summaryrefslogtreecommitdiff
path: root/docs/kpod-push.1.md
blob: a9d314cbe7e42bcc49feab5b5f685e79ab4f66d1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
% kpod(1) kpod-push - Push an image from local storage to elsewhere
% Dan Walsh
# kpod-push "1" "June 2017" "kpod"

## NAME
kpod push - Push an image from local storage to elsewhere

## SYNOPSIS
**kpod** **push** [*options* [...]] **imageID** [**destination**]

## DESCRIPTION
Pushes an image from local storage to a specified destination, decompressing
and recompressing layers as needed.

## imageID
Image stored in local container/storage

## DESTINATION

 The DESTINATION is a location to store container images
 The Image "DESTINATION" uses a "transport":"details" format.

 Multiple transports are supported:

  **dir:**_path_
  An existing local directory _path_ storing the manifest, layer tarballs and signatures as individual files. This is a non-standardized format, primarily useful for debugging or noninvasive container inspection.

  **docker://**_docker-reference_
  An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set using `(kpod login)`. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using `(docker login)`.

  **docker-archive:**_path_[**:**_docker-reference_]
  An image is stored in the `docker save` formatted file.  _docker-reference_ is only used when creating such a file, and it must not contain a digest.

  **docker-daemon:**_docker-reference_
  An image _docker-reference_ stored in the docker daemon internal storage.  _docker-reference_ must contain either a tag or a digest.  Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).

  **oci-archive:**_path_**:**_tag_
  An image _tag_ in a directory compliant with "Open Container Image Layout Specification" at _path_.

  **ostree:**_image_[**@**_/absolute/repo/path_]
  An image in local OSTree repository.  _/absolute/repo/path_ defaults to _/ostree/repo_.

## OPTIONS

**--authfile**

Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `kpod login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.

**--creds="CREDENTIALS"**

Credentials (USERNAME:PASSWORD) to use for authenticating to a registry

**cert-dir="PATHNAME"**

Pathname of a directory containing TLS certificates and keys

**--disable-compression, -D**

Don't compress copies of filesystem layers which will be pushed

**--quiet, -q**

When writing the output image, suppress progress output

**--remove-signatures**

Discard any pre-existing signatures in the image

**--signature-policy="PATHNAME"**

Pathname of a signature policy file to use.  It is not recommended that this
option be used, as the default behavior of using the system-wide default policy
(frequently */etc/containers/policy.json*) is most often preferred

**--sign-by="KEY"**

Add a signature at the destination using the specified key

**--tls-verify**

Require HTTPS and verify certificates when contacting registries (default: true)

## EXAMPLE

This example extracts the imageID image to a local directory in docker format.

 `# kpod push imageID dir:/path/to/image`

This example extracts the imageID image to a local directory in oci format.

 `# kpod push imageID oci-archive:/path/to/layout:image:tag`

This example extracts the imageID image to a container registry named registry.example.com

 `# kpod push imageID docker://registry.example.com/repository:tag`

This example extracts the imageID image and puts into the local docker container store

 `# kpod push imageID docker-daemon:image:tag`

This example pushes the alpine image to umohnani/alpine on dockerhub and reads the creds from
the path given to --authfile

```
# kpod push --authfile temp-auths/myauths.json alpine docker://docker.io/umohnani/alpine
Getting image source signatures
Copying blob sha256:5bef08742407efd622d243692b79ba0055383bbce12900324f75e56f589aedb0
 4.03 MB / 4.03 MB [========================================================] 1s
Copying config sha256:ad4686094d8f0186ec8249fc4917b71faa2c1030d7b5a025c29f26e19d95c156
 1.41 KB / 1.41 KB [========================================================] 1s
Writing manifest to image destination
Storing signatures
```

## SEE ALSO
kpod(1), kpod-pull(1), crio(8), crio.conf(5), docker-login(1)