https://github.com/austinjhunt/docker-compose-trust
Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'. You instead have to use 'docker trust sign <image>:<tag>' for every image in your compose file, and for each of them, pass in the root signing key passphrase AND the repo signing key passphrase. This project handles that automatically.
Science Score: 13.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
○.zenodo.json file
-
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (6.3%) to scientific vocabulary
Repository
Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'. You instead have to use 'docker trust sign <image>:<tag>' for every image in your compose file, and for each of them, pass in the root signing key passphrase AND the repo signing key passphrase. This project handles that automatically.
Basic Info
Statistics
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 0
- Releases: 0
Metadata Files
README.md
Docker Compose Trust
Docker Compose is not compatible with Docker Content Trust, meaning you can't say 'docker-compose trust sign'.
You instead have to use 'docker trust sign
Requirements
- Have a LastPass account, and have LastPass CLI installed (to use the lpass command)
- Have your signing key passphrases for each image stored in LastPass as a secure password with the name in this standardized format:
dct_IMAGE_signingkeypassex: dct_myserviceaccount/myubuntuimage_signingkeypass - Have your root signing key passphrase stored in LastPass as a secure password with the name in the standardized format:
dct-root-signing-key-pass - Have your signer key passphrase stored in LastPass as a secure password with the name in the standardized format:
dct-signer-key-passNote: an assumption is made here that the signer is the same for all images in your compose file. ## What does this do? This script extracts the names of the referenced images from your docker-compose file, and uses the docker trust sign command on each of those images, allowing you to sign all of your images at once. ## How does it work? Since docker trust prompts for the key-signing passphrases, the script uses the LastPass CLI to pull those passphrases from your LastPass account and pass them into either 1) environment variables or 2) stdin. ## Usage - Clone the repository
git clone https://hammond.cofc.edu/huntaj/docker-compose-trust.git - Navigate into the project and source the script to create the alias for the primary function (alias is 'docker-compose-trust')
source docker-compose-sign-all.sh - Navigate into the directory where your docker-compose.yml file is that references all of the images you want to sign.
e.g.: cd ~/mycode/lsdocker-compose.yml ..... - Execute the alias
docker-compose-trust
Owner
- Name: Austin Hunt
- Login: austinjhunt
- Kind: user
- Location: Greenville, SC
- Company: College of Charleston
- Website: https://austinjhunt.com
- Twitter: austinsketches
- Repositories: 20
- Profile: https://github.com/austinjhunt
Portrait-artist-turned-computer-geek with a fused love for the visual and the technical, bringing experience with and excitement for web dev, automation, & art
GitHub Events
Total
Last Year
Issues and Pull Requests
Last synced: about 1 year ago
All Time
- Total issues: 0
- Total pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Total issue authors: 0
- Total pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Past Year
- Issues: 0
- Pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Issue authors: 0
- Pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0