201 lines
8.6 KiB
Groff
201 lines
8.6 KiB
Groff
.nh
|
|
.TH podman-manifest-add 1
|
|
.SH NAME
|
|
podman-manifest-add \- Add an image or artifact to a manifest list or image index
|
|
|
|
.SH SYNOPSIS
|
|
\fBpodman manifest add\fP [\fIoptions\fP] \fIlistnameorindexname\fP [\fItransport\fP]:\fIimagename\fP \fIimageorartifactname\fP [...]
|
|
|
|
.SH DESCRIPTION
|
|
Adds the specified image to the specified manifest list or image index, or
|
|
creates an artifact manifest and adds it to the specified image index.
|
|
|
|
.SH RETURN VALUE
|
|
The list image's ID.
|
|
|
|
.SH OPTIONS
|
|
.SS \fB--all\fP
|
|
If the image which is added to the list or index is itself a list or
|
|
index, add all of the contents to the local list. By default, only one image
|
|
from such a list or index is added to the list or index. Combining
|
|
\fI--all\fP with any of the other options described below is NOT recommended.
|
|
|
|
.SS \fB--annotation\fP=\fIannotation=value\fP
|
|
Set an annotation on the entry for the specified image or artifact.
|
|
|
|
.SS \fB--arch\fP=\fIarchitecture\fP
|
|
Override the architecture which the list or index records as a requirement for
|
|
the image. If \fIimageName\fP refers to a manifest list or image index, the
|
|
architecture information is retrieved from it. Otherwise, it is
|
|
retrieved from the image's configuration information.
|
|
|
|
.SS \fB--artifact\fP
|
|
Create an artifact manifest and add it to the image index. Arguments after the
|
|
index name will be interpreted as file names rather than as image references.
|
|
In most scenarios, the \fB--artifact-type\fP option should also be specified.
|
|
|
|
.SS \fB--artifact-config\fP=\fIpath\fP
|
|
When creating an artifact manifest and adding it to the image index, use the
|
|
specified file's contents as the configuration blob in the artifact manifest.
|
|
In most scenarios, leaving the default value, which signifies an empty
|
|
configuration, unchanged, is the preferred option.
|
|
|
|
.SS \fB--artifact-config-type\fP=\fItype\fP
|
|
When creating an artifact manifest and adding it to the image index, use the
|
|
specified MIME type as the \fBmediaType\fR associated with the configuration blob
|
|
in the artifact manifest. In most scenarios, leaving the default value, which
|
|
signifies either an empty configuration or the standard OCI configuration type,
|
|
unchanged, is the preferred option.
|
|
|
|
.SS \fB--artifact-exclude-titles\fP
|
|
When creating an artifact manifest and adding it to the image index, do not
|
|
set "org.opencontainers.image.title" annotations equal to the file's basename
|
|
for each file added to the artifact manifest. Tools which retrieve artifacts
|
|
from a registry may use these values to choose names for files when saving
|
|
artifacts to disk, so this option is not recommended unless it is required
|
|
for interoperability with a particular registry.
|
|
|
|
.SS \fB--artifact-layer-type\fP=\fItype\fP
|
|
When creating an artifact manifest and adding it to the image index, use the
|
|
specified MIME type as the \fBmediaType\fR associated with the files' contents. If
|
|
not specified, guesses based on either the files names or their contents will
|
|
be made and used, but the option should be specified if certainty is needed.
|
|
|
|
.SS \fB--artifact-subject\fP=\fIimageName\fP
|
|
When creating an artifact manifest and adding it to the image index, set the
|
|
\fIsubject\fP field in the artifact manifest to mark the artifact manifest as being
|
|
associated with the specified image in some way. An artifact manifest can only
|
|
be associated with, at most, one subject.
|
|
|
|
.SS \fB--artifact-type\fP=\fItype\fP
|
|
When creating an artifact manifest, use the specified MIME type as the
|
|
manifest's \fBartifactType\fR value instead of the less informative default value.
|
|
|
|
.SS \fB--authfile\fP=\fIpath\fP
|
|
Path of the authentication file. Default is \fB${XDG_RUNTIME_DIR}/containers/auth.json\fR on Linux, and \fB$HOME/.config/containers/auth.json\fR on Windows/macOS.
|
|
The file is created by \fBpodman login\fP\&. If the authorization state is not found there, \fB$HOME/.docker/config.json\fR is checked, which is set using \fBdocker login\fP\&.
|
|
|
|
.PP
|
|
Note: There is also the option to override the default path of the authentication file by setting the \fBREGISTRY_AUTH_FILE\fR environment variable. This can be done with \fBexport REGISTRY_AUTH_FILE=\fIpath\fP\fP\&.
|
|
|
|
.SS \fB--cert-dir\fP=\fIpath\fP
|
|
Use certificates at \fIpath\fP (*\&.crt, *\&.cert, *\&.key) to connect to the registry. (Default: /etc/containers/certs.d)
|
|
For details, see \fBcontainers-certs.d(5)\fP\&.
|
|
(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
|
|
|
|
.SS \fB--creds\fP=\fI[username[:password]]\fP
|
|
The [username[:password]] to use to authenticate with the registry, if required.
