Cleanup tutorials

Inspired by @kannkyo PR. Eliminate sudo when commands will work fine in rootless mode. Make all commands in tutorials easily cut and pastable, by eliminating $ and > symbols. This should make them all consistant agross different tutorials. Also make all systemctl enable calls use the --now option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
author: Daniel J Walsh <dwalsh@redhat.com> 2020-11-16 11:59:52 -0500
committer: Daniel J Walsh <dwalsh@redhat.com> 2020-11-17 06:49:53 -0500
commit: d200801152e0f2fd4ae62549c5d12037ac6deed7 (patch)
tree: 24b295e018b86ee1cfcc0abdbfbe4233d55a8d85 /docs/tutorials/image_signing.md
parent: d30f9ae8b6a21fbef6704e372e9ec74fc689875e (diff)
download: podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.tar.gz
podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.tar.bz2
podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.zip
1 files changed, 13 insertions, 13 deletions
diff --git a/docs/tutorials/image_signing.md b/docs/tutorials/image_signing.md
index f0adca9af..0d1d63de2 100644
--- a/docs/tutorials/image_signing.md
+++ b/docs/tutorials/image_signing.md
@@ -34,7 +34,7 @@ Now let’s assume that we run a container registry. For example we could simply
 start one on our local machine:
 
 ```bash
-> sudo podman run -d -p 5000:5000 docker.io/registry
+sudo podman run -d -p 5000:5000 docker.io/registry
 ```
 
 The registry does not know anything about image signing, it just provides the remote
@@ -44,11 +44,11 @@ have to take care of how to distribute the signatures.
 Let’s choose a standard `alpine` image for our signing experiment:
 
 ```bash
-> sudo podman pull docker://docker.io/alpine:latest
+sudo podman pull docker://docker.io/alpine:latest
 ```
 
 ```bash
-> sudo podman images alpine
+sudo podman images alpine
 REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
 docker.io/library/alpine   latest   e7d92cdc71fe   6 weeks ago   5.86 MB
 ```
@@ -56,11 +56,11 @@ docker.io/library/alpine   latest   e7d92cdc71fe   6 weeks ago   5.86 MB
 Now we can re-tag the image to point it to our local registry:
 
 ```bash
-> sudo podman tag alpine localhost:5000/alpine
+sudo podman tag alpine localhost:5000/alpine
 ```
 
 ```bash
-> sudo podman images alpine
+sudo podman images alpine
 REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
 localhost:5000/alpine      latest   e7d92cdc71fe   6 weeks ago   5.86 MB
 docker.io/library/alpine   latest   e7d92cdc71fe   6 weeks ago   5.86 MB
@@ -84,7 +84,7 @@ We can see that we have two signature stores configured:
 Now, let’s push and sign the image:
 
 ```bash
-> sudo -E GNUPGHOME=$HOME/.gnupg \
+sudo -E GNUPGHOME=$HOME/.gnupg \
     podman push \
     --tls-verify=false \
     --sign-by sgrunert@suse.com \
@@ -97,7 +97,7 @@ If we now take a look at the systems signature storage, then we see that there
 is a new signature available, which was caused by the image push:
 
 ```bash
-> sudo ls /var/lib/containers/sigstore
+sudo ls /var/lib/containers/sigstore
 'alpine@sha256=e9b65ef660a3ff91d28cc50eba84f21798a6c5c39b4dd165047db49e84ae1fb9'
 ```
 
@@ -107,14 +107,14 @@ The default signature store in our edited version of
 the local staging signature store:
 
 ```bash
-> sudo bash -c 'cd /var/lib/containers/sigstore && python3 -m http.server'
+sudo bash -c 'cd /var/lib/containers/sigstore && python3 -m http.server'
 Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
 ```
 
 Let’s remove the local images for our verification test:
 
 ```
-> sudo podman rmi docker.io/alpine localhost:5000/alpine
+sudo podman rmi docker.io/alpine localhost:5000/alpine
 ```
 
 We have to write a policy to enforce that the signature has to be valid. This
@@ -142,13 +142,13 @@ below example, copy the `"docker"` entry into the `"transports"` section of your
 The `keyPath` does not exist yet, so we have to put the GPG key there:
 
 ```bash
-> gpg --output /tmp/key.gpg --armor --export sgrunert@suse.com
+gpg --output /tmp/key.gpg --armor --export sgrunert@suse.com
 ```
 
 If we now pull the image:
 
 ```bash
-> sudo podman pull --tls-verify=false localhost:5000/alpine
+sudo podman pull --tls-verify=false localhost:5000/alpine
 …
 Storing signatures
 e7d92cdc71feacf90708cb59182d0df1b911f8ae022d29e8e95d75ca6a99776a
@@ -164,14 +164,14 @@ accessed:
 As an counterpart example, if we specify the wrong key at `/tmp/key.gpg`:
 
 ```bash
-> gpg --output /tmp/key.gpg --armor --export mail@saschagrunert.de
+gpg --output /tmp/key.gpg --armor --export mail@saschagrunert.de
 File '/tmp/key.gpg' exists. Overwrite? (y/N) y
 ```
 
 Then a pull is not possible any more:
 
 ```bash
-> sudo podman pull --tls-verify=false localhost:5000/alpine
+sudo podman pull --tls-verify=false localhost:5000/alpine
 Trying to pull localhost:5000/alpine...
 Error: error pulling image "localhost:5000/alpine": unable to pull localhost:5000/alpine: unable to pull image: Source image rejected: Invalid GPG signature: …
 ```
author	Daniel J Walsh <dwalsh@redhat.com>	2020-11-16 11:59:52 -0500
committer	Daniel J Walsh <dwalsh@redhat.com>	2020-11-17 06:49:53 -0500
commit	d200801152e0f2fd4ae62549c5d12037ac6deed7 (patch)
tree	24b295e018b86ee1cfcc0abdbfbe4233d55a8d85 /docs/tutorials/image_signing.md
parent	d30f9ae8b6a21fbef6704e372e9ec74fc689875e (diff)
download	podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.tar.gz podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.tar.bz2 podman-d200801152e0f2fd4ae62549c5d12037ac6deed7.zip