antojoseph · December 6, 2023 23:09
diff --git a/terminal_log.log b/terminal_log.log

 ❯ docker login
 Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com/ to create one.
 You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is required for organizations using SSO. Learn more at https://docs.docker.com/go/access-tokens/

 Username: blocksek
 Password:
 Login Succeeded

 ❯ docker push blocksek/test
 Using default tag: latest
 The push refers to repository [docker.io/blocksek/test]
 a703f3546758: Pushed
 7867afa7f35d: Pushed
 latest: digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 size: 735


 ❯ docker trust sign blocksek/test:latest

 You are about to create a new root signing key passphrase. This passphrase
 will be used to protect the most sensitive key in your signing system. Please
 choose a long, complex passphrase and be careful to keep the password and the
 key file itself secure and backed up. It is highly recommended that you use a
 password manager to generate the passphrase and keep it safe. There will be no
 way to recover this key. You can find the key in your config directory.
 Enter passphrase for new root key with ID d2ba168:
 Repeat passphrase for new root key with ID d2ba168:
 Enter passphrase for new repository key with ID c99694f:
 Repeat passphrase for new repository key with ID c99694f:
 Enter passphrase for new blocksek key with ID 6f4eeeb:
 Repeat passphrase for new blocksek key with ID 6f4eeeb:
 Created signer: blocksek
 Finished initializing signed repository for blocksek/test:latest
 Signing and pushing trust data for local image blocksek/test:latest, may overwrite remote trust data
 The push refers to repository [docker.io/blocksek/test]
 a703f3546758: Layer already exists
 7867afa7f35d: Layer already exists
 latest: digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 size: 735
 Signing and pushing trust metadata
 Enter passphrase for blocksek key with ID 6f4eeeb:
 Successfully signed docker.io/blocksek/test:latest

 ❯ export DOCKER_CONTENT_TRUST=1

 ❯ docker pull blocksek/test:latest
 Pull (1 of 1): blocksek/test:latest@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
 docker.io/blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38: Pulling from blocksek/test
 Digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
 Status: Image is up to date for blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
 Tagging blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 as blocksek/test:latest
 docker.io/blocksek/test:latest

 What's Next?
  View a summary of image vulnerabilities and recommendations → docker scout quickview blocksek/test:latest

 ❯ docker trust inspect blocksek/test:latest

 [
    {
        "Name": "blocksek/test:latest",
        "SignedTags": [
            {
                "SignedTag": "latest",
                "Digest": "775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38",
                "Signers": [
                    "blocksek"
                ]
            }
        ],
        "Signers": [
            {
                "Name": "blocksek",
                "Keys": [
                    {
                        "ID": "6f4eeeb47fc718b8e115444b885581fcb85ad52fca7b179968b68544edd94bcf"
                    }
                ]
            }
        ],
        "AdministrativeKeys": [
            {
                "Name": "Root",
                "Keys": [
                    {
                        "ID": "827e505f3d0aac236efd57e7b37c78e637849f16c198e3ca5242ba966d484178"
                    }
                ]
            },
            {
                "Name": "Repository",
                "Keys": [
                    {
                        "ID": "c99694fcec572146ea2246b445f4a8b9fbe7346751107b498f216d0a0c16a4d8"
                    }
                ]
            }
        ]
    }
 ]

	❯ docker login
	Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com/ to create one.
	You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is required for organizations using SSO. Learn more at https://docs.docker.com/go/access-tokens/

	Username: blocksek
	Password:
	Login Succeeded

	❯ docker push blocksek/test
	Using default tag: latest
	The push refers to repository [docker.io/blocksek/test]
	a703f3546758: Pushed
	7867afa7f35d: Pushed
	latest: digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 size: 735


	❯ docker trust sign blocksek/test:latest

	You are about to create a new root signing key passphrase. This passphrase
	will be used to protect the most sensitive key in your signing system. Please
	choose a long, complex passphrase and be careful to keep the password and the
	key file itself secure and backed up. It is highly recommended that you use a
	password manager to generate the passphrase and keep it safe. There will be no
	way to recover this key. You can find the key in your config directory.
	Enter passphrase for new root key with ID d2ba168:
	Repeat passphrase for new root key with ID d2ba168:
	Enter passphrase for new repository key with ID c99694f:
	Repeat passphrase for new repository key with ID c99694f:
	Enter passphrase for new blocksek key with ID 6f4eeeb:
	Repeat passphrase for new blocksek key with ID 6f4eeeb:
	Created signer: blocksek
	Finished initializing signed repository for blocksek/test:latest
	Signing and pushing trust data for local image blocksek/test:latest, may overwrite remote trust data
	The push refers to repository [docker.io/blocksek/test]
	a703f3546758: Layer already exists
	7867afa7f35d: Layer already exists
	latest: digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 size: 735
	Signing and pushing trust metadata
	Enter passphrase for blocksek key with ID 6f4eeeb:
	Successfully signed docker.io/blocksek/test:latest

	❯ export DOCKER_CONTENT_TRUST=1

	❯ docker pull blocksek/test:latest
	Pull (1 of 1): blocksek/test:latest@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
	docker.io/blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38: Pulling from blocksek/test
	Digest: sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
	Status: Image is up to date for blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38
	Tagging blocksek/test@sha256:775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38 as blocksek/test:latest
	docker.io/blocksek/test:latest

	What's Next?
	View a summary of image vulnerabilities and recommendations → docker scout quickview blocksek/test:latest

	❯ docker trust inspect blocksek/test:latest

	[
	{
	"Name": "blocksek/test:latest",
	"SignedTags": [
	{
	"SignedTag": "latest",
	"Digest": "775f0cb42cb1fb931831f2327019c399313d7a507d16651064a055fffba41b38",
	"Signers": [
	"blocksek"
	]
	}
	],
	"Signers": [
	{
	"Name": "blocksek",
	"Keys": [
	{
	"ID": "6f4eeeb47fc718b8e115444b885581fcb85ad52fca7b179968b68544edd94bcf"
	}
	]
	}
	],
	"AdministrativeKeys": [
	{
	"Name": "Root",
	"Keys": [
	{
	"ID": "827e505f3d0aac236efd57e7b37c78e637849f16c198e3ca5242ba966d484178"
	}
	]
	},
	{
	"Name": "Repository",
	"Keys": [
	{
	"ID": "c99694fcec572146ea2246b445f4a8b9fbe7346751107b498f216d0a0c16a4d8"
	}
	]
	}
	]
	}
	]