notaryproject · patrickzheng200 · Apr 17, 2023 · Mar 25, 2023 · Mar 25, 2023 · Mar 25, 2023
@@ -29,6 +29,7 @@ Aliases:
 Flags:
   -d, --debug             debug mode
   -h, --help              help for list
+      --local-artifact    [Preview] list signatures associated with the artifact in OCI layout directory
   -p, --password string   password for registry operations (default to $NOTATION_PASSWORD if not specified)
       --plain-http        registry access via plain HTTP
   -u, --username string   username for registry operations (default to $NOTATION_USERNAME if not specified)
@@ -39,7 +40,7 @@ Flags:
 
 ### List all the signatures of the signed container image
 
-```text
+```shell
 notation list <registry>/<repository>:<tag>
 ```
 
@@ -51,3 +52,28 @@ localhost:5000/net-monitor:v1
     ├── sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
     └── sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
 ```
+
+### [Preview] List all the signatures associated with the image in OCI layout directory
+
+The following example lists the signatures associated with the image in OCI layout directory named `hello-world`.
+
+Reference an image in OCI layout directory using tags:
+
+```shell
+notation list --local-artifact ./hello-world:v1
+```
+
+Reference an image in OCI layout directory using exact digest:
+
+```shell
+notation list --local-artifact ./hello-world@sha256:xxx
+```
+
+An example output:
+
+```shell
+./hello-world@sha256:a08753c0c7bcdaaf5c2fdb375f68e860c34bffb146368982c201d41769e1763c
+└── application/vnd.cncf.notary.signature
+    ├── sha256:647039638efb22a021f59675c9449dd09956c981a44b82c1ff074513c2c9f273
+    └── sha256:6bfb3c4fd485d6810f9656ddd4fb603f0c414c5f0b175ef90eeb4090ebd9bfa1
+```
@@ -33,6 +33,7 @@ Flags:
   -h,  --help                       help for sign
        --id string                  key id (required if --plugin is set). This is mutually exclusive with the --key flag
   -k,  --key string                 signing key name, for a key previously added to notation's key list. This is mutually exclusive with the --id and --plugin flags
+       --local-artifact             [Preview] sign artifact on local disk
   -p,  --password string            password for registry operations (default to $NOTATION_PASSWORD if not specified)
        --plain-http                 registry access via plain HTTP
        --plugin string              signing plugin name. This is mutually exclusive with the --key flag
@@ -166,6 +167,37 @@ Successfully signed localhost:5000/net-monitor@sha256:b94d27b9934d3e08a52e52d7da
 notation sign --signature-manifest artifact <registry>/<repository>@<digest>
 ```
 
+### [Preview] Sign local OCI image
+
+A local OCI image means an OCI image Layout on local disk. OCI image layout is defined by spec [OCI image layout][oci-image-layout]. It is a directory structure that contains files and folders. Users can reference an image in the layout using either tags, or the exact digest. The OCI image layout could be a tarball or a directory. Notation only supports signing OCI layout directory for now.
+
+Tools like `docker buildx` support building an OCI image layout on local disk. The following example creates a tarball named `hello-world.tar` with tag `v1`, which is an OCI layout tarball on local disk. Please note that the digest can be found in the output messages of `docker buildx build`.
+
+```shell
+docker buildx create --use
+docker buildx build . -f Dockerfile -o type=oci,dest=hello-world.tar -t hello-world:v1
+```
+
+Users need to extract the tarball into a directory first. The following command creates the OCI layout directory, and the image can be referenced by `./hello-world:v1` or `./hello-world@sha256:xxx`.
+
+```shell
+mkdir hello-world
+tar -xf ./hello-world.tar -C hello-world
+```
+
+Use flag `--local-artifact` for signing local OCI images. For example:
+
+```shell
+notation sign --local-artifact ./hello-world@sha256:xxx
+```
+
+Upon successful signing, the signature is stored in the same layout directory and associated with the image. Use `notation list` command to list the signatures, for example:
+
+```shell
+notation list ./hello-world@sha256:xxx
+```
+
 [oci-artifact-manifest]: https://github.com/opencontainers/image-spec/blob/v1.1.0-rc2/artifact.md
 [oci-image-spec]: https://github.com/opencontainers/image-spec/blob/v1.1.0-rc2/spec.md
 [oci-referers-api]: https://github.com/opencontainers/distribution-spec/blob/v1.1.0-rc1/spec.md#listing-referrers
+[oci-image-layout]: https://github.com/opencontainers/image-spec/blob/v1.1.0-rc2/image-layout.md
@@ -37,9 +37,11 @@ Usage:
 Flags:
   -d,  --debug                       debug mode
   -h,  --help                        help for verify
+       --local-artifact              [Preview] verify artifact on local disk
   -p,  --password string             password for registry operations (default to $NOTATION_PASSWORD if not specified)
        --plain-http                  registry access via plain HTTP
        --plugin-config stringArray   {key}={value} pairs that are passed as it is to a plugin, if the verification is associated with a verification plugin, refer plugin documentation to set appropriate values
+       --scope string                [Preview] trust policy scope for local artifact verification.
   -u,  --username string             username for registry operations (default to $NOTATION_USERNAME if not specified)
   -m,  --user-metadata stringArray   user defined {key}={value} pairs that must be present in the signature for successful verification if provided
   -v,  --verbose                     verbose mode
@@ -168,3 +170,25 @@ An example of output messages for a successful verification:
 Warning:  Always verify the artifact using digest(@sha256:...) rather than a tag(:v1) because resolved digest may not point to the same signed artifact, as tags are mutable.
 Successfully verified signature for localhost:5000/net-monitor@sha256:b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
 ```
+
+### [Preview] Verify local OCI image
+
+Users should configure trust policy properly before verifying local OCI image. According to trust policy specification, `registryScopes` property determines which trust policy is applicable for the given artifact. The value of `registryScopes` should be a fully qualified URL for both local and remote images. For example, a remote image is referenced by "localhost:5000/net-monitor:v1", thus the value of `registryScopes` should contain "localhost:5000/net-monitor", which is the repository URL of the image. Local OCI image is in the form of OCI layout directory, the reference is different from a remote image, for example "./hello-world:v1". Besides flag `--local-artifact`, users need to specify which `registryScopes` is used to verify the local image using flag `--scope`. Here is an example of trust policy configured for local image `./hello-world:v1`:
+
+```jsonc
+{
+    "name": "local-images",
+    "registryScopes": [ "local/hello-world" ],
+    "signatureVerification": {
+        "level" : "strict"
+    },
+    "trustStores": [ "ca:hello-world" ],
+    "trustedIdentities": ["*"]
+}
+```
+
+To verify local image `./hello-world:v1`, use the following command:
+
+```shell
+notation verify --local-artifact --scope "local/hello-world" ./hello-world:v1
+```