mirror of
https://github.com/docker/cli.git
synced 2025-08-05 13:55:48 +03:00
Use default inspect formatting, remove omitempty, update docs
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy
@@ -28,7 +28,8 @@ Return low-level information about keys and signatures
|
||||
This includes all image tags that are signed, who signed them, and who can sign
|
||||
new tags.
|
||||
|
||||
`docker trust inspect` is intended to be used for integrations into other systems, whereas `docker trust view` provides human-friendly output.
|
||||
`docker trust inspect` prints the trust information in a machine-readable format. Refer to
|
||||
[`docker trust view`](trust_view.md) for a human-friendly output.
|
||||
|
||||
`docker trust inspect` is currently experimental.
|
||||
|
||||
@@ -37,11 +38,14 @@ new tags.
|
||||
|
||||
### Get low-level details about signatures for a single image tag
|
||||
|
||||
Use the `docker trust inspect` to get trust information about an image. The
|
||||
following example prints trust information for the `alpine:latest` image:
|
||||
|
||||
```bash
|
||||
$ docker trust inspect alpine:latest | jq
|
||||
$ docker trust inspect alpine:latest
|
||||
[
|
||||
{
|
||||
"Name": "alpine:latest",
|
||||
"SignedTags": [
|
||||
{
|
||||
"SignedTag": "latest",
|
||||
@@ -51,17 +55,22 @@ $ docker trust inspect alpine:latest | jq
|
||||
]
|
||||
}
|
||||
],
|
||||
"Signers": [],
|
||||
"AdminstrativeKeys": [
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
{
|
||||
"ID": "5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
{
|
||||
"ID": "a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
@@ -78,10 +87,10 @@ This format mirrors the output of `docker trust view`
|
||||
If signers are set up for the repository via other `docker trust` commands, `docker trust inspect` includes a `Signers` key:
|
||||
|
||||
```bash
|
||||
|
||||
$ docker trust inspect my-image:purple | jq
|
||||
$ docker trust inspect my-image:purple
|
||||
[
|
||||
{
|
||||
"Name": "my-image:purple",
|
||||
"SignedTags": [
|
||||
{
|
||||
"SignedTag": "purple",
|
||||
@@ -97,21 +106,31 @@ $ docker trust inspect my-image:purple | jq
|
||||
{
|
||||
"Name": "alice",
|
||||
"Keys": [
|
||||
"04dd031411ed671ae1e12f47ddc8646d98f135090b01e54c3561e843084484a3",
|
||||
"6a11e4898a4014d400332ab0e096308c844584ff70943cdd1d6628d577f45fd8"
|
||||
{
|
||||
"ID": "04dd031411ed671ae1e12f47ddc8646d98f135090b01e54c3561e843084484a3"
|
||||
},
|
||||
{
|
||||
"ID": "6a11e4898a4014d400332ab0e096308c844584ff70943cdd1d6628d577f45fd8"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "bob",
|
||||
"Keys": [
|
||||
"433e245c656ae9733cdcc504bfa560f90950104442c4528c9616daa45824ccba"
|
||||
{
|
||||
"ID": "433e245c656ae9733cdcc504bfa560f90950104442c4528c9616daa45824ccba"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "carol",
|
||||
"Keys": [
|
||||
"d32fa8b5ca08273a2880f455fcb318da3dc80aeae1a30610815140deef8f30d9",
|
||||
"9a8bbec6ba2af88a5fad6047d428d17e6d05dbdd03d15b4fc8a9a0e8049cd606"
|
||||
{
|
||||
"ID": "d32fa8b5ca08273a2880f455fcb318da3dc80aeae1a30610815140deef8f30d9"
|
||||
},
|
||||
{
|
||||
"ID": "9a8bbec6ba2af88a5fad6047d428d17e6d05dbdd03d15b4fc8a9a0e8049cd606"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
@@ -119,13 +138,17 @@ $ docker trust inspect my-image:purple | jq
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
"27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44"
|
||||
{
|
||||
"ID": "27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
"40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f"
|
||||
{
|
||||
"ID": "40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
@@ -140,23 +163,29 @@ $ docker trust inspect unsigned-img
|
||||
No signatures or cannot access unsigned-img
|
||||
```
|
||||
|
||||
However, if other tags are signed in the same image repository, `docker trust inspect` reports relevant key information and omits the `SignedTags` key.
