NAME¶ 名称
podman-manifest-push - Push a manifest list or image index to a registry
podman-manifest-push - 将清单列表或镜像索引推送到注册表
SYNOPSIS¶ 概要
podman manifest push [options] listnameorindexname [destination]
podman manifest push [选项] listnameorindexname [目的地]
DESCRIPTION¶ 描述
Pushes a manifest list or image index to a registry.
将清单列表或镜像索引推送到注册表。
RETURN VALUE¶ 返回值 ¶
The list image’s ID and the digest of the image’s manifest.
列出图像的 ID 和图像清单的摘要。
OPTIONS¶ 选项
--add-compression=compression¶
Makes sure that requested compression variant for each platform is added to the manifest list keeping original instance
intact in the same manifest list. Supported values are (gzip, zstd and zstd:chunked). Following flag can be used
multiple times.
确保为每个平台请求的压缩变体被添加到清单列表中,保持原始实例在同一清单列表中不变。支持的值为( gzip , zstd 和 zstd:chunked )。可以多次使用以下标志。
Note that --compression-format controls the compression format of each instance in the manifest list. --add-compression
will add another variant for each instance in the list with the specified compressions. --compression-format gzip --add-compression
zstd will push a manifest list with each instance being compressed with gzip plus an additional variant of each instance
being compressed with zstd.
请注意 --compression-format 控制清单列表中每个实例的压缩格式。 --add-compression 将为列表中的每个实例添加另一个变体,该变体具有指定的压缩格式。 --compression-format gzip --add-compression zstd 将推送一个清单列表,其中每个实例都使用 gzip 进行压缩,另外每个实例还使用 zstd 进行压缩的另一个变体。
--all¶
Push the images mentioned in the manifest list or image index, in addition to
the list or index itself. (Default true)
推送在清单列表或镜像索引中提到的镜像,以及列表或索引本身。(默认为 true)
--authfile=path¶
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json on Linux, and $HOME/.config/containers/auth.json on Windows/macOS.
The file is created by podman login. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login.
认证文件的路径。在 Linux 上默认为 ${XDG_RUNTIME_DIR}/containers/auth.json ,在 Windows/macOS 上默认为 $HOME/.config/containers/auth.json 。该文件由 podman login 创建。如果授权状态未在那里找到,则会检查 $HOME/.docker/config.json ,该值是使用 docker login 设置的。
Note: There is also the option to override the default path of the authentication file by setting the REGISTRY_AUTH_FILE environment variable. This can be done with export REGISTRY_AUTH_FILE=path.
注意:还有一种选择,可以通过设置 REGISTRY_AUTH_FILE 环境变量来覆盖认证文件的默认路径。可以通过 export REGISTRY_AUTH_FILE=path 来实现。
--cert-dir=path¶
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry. (Default: /etc/containers/certs.d)
For details, see containers-certs.d(5).
(This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
使用证书路径(*.crt, *.cert, *.key)连接到注册表。 (默认值:/etc/containers/certs.d)有关详细信息,请参阅 containers-certs.d(5)。 (此选项不适用于远程 Podman 客户端,包括 Mac 和 Windows(不包括 WSL2)机器)
--compression-format=gzip | zstd | zstd:chunked¶
Specifies the compression format to use. Supported values are: gzip, zstd and zstd:chunked. The default is gzip unless overridden in the containers.conf file.
指定要使用的压缩格式。支持的值为: gzip , zstd 和 zstd:chunked 。除非在 containers.conf 文件中被覆盖,否则默认值为 gzip 。
--compression-level=level¶
Specifies the compression level to use. The value is specific to the compression algorithm used, e.g. for zstd the accepted values are in the range 1-20 (inclusive) with a default of 3, while for gzip it is 1-9 (inclusive) and has a default of 5.
指定要使用的压缩级别。该值特定于所使用的压缩算法,例如对于 zstd,接受的值在范围 1-20(包括 1 和 20)之间,默认值为 3;而对于 gzip,接受的值在范围 1-9(包括 1 和 9)之间,默认值为 5。
--creds=[username[:password]]¶
--creds=[用户名[:密码]] ¶
The [username[:password]] to use to authenticate with the registry, if required.
If one or both values are not supplied, a command line prompt appears and the
value can be entered. The password is entered without echo.