|
|
If one or both values are not supplied, a command line prompt appears and the
|
|
value can be entered. The password is entered without echo.
|
|
|
|
.PP
|
|
Note that the specified credentials are only used to authenticate against
|
|
target registries. They are not used for mirrors or when the registry gets
|
|
rewritten (see \fBcontainers-registries.conf(5)\fR); to authenticate against those
|
|
consider using a \fBcontainers-auth.json(5)\fR file.
|
|
|
|
.SS \fB--features\fP=\fIfeature\fP
|
|
Specify the features list which the list or index records as requirements for
|
|
the image. This option is rarely used.
|
|
|
|
.SS \fB--os\fP=\fIOS\fP
|
|
Override the OS which the list or index records as a requirement for the image.
|
|
If \fIimagename\fP refers to a manifest list or image index, the OS information
|
|
is retrieved from it. Otherwise, it is retrieved from the image's
|
|
configuration information.
|
|
|
|
.SS \fB--os-version\fP=\fIversion\fP
|
|
Specify the OS version which the list or index records as a requirement for the
|
|
image. This option is rarely used.
|
|
|
|
.SS \fB--tls-verify\fP
|
|
Require HTTPS and verify certificates when contacting registries (default: \fBtrue\fP).
|
|
If explicitly set to \fBtrue\fP, TLS verification is used.
|
|
If set to \fBfalse\fP, TLS verification is not used.
|
|
If not specified, TLS verification is used unless the target registry
|
|
is listed as an insecure registry in \fBcontainers-registries.conf(5)\fP
|
|
|
|
.SS \fB--variant\fP
|
|
Specify the variant which the list or index records for the image. This option
|
|
is typically used to distinguish between multiple entries which share the same
|
|
architecture value, but which expect different versions of its instruction set.
|
|
|
|
.SH Transport
|
|
Multiple transports are supported:
|
|
|
|
.PP
|
|
\fBdocker://\fP\fIdocker-reference\fP \fI(default)\fP
|
|
An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in \fB$XDG_RUNTIME_DIR/containers/auth.json\fR, which is set using \fB(podman login)\fR\&. If the authorization state is not found there, \fB$HOME/.docker/config.json\fR is checked, which is set using \fB(docker login)\fR\&.
|
|
|
|
.EX
|
|
$ podman manifest add mylist:v1.11 docker://quay.io/username/myimage
|
|
.EE
|
|
|
|
.PP
|
|
\fBcontainers-storage:\fP\fIoci-reference\fP
|
|
An image in \fIoci-reference\fP format stored in the local container storage. \fIoci-reference\fP must contain a tag.
|
|
|
|
.EX
|
|
$ podman manifest add mylist:v1.11 containers-storage:quay.io/username/myimage
|
|
.EE
|
|
|
|
.PP
|
|
\fBdir:\fP\fIpath\fP
|
|
An existing local directory \fIpath\fP storing the manifest, layer tarballs, and signatures as individual files. This
|
|
is a non-standardized format, primarily useful for debugging or noninvasive container inspection.
|
|
|
|
.EX
|
|
$ podman manifest add dir:/tmp/myimage
|
|
.EE
|
|
|
|
.PP
|
|
\fBdocker-archive:\fP\fIpath\fP[\fB:\fP\fIdocker-reference\fP]
|
|
An image is stored in the \fBdocker save\fR formatted file. \fIdocker-reference\fP is only used when creating such a
|
|
file, and it must not contain a digest.
|
|
|
|
.EX
|
|
$ podman manifest add docker-archive:/tmp/myimage
|
|
.EE
|
|
|
|
.PP
|
|
\fBdocker-daemon:\fP\fIdocker-reference\fP
|
|
An image in \fIdocker-reference\fP format stored in the docker daemon internal storage. The \fIdocker-reference\fP can also be an image ID (docker-daemon:algo:digest).
|
|
|
|
.EX
|
|
$ sudo podman manifest add docker-daemon:docker.io/library/myimage:33
|
|
.EE
|
|
|
|
.PP
|
|
\fBoci-archive:\fP\fIpath\fP\fB:\fP\fItag\fP
|
|
An image \fItag\fP in a directory compliant with "Open Container Image Layout Specification" at \fIpath\fP\&.
|
|
|
|
.EX
|
|
$ podman manifest add oci-archive:/tmp/myimage
|
|
.EE
|
|
|
|
.SH EXAMPLES
|
|
Add specified default image from source manifest list to destination manifest list:
|
|
|
|
.EX
|
|
podman manifest add mylist:v1.11 docker://fedora
|
|
71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
|
|
.EE
|
|
|
|
.PP
|
|
Add all images from source manifest list to destination manifest list:
|
|
|
|
.EX
|
|
podman manifest add --all mylist:v1.11 docker://fedora
|
|
71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
|
|
.EE
|
|
|
|
.PP
|
|
Add selected image matching arch and variant from source manifest list to destination manifest list:
|
|
|
|
.EX
|
|
podman manifest add --arch arm64 --variant v8 mylist:v1.11 docker://71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
|
|
.EE
|
|
|
|
.SH SEE ALSO
|
|
\fBpodman(1)\fP, \fBpodman-manifest(1)\fP
|