|
||||
However, if other tags are signed in the same image repository, `docker trust inspect` reports relevant key information:
|
||||
|
||||
```bash
|
||||
$ docker trust inspect alpine:unsigned | jq
|
||||
$ docker trust inspect alpine:unsigned
|
||||
[
|
||||
{
|
||||
"Name": "alpine:unsigned",
|
||||
"Signers": [],
|
||||
"AdminstrativeKeys": [
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
"5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
{
|
||||
"ID": "5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
"a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
{
|
||||
"ID": "a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
@@ -166,14 +195,170 @@ $ docker trust inspect alpine:unsigned | jq
|
||||
|
||||
### Get details about signatures for all image tags in a repository
|
||||
|
||||
```bash
|
||||
$ docker trust inspect alpine | jq
|
||||
If no tag is specified, `docker trust inspect` will report details for all signed tags in the repository:
|
||||
|
||||
```bash
|
||||
$ docker trust inspect alpine
|
||||
[
|
||||
{
|
||||
"Name": "alpine",
|
||||
"SignedTags": [
|
||||
{
|
||||
"SignedTag": "3.5",
|
||||
"Digest": "b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "3.6",
|
||||
"Digest": "d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "edge",
|
||||
"Digest": "23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "latest",
|
||||
"Digest": "d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
}
|
||||
],
|
||||
"Signers": [],
|
||||
"AdminstrativeKeys": [
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
```
|
||||
|
||||
|
||||
### Get details about signatures for multiple images
|
||||
|
||||
`docker trust inspect` can take multiple repositories and images as arguments, and reports the results in an ordered list:
|
||||
|
||||
```bash
|
||||
$ docker trust inspect alpine ubuntu | jq
|
||||
$ docker trust inspect alpine notary
|
||||
[
|
||||
{
|
||||
"Name": "alpine",
|
||||
"SignedTags": [
|
||||
{
|
||||
"SignedTag": "3.5",
|
||||
"Digest": "b007a354427e1880de9cdba533e8e57382b7f2853a68a478a17d447b302c219c",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "3.6",
|
||||
"Digest": "d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "edge",
|
||||
"Digest": "23e7d843e63a3eee29b6b8cfcd10e23dd1ef28f47251a985606a31040bf8e096",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "integ-test-base",
|
||||
"Digest": "3952dc48dcc4136ccdde37fbef7e250346538a55a0366e3fccc683336377e372",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "latest",
|
||||
"Digest": "d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
}
|
||||
],
|
||||
"Signers": [],
|
||||
"AdminstrativeKeys": [
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "notary",
|
||||
"SignedTags": [
|
||||
{
|
||||
"SignedTag": "server",
|
||||
"Digest": "71f64ab718a3331dee103bc5afc6bc492914738ce37c2d2f127a8133714ecf5c",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
},
|
||||
{
|
||||
"SignedTag": "signer",
|
||||
"Digest": "a6122d79b1e74f70b5dd933b18a6d1f99329a4728011079f06b245205f158fe8",
|
||||
"Signers": [
|
||||
"Repo Admin"
|
||||
]
|
||||
}
|
||||
],
|
||||
"Signers": [],
|
||||
"AdminstrativeKeys": [
|
||||
{
|
||||
"Name": "Root",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "8cdcdef5bd039f4ab5a029126951b5985eebf57cabdcdc4d21f5b3be8bb4ce92"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Name": "Repository",
|
||||
"Keys": [
|
||||
{
|
||||
"ID": "85bfd031017722f950d480a721f845a2944db26a3dc084040a70f1b0d9bbb3df"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user