https://github.com/austinjhunt/docker-compose-trust

Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'. You instead have to use 'docker trust sign <image>:<tag>' for every image in your compose file, and for each of them, pass in the root signing key passphrase AND the repo signing key passphrase. This project handles that automatically.

https://github.com/austinjhunt/docker-compose-trust

Science Score: 13.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (6.3%) to scientific vocabulary
Last synced: 10 months ago · JSON representation

Repository

Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'. You instead have to use 'docker trust sign <image>:<tag>' for every image in your compose file, and for each of them, pass in the root signing key passphrase AND the repo signing key passphrase. This project handles that automatically.

Basic Info
  • Host: GitHub
  • Owner: austinjhunt
  • Language: Shell
  • Default Branch: master
  • Homepage:
  • Size: 1.95 KB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 1
  • Open Issues: 0
  • Releases: 0
Created about 6 years ago · Last pushed about 6 years ago
Metadata Files
Readme

README.md

Docker Compose Trust

Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'. You instead have to use 'docker trust sign :' for every image in your compose file, and for each of them, pass in the root signing key passphrase AND the repo signing key passphrase.

Requirements

  1. Have a LastPass account, and have LastPass CLI installed (to use the lpass command)
  2. Have your signing key passphrases for each image stored in LastPass as a secure password with the name in this standardized format: dct_IMAGE_signingkeypass ex: dct_myserviceaccount/myubuntuimage_signingkeypass
  3. Have your root signing key passphrase stored in LastPass as a secure password with the name in the standardized format: dct-root-signing-key-pass
  4. Have your signer key passphrase stored in LastPass as a secure password with the name in the standardized format: dct-signer-key-pass Note: an assumption is made here that the signer is the same for all images in your compose file. ## What does this do? This script extracts the names of the referenced images from your docker-compose file, and uses the docker trust sign command on each of those images, allowing you to sign all of your images at once. ## How does it work? Since docker trust prompts for the key-signing passphrases, the script uses the LastPass CLI to pull those passphrases from your LastPass account and pass them into either 1) environment variables or 2) stdin. ## Usage
  5. Clone the repository git clone https://hammond.cofc.edu/huntaj/docker-compose-trust.git
  6. Navigate into the project and source the script to create the alias for the primary function (alias is 'docker-compose-trust') source docker-compose-sign-all.sh
  7. Navigate into the directory where your docker-compose.yml file is that references all of the images you want to sign. e.g.: cd ~/mycode/ ls docker-compose.yml .....
  8. Execute the alias docker-compose-trust

Owner

  • Name: Austin Hunt
  • Login: austinjhunt
  • Kind: user
  • Location: Greenville, SC
  • Company: College of Charleston

Portrait-artist-turned-computer-geek with a fused love for the visual and the technical, bringing experience with and excitement for web dev, automation, & art

GitHub Events

Total
Last Year

Issues and Pull Requests

Last synced: about 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels