Skip to content

Commit c18c64e

Browse files
ttorblettorble
authored
Acrolinx
1 parent 7d12aad commit c18c64e

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/container-registry/container-registry-tutorial-sign-build-push.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -184,7 +184,7 @@ The following steps show how to create a self-signed certificate for testing pur
184184
> [!IMPORTANT]
185185
> If you have Docker installed on your system and used `az acr login` or `docker login` to authenticate to your ACR, your credentials are already stored and available to notation. In this case, you don’t need to run `notation login` again to authenticate to your ACR. To learn more about authentication options for notation, see [Authenticate with OCI-compliant registries](https://notaryproject.dev/docs/user-guides/how-to/registry-authentication/).
186186
187-
2. Build and push a new image with ACR Tasks. Always use the digest value to identify the image for signing since tags are mutable and and can be overwritten.
187+
2. Build and push a new image with ACR Tasks. Always use the digest value to identify the image for signing since tags are mutable and can be overwritten.
188188
189189
```bash
190190
DIGEST=$(az acr build -r $ACR_NAME -t $REGISTRY/${REPO}:$TAG $IMAGE_SOURCE --no-logs --query "outputImages[0].digest" -o tsv)
@@ -197,13 +197,13 @@ The following steps show how to create a self-signed certificate for testing pur
197197
IMAGE=$REGISTRY/${REPO}@$TAG
198198
```
199199
200-
3. Get the Key ID of the signing key. A certificate in AKV can have multiple versions, the following command gets the Key Id of the latest version.
200+
3. Get the Key ID of the signing key. A certificate in AKV can have multiple versions, the following command gets the Key ID of the latest version.
201201
202202
```bash
203203
KEY_ID=$(az keyvault certificate show -n $CERT_NAME --vault-name $AKV_NAME --query 'kid' -o tsv)
204204
```
205205
206-
4. Sign the container image with the [COSE](https://datatracker.ietf.org/doc/html/rfc9052) signature format using the signing key id. To sign with a self-signed certificate, you need to set the plugin configuration value `self_signed=true`.
206+
4. Sign the container image with the [COSE](https://datatracker.ietf.org/doc/html/rfc9052) signature format using the signing key ID. To sign with a self-signed certificate, you need to set the plugin configuration value `self_signed=true`.
207207
208208
```bash
209209
notation sign --signature-format cose --id $KEY_ID --plugin azure-kv --plugin-config self_signed=true $IMAGE

0 commit comments

Comments
 (0)