Merge pull request containers#1381 from mtrmac/signatures_docs

docs: Adding info re container signatures
lukewarmtemp · Jul 21, 2021 · b0ebbdd · b0ebbdd
2 parents ce2f64c + ec73ff3
commit b0ebbdd
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 5 deletions.
diff --git a/docs/skopeo-copy.1.md b/docs/skopeo-copy.1.md
@@ -150,7 +150,7 @@ skopeo  copy --encryption-key jwe:./public.key --encrypt-layer 1 oci:local_nginx
 ```
 
 ## SEE ALSO
-skopeo(1), skopeo-login(1), docker-login(1), containers-auth.json(5), containers-policy.json(5), containers-transports(5)
+skopeo(1), skopeo-login(1), docker-login(1), containers-auth.json(5), containers-policy.json(5), containers-transports(5), containers-signature(5)
 
 ## AUTHORS
 

diff --git a/docs/skopeo-standalone-sign.1.md b/docs/skopeo-standalone-sign.1.md
@@ -7,8 +7,7 @@ skopeo\-standalone-sign - Debugging tool - Publish and sign an image in one step
 **skopeo standalone-sign** [*options*] _manifest_ _docker-reference_ _key-fingerprint_ **--output**|**-o** _signature_
 
 ## DESCRIPTION
-This is primarily a debugging tool, or useful for special cases,
-and usually should not be a part of your normal operational workflow; use `skopeo copy --sign-by` instead to publish and sign an image in one step.
+This is primarily a debugging tool, useful for special cases, and usually should not be a part of your normal operational workflow; use `skopeo copy --sign-by` instead to publish and sign an image in one step.
 
   _manifest_ Path to a file containing the image manifest
 
@@ -25,6 +24,10 @@ $ skopeo standalone-sign busybox-manifest.json registry.example.com/example/busy
 $
 ```
 
+## NOTES
+
+This command is intended for use with local signatures e.g. OpenPGP ( other signature formats may be added in the future ), as per containers-signature(5). Furthermore, this command does **not** interact with the artifacts generated by Docker Content Trust (DCT). For more information, please see [containers-signature(5)](https://github.com/containers/image/blob/main/docs/containers-signature.5.md).
+
 ## SEE ALSO
 skopeo(1), skopeo-copy(1), containers-signature(5)
 

diff --git a/docs/skopeo-standalone-verify.1.md b/docs/skopeo-standalone-verify.1.md
@@ -8,7 +8,9 @@ skopeo\-standalone\-verify - Verify an image signature.
 
 ## DESCRIPTION
 
-Verify a signature using local files, digest will be printed on success.
+Verify a signature using local files; the digest will be printed on success. This is primarily a debugging tool, useful for special cases,
+and usually should not be a part of your normal operational workflow. Additionally, consider configuring a signature verification policy file,
+as per containers-policy.json(5).
 
   _manifest_ Path to a file containing the image manifest
 
@@ -27,8 +29,12 @@ $ skopeo standalone-verify busybox-manifest.json registry.example.com/example/bu
 Signature verified, digest sha256:20bf21ed457b390829cdbeec8795a7bea1626991fda603e0d01b4e7f60427e55
 ```
 
+## NOTES
+
+This command is intended for use with local signatures e.g. OpenPGP ( other signature formats may be added in the future ), as per containers-signature(5). Furthermore, this command does **not** interact with the artifacts generated by Docker Content Trust (DCT). For more information, please see [containers-signature(5)](https://github.com/containers/image/blob/main/docs/containers-signature.5.md).
+
 ## SEE ALSO
-skopeo(1), containers-signature(5)
+skopeo(1), containers-signature(5), containers-policy.json(5)
 
 ## AUTHORS