Story #9511

Updated by about 2 years ago

To add a single signature, PUT a new json object with `version` set to 2( manifest schema version) , `type` set to atomic, and `content` set to the base64 encoded signature data (usually a GPG signed data). 
 Name should be set to an unique name with the form digest@per-image-name, where digest is an image manifest digest (also used in the URL), and per-image-name is any unique identifier. 
 $ curl -X PUT --data @signature.json http://<registry_endpoint>:24817/extensions/v2/<namespace>/<name>/signatures/<imagesha256digest> 

 cat signature.json 

     "version": 2, 
     "type":      "atomic", "docker", 
     "name":      "sha256:4028782c08eae4a8c9a28bf661c0a8d1c2fc8e19dbaae2b018b21011197e1484@cddeb7006d914716e2728000746a0b23", 
     "content": "<base64 encoded signature>", 

 See and 

 **Note** skopeo will upload signature given that regitry has present `X-Registry-Supports-Signatures ` header