Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

spec: update notation cli md file as index for sub-commands #374

Merged
merged 24 commits into from
Oct 21, 2022
+37 −206
Merged

spec: update notation cli md file as index for sub-commands #374

Changes from 11 commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
df1e729
Build:Bump dependencies
yizha1 Aug 18, 2022
bcc2ea4
Build: Bump dependencies
yizha1 Aug 18, 2022
f72b2a6
Build: Bump dependencies
yizha1 Aug 18, 2022
1950096
Merge branch 'notaryproject:main' into main
yizha1 Aug 18, 2022
4b76dfc
Merge branch 'notaryproject:main' into main
yizha1 Aug 19, 2022
c0f2d12
Merge branch 'notaryproject:main' into main
yizha1 Sep 7, 2022
8735263
Merge branch 'notaryproject:main' into main
yizha1 Sep 20, 2022
7ddfebd
Merge branch 'notaryproject:main' into main
yizha1 Sep 28, 2022
75dd7aa
Merge branch 'notaryproject:main' into main
yizha1 Oct 6, 2022
6d7eec3
spec: update notation cli as index for sub commands
yizha1 Oct 11, 2022
a12a246
spec: fix a typo
yizha1 Oct 11, 2022
94ed3c4
Merge branch 'notaryproject:main' into main
yizha1 Oct 11, 2022
0b37d70
Merge branch 'notaryproject:main' into main
yizha1 Oct 14, 2022
d858e27
spec: update according to comments
yizha1 Oct 14, 2022
5289caa
spec: update according to comments
yizha1 Oct 17, 2022
0a11b6d
Merge branch 'main' of https://github.com/yizha1/notation into main
yizha1 Oct 18, 2022
ac23127
Merge branch 'main' of https://github.com/yizha1/notation into main
yizha1 Oct 19, 2022
b91b4cb
Merge branch 'main' of https://github.com/yizha1/notation into main
yizha1 Oct 20, 2022
1a22cd7
spec: update notation cli as index for sub commands
yizha1 Oct 11, 2022
9dcb11f
spec: fix a typo
yizha1 Oct 11, 2022
5633eb0
spec: update according to comments
yizha1 Oct 14, 2022
05005e0
spec: update according to comments
yizha1 Oct 17, 2022
fd76f3f
spec: update according to comments
yizha1 Oct 20, 2022
1a53960
spec: update according to comments
yizha1 Oct 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
322 changes: 41 additions & 281 deletions specs/notation-cli.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,284 +1,44 @@
# Notation CLI

The following spec outlines the notation CLI.
The CLI commands are what's currently available in [notation v0.7.1-alpha.1](https://github.com/notaryproject/notation/releases/tag/v0.7.1-alpha.1). The CLI experience in alpha.1 does not represent the final user experience, and CLI commands may have breaking changes before RC release as the CLI experience is finalized.

## Table of Contents
- [notation](#notation): command group for signing and verification operations
- [cache](#cache): Manage signature cache
- [certificate](#certificate): Manage certificates used for verification
- [key](#key): Manage keys used for signing
- [list](#list): List signatures from remote
- [login](#login): Provide credentials for authenticated registry operations
- [plugin](#plugin): Manage KMS plugins
- [pull](#pull): Pull signatures from remote
- [push](#push): Push signature to remote
- [sign](#sign): Signs artifacts
- [verify](#verify): Verifies OCI Artifacts

## notation

```bash
notation help
NAME:
notation - Notation - Notary V2

USAGE:
notation [global options] command [command options] [arguments...]

VERSION:
0.0.0-SNAPSHOT-17c7607

AUTHOR:
CNCF Notary Project

COMMANDS:
cache Manage signature cache
certificate, cert Manage certificates used for verification
key Manage keys used for signing
list, ls List signatures from remote
login Provide credentials for authenticated registry operations
plugin Manage KMS plugins
pull Pull signatures from remote
push Push signature to remote
sign Signs artifacts
verify Verifies OCI Artifacts
help, h Shows a list of commands or help for one command

GLOBAL OPTIONS:
--help, -h show help (default: false)
--version, -v print the version (default: false)
```

## cache

```console
notation cache --help
NAME:
notation cache - Manage signature cache

USAGE:
notation cache command [command options] [arguments...]

COMMANDS:
list, ls List signatures in cache
prune Prune signature from cache
remove, rm Remove signature from cache
help, h Shows a list of commands or help for one command

OPTIONS:
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--help, -h show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
```

## certificate

```console
notation certificate --help
NAME:
notation certificate - Manage certificates used for verification

USAGE:
notation certificate command [command options] [arguments...]

COMMANDS:
add Add certificate to verification list
list, ls List certificates used for verification
remove, rm Remove certificate from the verification list
generate-test Generates a test RSA key and a corresponding self-signed certificate
help, h Shows a list of commands or help for one command

OPTIONS:
--help, -h show help (default: false)
```

