table of contents
- bookworm 4.3.1+ds1-8+deb12u1
- testing 5.2.5-1
- unstable 5.2.5-1
- experimental 5.3.0+ds1-1
podman-manifest-add(1) | General Commands Manual | podman-manifest-add(1) |
NAME¶
podman-manifest-add - Add an image or artifact to a manifest list or image index
SYNOPSIS¶
podman manifest add [options] listnameorindexname [transport]:imagename imageorartifactname [...]
DESCRIPTION¶
Adds the specified image to the specified manifest list or image index, or creates an artifact manifest and adds it to the specified image index.
RETURN VALUE¶
The list image's ID.
OPTIONS¶
--all¶
If the image which is added to the list or index is itself a list or index, add all of the contents to the local list. By default, only one image from such a list or index is added to the list or index. Combining --all with any of the other options described below is NOT recommended.
--annotation=annotation=value¶
Set an annotation on the entry for the specified image or artifact.
--arch=architecture¶
Override the architecture which the list or index records as a requirement for the image. If imageName refers to a manifest list or image index, the architecture information is retrieved from it. Otherwise, it is retrieved from the image's configuration information.
--artifact¶
Create an artifact manifest and add it to the image index. Arguments after the index name will be interpreted as file names rather than as image references. In most scenarios, the --artifact-type option should also be specified.
--artifact-config=path¶
When creating an artifact manifest and adding it to the image index, use the specified file's contents as the configuration blob in the artifact manifest. In most scenarios, leaving the default value, which signifies an empty configuration, unchanged, is the preferred option.
--artifact-config-type=type¶
When creating an artifact manifest and adding it to the image index, use the specified MIME type as the mediaType associated with the configuration blob in the artifact manifest. In most scenarios, leaving the default value, which signifies either an empty configuration or the standard OCI configuration type, unchanged, is the preferred option.
--artifact-exclude-titles¶
When creating an artifact manifest and adding it to the image index, do not set "org.opencontainers.image.title" annotations equal to the file's basename for each file added to the artifact manifest. Tools which retrieve artifacts from a registry may use these values to choose names for files when saving artifacts to disk, so this option is not recommended unless it is required for interoperability with a particular registry.
--artifact-layer-type=type¶
When creating an artifact manifest and adding it to the image index, use the specified MIME type as the mediaType associated with the files' contents. If not specified, guesses based on either the files names or their contents will be made and used, but the option should be specified if certainty is needed.
--artifact-subject=imageName¶
When creating an artifact manifest and adding it to the image index, set the subject field in the artifact manifest to mark the artifact manifest as being associated with the specified image in some way. An artifact manifest can only be associated with, at most, one subject.
--artifact-type=type¶
When creating an artifact manifest, use the specified MIME type as the manifest's artifactType value instead of the less informative default value.
--authfile=path¶
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json on Linux, and $HOME/.config/containers/auth.json on Windows/macOS. The file is created by podman login. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login.
Note: There is also the option to override the default path of the authentication file by setting the REGISTRY_AUTH_FILE environment variable. This can be done with export REGISTRY_AUTH_FILE=path.
--cert-dir=path¶
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry. (Default: /etc/containers/certs.d) For details, see containers-certs.d(5). (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
--creds=[username[:password]]¶
The [username[:password]] to use to authenticate with the registry, if required. If one or both values are not supplied, a command line prompt appears and the value can be entered. The password is entered without echo.
Note that the specified credentials are only used to authenticate against target registries. They are not used for mirrors or when the registry gets rewritten (see containers-registries.conf(5)); to authenticate against those consider using a containers-auth.json(5) file.
--features=feature¶
Specify the features list which the list or index records as requirements for the image. This option is rarely used.
--os=OS¶
Override the OS which the list or index records as a requirement for the image. If imagename refers to a manifest list or image index, the OS information is retrieved from it. Otherwise, it is retrieved from the image's configuration information.
--os-version=version¶
Specify the OS version which the list or index records as a requirement for the image. This option is rarely used.
--tls-verify¶
Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, TLS verification is used. If set to false, TLS verification is not used. If not specified, TLS verification is used unless the target registry is listed as an insecure registry in containers-registries.conf(5)
--variant¶
Specify the variant which the list or index records for the image. This option is typically used to distinguish between multiple entries which share the same architecture value, but which expect different versions of its instruction set.
Transport¶
Multiple transports are supported:
docker://docker-reference (default)
An image in a registry implementing the "Docker Registry HTTP API
V2". By default, uses the authorization state in
$XDG_RUNTIME_DIR/containers/auth.json, which is set using (podman
login). If the authorization state is not found there,
$HOME/.docker/config.json is checked, which is set using (docker
login).
$ podman manifest add mylist:v1.11 docker://quay.io/username/myimage
containers-storage:oci-reference
An image in oci-reference format stored in the local container
storage. oci-reference must contain a tag.
$ podman manifest add mylist:v1.11 containers-storage:quay.io/username/myimage
dir:path
An existing local directory path storing the manifest, layer tarballs,
and signatures as individual files. This
is a non-standardized format, primarily useful for debugging or noninvasive
container inspection.
$ podman manifest add dir:/tmp/myimage
docker-archive:path[:docker-reference]
An image is stored in the docker save formatted file.
docker-reference is only used when creating such a
file, and it must not contain a digest.
$ podman manifest add docker-archive:/tmp/myimage
docker-daemon:docker-reference
An image in docker-reference format stored in the docker daemon
internal storage. The docker-reference can also be an image ID
(docker-daemon:algo:digest).
$ sudo podman manifest add docker-daemon:docker.io/library/myimage:33
oci-archive:path:tag
An image tag in a directory compliant with "Open Container Image
Layout Specification" at path.
$ podman manifest add oci-archive:/tmp/myimage
EXAMPLE¶
Add specified default image from source manifest list to destination manifest list:
podman manifest add mylist:v1.11 docker://fedora 71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
Add all images from source manfest list to destination manifest list:
podman manifest add --all mylist:v1.11 docker://fedora 71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
Add selected image matching arch and variant from source manifest list to destination manifest list:
podman manifest add --arch arm64 --variant v8 mylist:v1.11 docker://71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965