Trust and Signing

Trust Enabled

Signing is enabled on this repository and all tag operations must be signed via Docker Content Trust.

When this feature is enabled, it will be possible to use the UI or client tools to change tag data without signing. This can make a signed tag point to a different image than the actual tag, and the underlying data could be garbage collected. It is important to have a strict separation between tags that are signed and tags that are not.

Trust Disabled

Signing is disabled on this repository.

Click "Enable Trust" to enable content trust on this repository.

Please note that this will not prevent users from overwriting signed tags without updating signatures. This means that:

Any tag operations in the UI or client can cause inconsistency
Builds should not push to signed tags

We recommend you maintain a strict separation between signed and unsigned tags to avoid any issues with garbage collection.

Warning: Disabling content trust will prevent users from pushing signed manifests to this repository and will delete all existing signing and trust data.