## key

```console
notation key --help
NAME:
notation key - Manage keys used for signing

USAGE:
notation key command [command options] [arguments...]

COMMANDS:
add Add key to signing key list
update, set Update key in signing key list
list, ls List keys used for signing
remove, rm Remove key from signing key list
help, h Shows a list of commands or help for one command

OPTIONS:
--help, -h show help (default: false)
```

## list

```console
notation list --help
NAME:
notation list - List signatures from remote

USAGE:
notation list [command options] <reference>

OPTIONS:
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--help, -h show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
```

## login

```console
notation login --help
NAME:
notation login - Provides credentials for authenticated registry operations

USAGE:
notation login [options] [server]

OPTIONS:
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--password-stdin Take the password from stdin
--help, -h Show help (default: false)

POSITIONAL
<server> The registry URL for authentication

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)

EXAMPLES
# Login with provided username and password
notation login -u <user> -p <password> registry.example.com

# Login using $NOTATION_USERNAME $NOTATION_PASSWORD variables
notation login registry.example.com

NOTES
Once login is completed, then -u -p is no longer required for any notation commands against the registry server authenticated.
```

## plugin

```console
notation plugin --help
NAME:
notation plugin - Manage plugins

USAGE:
notation plugin command [command options] [arguments...]

COMMANDS:
list List registered plugins
help, h Shows a list of commands or help for one command

OPTIONS:
--help, -h show help (default: false)
```

## pull

```console
notation pull --help
NAME:
notation pull - Pull signatures from remote

USAGE:
notation pull [command options] <reference>

OPTIONS:
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--strict Pull the signature without lookup the manifest (default: false)
--output value, -o value Write signature to a specific path
--help, -h Show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
```

## push

```console
notation push --help
NAME:
notation push - Push signature to remote

USAGE:
notation push [command options] <reference>

OPTIONS:
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--signature value, -s value, -f value signature files (accepts multiple inputs)
--help, -h show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
```

## sign

```console
notation sign --help
NAME:
notation sign - Signs artifacts

USAGE:
notation sign [command options] <reference>

OPTIONS:
--key value, -k value signing key name
--key-file value signing key file
--cert-file value signing certificate file
--timestamp value, -t value timestamp the signed signature via the remote TSA
--expiry value, -e value expire duration (default: 0s)
--reference value, -r value original reference
--local, -l reference is a local file (default: false)
--output value, -o value write signature to a specific path
--push push after successful signing (default: true)
--push-reference value different remote to store signature
--media-type value specify the media type of the manifest read from file or stdin (default: "application/vnd.docker.distribution.manifest.v2+json")
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--help, -h show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
```

## verify

```console
notation verify --help
NAME:
notation verify - Verifies OCI Artifacts

USAGE:
notation verify [command options] <reference>

OPTIONS:
--signature value, -s value, -f value signature files (accepts multiple inputs)
--cert value, -c value certificate names for verification (accepts multiple inputs)
--cert-file value certificate files for verification (accepts multiple inputs)
--pull pull remote signatures before verification (default: true)
--local, -l reference is a local file (default: false)
--media-type value specify the media type of the manifest read from file or stdin (default: "application/vnd.docker.distribution.manifest.v2+json")
--username value, -u value Username for registry operations [$NOTATION_USERNAME]
--password value, -p value Password for registry operations [$NOTATION_PASSWORD]
--help, -h show help (default: false)

GLOBAL ARGUMENTS
--plain-http Registry access via plain HTTP (default: false)
This spec contains reference information on using notation commands. Each command has a reference page along with usages.

## Notation Commands

| Command | Description |
| ------------------------------------------- | -------------------------------------- |
| [certificate](./commandline/certificate.md) | Manage certificates in trust store |
| [key](./commandline/key.md) | Manage keys used for signing |
| [list](./commandline/list.md) | List signatures of the signed artifact |
| [login](./commandline/login.md) | Login to registries |
| [logout](./commandline/logout.md) | Log out from the logged in registries |
| [plugin](./commandline/plugin.md) | Manage plugins |
| [sign](./commandline/sign.md) | Sign artifacts |
| [verify](./commandline/verify.md) | Verify artifacts |
| [version](./commandline/version.md) | Print the version |

## Notation Outline

```text
Notation - Notary V2 - a tool to sign, store, and verify artifacts
yizha1 marked this conversation as resolved.
Show resolved Hide resolved

Usage:
notation [command]

Available Commands:
certificate Manage certificates in trust store
help Help about any command
yizha1 marked this conversation as resolved.
Show resolved Hide resolved
key Manage keys used for signing
list List signatures of the signed artifact
login Login to registries
logout Log out from the logged in registries
plugin Manage plugins
sign Sign artifacts
verify Verify artifacts
yizha1 marked this conversation as resolved.
Show resolved Hide resolved
version Print the version
yizha1 marked this conversation as resolved.
Show resolved Hide resolved

Flags:
-h, --help help for notation
--plain-http Registry access via plain HTTP
yizha1 marked this conversation as resolved.
Show resolved Hide resolved

Use "notation [command] --help" for more information about a command.
```