WSL2) machines)
135
136
137   --sign-passphrase-file=path
138       If signing the image (using either --sign-by or --sign-by-sigstore-pri‐
139       vate-key), read the passphrase to use from the specified path.
140
141
142   --tls-verify
143       Require HTTPS and verify certificates when contacting  registries  (de‐
144       fault: true).  If explicitly set to true, TLS verification is used.  If
145       set to false, TLS verification is not used.  If not specified, TLS ver‐
146       ification  is  used unless the target registry is listed as an insecure
147       registry in containers-registries.conf(5)
148
149

DESTINATION

151       DESTINATION is the location the container image is pushed to.  It  sup‐
152       ports  all transports from containers-transports(5). If no transport is
153       specified, the docker (i.e., container  registry)  transport  is  used.
154       For  remote  clients,  including  Mac  and Windows (excluding WSL2) ma‐
155       chines, docker is the only supported transport.
156
157

EXAMPLE

159       podman manifest push mylist:v1.11 docker://registry.example.org/mylist:v1.11
160
161
162

SEE ALSO

164       podman(1), podman-manifest(1), containers-transports(5)
165
166
167
168                                                       podman-manifest-push(1)
Impressum