Add cmdline docs for signing and verification flows

Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
2015-07-07 20:14:47 -07:00 · 2015-07-07 20:14:47 -07:00 · 48250832a3
parent 84e917b876
commit 48250832a3
5 changed files with 7 additions and 0 deletions
--- a/docs/reference/commandline/cli.md
+++ b/docs/reference/commandline/cli.md
@ -49,6 +49,8 @@ by the `docker` command line:
  unsuitable for Docker.
 * `DOCKER_RAMDISK` If set this will disable 'pivot_root'.
 * `DOCKER_TLS_VERIFY` When set Docker uses TLS and verifies the remote.
+* `DOCKER_TRUST` When set Docker uses notary to sign and verify images.
+  Equates to `--untrusted=false` for build, create, pull, push, run.
 * `DOCKER_TMPDIR` Location for temporary Docker files.

 Because Docker is developed using 'Go', you can also use any environment
--- a/docs/reference/commandline/create.md
+++ b/docs/reference/commandline/create.md
@ -61,6 +61,7 @@ Creates a new container.
      --restart="no"             Restart policy (no, on-failure[:max-retry], always)
      --security-opt=[]          Security options
      -t, --tty=false            Allocate a pseudo-TTY
+      --untrusted=true           Skip image verification
      -u, --user=""              Username or UID
      --ulimit=[]                Ulimit options
      --uts=""                   UTS namespace to use
--- a/docs/reference/commandline/pull.md
+++ b/docs/reference/commandline/pull.md
@ -16,6 +16,7 @@ weight=1
    Pull an image or a repository from the registry

      -a, --all-tags=false    Download all tagged images in the repository
+      --untrusted=true        Skip image verification

 Most of your images will be created on top of a base image from the
 [Docker Hub](https://hub.docker.com) registry.
--- a/docs/reference/commandline/push.md
+++ b/docs/reference/commandline/push.md
@ -15,5 +15,7 @@ weight=1

    Push an image or a repository to the registry

+    --untrusted=true           Skip image signing
+
 Use `docker push` to share your images to the [Docker Hub](https://hub.docker.com)
 registry or to a self-hosted one.
--- a/docs/reference/commandline/run.md
+++ b/docs/reference/commandline/run.md
@ -65,6 +65,7 @@ weight=1
      -t, --tty=false            Allocate a pseudo-TTY
      -u, --user=""              Username or UID (format: <name|uid>[:<group|gid>])
      --ulimit=[]                Ulimit options
+      --untrusted=true           Skip image verification
      --uts=""                   UTS namespace to use
      -v, --volume=[]            Bind mount a volume
      --volumes-from=[]          Mount volumes from the specified container(s)