如果需要,用于与注册表进行身份验证的[用户名[:密码]]。如果一个或两个值未提供,将出现命令行提示,并可以输入该值。密码输入时不会显示。
Note that the specified credentials are only used to authenticate against
target registries. They are not used for mirrors or when the registry gets
rewritten (see containers-registries.conf(5)); to authenticate against those
consider using a containers-auth.json(5) file.
请注意,指定的凭据仅用于对目标注册表进行身份验证。它们不用于镜像或注册表被重写时(请参阅 containers-registries.conf(5) );要对其进行身份验证,请考虑使用 containers-auth.json(5) 文件。
--digestfile=Digestfile¶
After copying the image, write the digest of the resulting image to the file.
复制图像后,将生成的图像的摘要写入文件。
--force-compression¶
If set, push uses the specified compression algorithm even if the destination contains a differently-compressed variant already.
Defaults to true if --compression-format is explicitly specified on the command-line, false otherwise.
如果设置,即使目标已包含不同压缩变体,推送也会使用指定的压缩算法。如果在命令行上明确指定了 --compression-format ,则默认为 true ,否则为 false 。
--format, -f=format¶
Manifest list type (oci or v2s2) to use when pushing the list (default is oci).
推送列表时要使用的清单列表类型(oci 或 v2s2)(默认为 oci)。
--quiet, -q¶
When writing the manifest, suppress progress output
写入清单时,抑制进度输出。
--remove-signatures¶
Don’t copy signatures when pushing images.
推送镜像时不复制签名。
--rm¶
Delete the manifest list or image index from local storage if pushing succeeds.
如果推送成功,则从本地存储中删除清单列表或镜像索引。
--sign-by=fingerprint¶
Sign the pushed images with a “simple signing” signature using the specified key. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
使用指定的密钥对推送的镜像进行“简单签名”。(此选项不适用于远程 Podman 客户端,包括 Mac 和 Windows(不包括 WSL2)机器)
--sign-by-sigstore=param-file¶
Add a sigstore signature based on further options specified in a container’s sigstore signing parameter file param-file.
See containers-sigstore-signing-params.yaml(5) for details about the file format.
根据容器的 sigstore 签名参数文件 param-file 中进一步指定的选项添加 sigstore 签名。有关文件格式的详细信息,请参阅 containers-sigstore-signing-params.yaml(5)。
--sign-by-sigstore-private-key=path¶
--使用指定路径的私钥对推送的镜像进行 sigstore 签名
Sign the pushed images with a sigstore signature using a private key at the specified path. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
使用指定路径处的私钥,对推送的镜像进行 sigstore 签名。(此选项不适用于远程 Podman 客户端,包括 Mac 和 Windows(不包括 WSL2)机器)
--sign-passphrase-file=path¶
--sign-passphrase-file=path
If signing the image (using either --sign-by or --sign-by-sigstore-private-key), read the passphrase to use from the specified path.
如果签署图像(使用 --sign-by 或 --sign-by-sigstore-private-key),请从指定路径读取要使用的密码。
--tls-verify¶
Require HTTPS and verify certificates when contacting registries (default: true).
If explicitly set to true, TLS verification is used.
If set to false, TLS verification is not used.
If not specified, TLS verification is used unless the target registry
is listed as an insecure registry in containers-registries.conf(5)
在联系注册表时需要 HTTPS 并验证证书(默认值为 true)。如果显式设置为 true,则使用 TLS 验证。如果设置为 false,则不使用 TLS 验证。如果未指定,则除非目标注册表在 containers-registries.conf(5) 中被列为不安全注册表,否则将使用 TLS 验证。
DESTINATION¶ 目的地
DESTINATION is the location the container image is pushed to. It supports all transports from containers-transports(5). If no transport is specified, the docker (i.e., container registry) transport is used. For remote clients, including Mac and Windows (excluding WSL2) machines, docker is the only supported transport.
目的地是容器镜像推送到的位置。它支持来自 containers-transports(5) 的所有传输。如果未指定传输方式,则使用 docker (即容器注册表)传输。对于远程客户端,包括 Mac 和 Windows(不包括 WSL2)机器, docker 是唯一支持的传输方式。
EXAMPLE¶ 例子 ¶
Push manifest list to container registry:
将清单列表推送到容器注册表:
podman manifest push mylist:v1.11 docker://registry.example.org/mylist:v1.11