https://github.com/natthasath/docker-trust-sign
Docker Content Trust (DCT) ensures the integrity and authenticity of Docker images by signing them with cryptographic keys. This allows users to verify the source and content of images, preventing unauthorized modifications and ensuring secure deployments.
https://github.com/natthasath/docker-trust-sign
docker-compose signature trust-sign
Last synced: 2 months ago
JSON representation
Docker Content Trust (DCT) ensures the integrity and authenticity of Docker images by signing them with cryptographic keys. This allows users to verify the source and content of images, preventing unauthorized modifications and ensuring secure deployments.
- Host: GitHub
- URL: https://github.com/natthasath/docker-trust-sign
- Owner: natthasath
- License: mit
- Created: 2024-07-31T08:56:49.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-11-18T03:48:55.000Z (over 1 year ago)
- Last Synced: 2026-01-17T20:33:54.664Z (6 months ago)
- Topics: docker-compose, signature, trust-sign
- Language: YAML
- Homepage: https://hub.docker.com/repository/docker/natthasath/docker-trust-sign/general
- Size: 6.84 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# 🎉 Docker Trust Sign
Docker Content Trust (DCT) ensures the integrity and authenticity of Docker images by signing them with cryptographic keys. This allows users to verify the source and content of images, preventing unauthorized modifications and ensuring secure deployments.



### ✍️ Sign
- Create Digital Signature
```shell
docker trust key generate signature
```
- Add Signer for Sign Repository with Public Key
```shell
docker trust signer add --key signature.pub signature natthasath/docker-trust-sign
```
- Trust Sign Image
```shell
docker trust sign natthasath/docker-trust-sign:latest
```
- Inspect Sign Image
```shell
docker trust inspect --pretty natthasath/docker-trust-sign
```
- Enable Docker Content Trust (DCT) for Sign Image
```shell
set DOCKER_CONTENT_TRUST=1
```
- Pull Sign Image
```shell
docker pull natthasath/docker-trust-sign
```
### 🥈 Run
- [http://localhost:8000/docs](http://localhost:8000/docs)
```shell
docker-compose up -d
```