summaryrefslogtreecommitdiff
path: root/docs/podman-image-trust.1.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/podman-image-trust.1.md')
-rw-r--r--docs/podman-image-trust.1.md37
1 files changed, 16 insertions, 21 deletions
diff --git a/docs/podman-image-trust.1.md b/docs/podman-image-trust.1.md
index f96a7996f..7c5b70833 100644
--- a/docs/podman-image-trust.1.md
+++ b/docs/podman-image-trust.1.md
@@ -1,19 +1,13 @@
-% podman-image-trust "1"
+% podman-image-trust(1)
-# NAME
+## NAME
podman\-image\-trust - Manage container registry image trust policy
-# SYNOPSIS
-**podman image trust** set|show
-[**-h**|**--help**]
-[**-j**|**--json**]
-[**--raw**]
-[**-f**|**--pubkeysfile** KEY1 [**-f**|**--pubkeysfile** KEY2,...]]
-[**-t**|**--type** signedBy|accept|reject]
-REGISTRY[/REPOSITORY]
+## SYNOPSIS
+**podman image trust** set|show [*options*] *REGISTRY[/REPOSITORY]*
-# DESCRIPTION
+## DESCRIPTION
Manages which registries you trust as a source of container images based on its location. The location is determined
by the transport and the registry host of the image. Using this container image `docker://docker.io/library/busybox`
as an example, `docker` is the transport and `docker.io` is the registry host.
@@ -40,32 +34,33 @@ Require signature (“signedBy”).
Trust may be updated using the command **podman image trust set** for an existing trust scope.
-# OPTIONS
-**-h** **--help**
+## OPTIONS
+**-h**, **--help**
Print usage statement.
-**-f** **--pubkeysfile**
+**-f**, **--pubkeysfile**=*KEY1*
A path to an exported public key on the local system. Key paths
will be referenced in policy.json. Any path to a file may be used but locating the file in **/etc/pki/containers** is recommended. Options may be used multiple times to
require an image be signed by multiple keys. The **--pubkeysfile** option is required for the **signedBy** type.
-**-t** **--type**
- The trust type for this policy entry. Accepted values:
+**-t**, **--type**=*value*
+ The trust type for this policy entry.
+ Accepted values:
**signedBy** (default): Require signatures with corresponding list of
public keys
**accept**: do not require any signatures for this
registry scope
**reject**: do not accept images for this registry scope
-# show OPTIONS
+## show OPTIONS
**--raw**
Output trust policy file as raw JSON
-**-j** **--json**
+**-j**, **--json**
Output trust as JSON for machine parsing
-# EXAMPLES
+## EXAMPLES
Accept all unsigned images from a registry
@@ -87,10 +82,10 @@ Display trust as JSON
sudo podman image trust show --json
-# SEE ALSO
+## SEE ALSO
policy-json(5)
-# HISTORY
+## HISTORY
January 2019, updated by Tom Sweeney (tsweeney at redhat dot com)
December 2018, originally compiled by Qi Wang (qiwan at redhat dot com)