DockerCLI/docs/reference/commandline/trust_revoke.md

# trust revoke

<!---MARKER_GEN_START-->
Remove trust for an image

### Options

| Name          | Type | Default | Description                    |
|:--------------|:-----|:--------|:-------------------------------|
| `-y`, `--yes` |      |         | Do not prompt for confirmation |


<!---MARKER_GEN_END-->

## Description

`docker trust revoke` removes signatures from tags in signed repositories.

## Examples

### Revoke signatures from a signed tag

Here's an example of a repo with two signed tags:


```console
$ docker trust inspect --pretty example/trust-demo
SIGNED TAG          DIGEST                                                              SIGNERS
red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob

List of signers and their keys for example/trust-demo:

SIGNER              KEYS
alice               05e87edcaecb
bob                 5600f5ab76a2

Administrative keys for example/trust-demo:
Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
```

When `alice`, one of the signers, runs `docker trust revoke`:

```console
$ docker trust revoke example/trust-demo:red
Enter passphrase for delegation key with ID 27d42a8:
Successfully deleted signature for example/trust-demo:red
```

After revocation, the tag is removed from the list of released tags:

```console
$ docker trust inspect --pretty example/trust-demo
SIGNED TAG          DIGEST                                                              SIGNERS
blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob

List of signers and their keys for example/trust-demo:

SIGNER              KEYS
alice               05e87edcaecb
bob                 5600f5ab76a2

Administrative keys for example/trust-demo:
Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
```

### Revoke signatures on all tags in a repository

When no tag is specified, `docker trust` revokes all signatures that you have a signing key for.

```console
$ docker trust inspect --pretty example/trust-demo
SIGNED TAG          DIGEST                                                              SIGNERS
red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob

List of signers and their keys for example/trust-demo:

SIGNER              KEYS
alice               05e87edcaecb
bob                 5600f5ab76a2

Administrative keys for example/trust-demo:
Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
```

When `alice`, one of the signers, runs `docker trust revoke`:

```console
$ docker trust revoke example/trust-demo
Please confirm you would like to delete all signature data for example/trust-demo? [y/N] y
Enter passphrase for delegation key with ID 27d42a8:
Successfully deleted signature for example/trust-demo
```

All tags that have `alice`'s signature on them are removed from the list of released tags:

```console
$ docker trust inspect --pretty example/trust-demo

No signatures for example/trust-demo


List of signers and their keys for example/trust-demo:

SIGNER              KEYS
alice               05e87edcaecb
bob                 5600f5ab76a2

Administrative keys for example/trust-demo:
Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e
Root Key:       3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949
```
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`# trust revoke`

docs: generate markdown Keep frontmatter for docker, dockerd and index markdown files. Also needs to move cli.md > docker.md before generation and then move it back because cli.md is needed for yaml generation on docs website: https://github.com/docker/cli/pull/3924#discussion_r1059986605 Signed-off-by: Kevin Alvarez <crazy-max@users.noreply.github.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-01-06 13:04:05 -05:00			`<!---MARKER_GEN_START-->`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`Remove trust for an image`

docs: generate markdown Keep frontmatter for docker, dockerd and index markdown files. Also needs to move cli.md > docker.md before generation and then move it back because cli.md is needed for yaml generation on docs website: https://github.com/docker/cli/pull/3924#discussion_r1059986605 Signed-off-by: Kevin Alvarez <crazy-max@users.noreply.github.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-01-06 13:04:05 -05:00			`### Options`

			`\| Name \| Type \| Default \| Description \|`
			`\|:--------------\|:-----\|:--------\|:-------------------------------\|`
			\| `-y`, `--yes` \| \| \| Do not prompt for confirmation \|


			`<!---MARKER_GEN_END-->`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`## Description`

docs: update docker trust docs with correct tense and formatting Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 14:42:44 -04:00			`docker trust revoke` removes signatures from tags in signed repositories.
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`## Examples`

			`### Revoke signatures from a signed tag`

			`Here's an example of a repo with two signed tags:`


docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
reference docs: fix broken links and markdown touch-ups - fix various broken links - fix incorrect anchors - updated links for content that moved, so that no redirect to the new location is needed. - touched-up Markdown; - re-format some JSON output - add blank line betweeen command and command output - format "note" blocks Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-04-19 09:43:08 -04:00			`$ docker trust inspect --pretty example/trust-demo`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`SIGNED TAG DIGEST SIGNERS`
			`red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice`
			`blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob`

trust: rename inspect to view, add repo name to signer table header Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-09-19 17:59:48 -04:00			`List of signers and their keys for example/trust-demo:`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`SIGNER KEYS`
			`alice 05e87edcaecb`
			`bob 5600f5ab76a2`

			`Administrative keys for example/trust-demo:`
Fix whitespace that caused short-format in generated YAML If the markdown contains trailing spaces, or has tabs included, the YAML generator uses a compact format for the text (using `\n` and `\t`, instead of plain newlines). The compact format makes it difficult to review changes in the yaml docs when vendoring in the documentation repository. This patch: - removes trailing whitespace - replaces tabs for spaces - fixes some minor formatting and markdown issues Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-03-15 10:11:43 -04:00			`Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e`
			`Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			```

docs: update docker trust docs with correct tense and formatting Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 14:42:44 -04:00			When `alice`, one of the signers, runs `docker trust revoke`:
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`$ docker trust revoke example/trust-demo:red`
			`Enter passphrase for delegation key with ID 27d42a8:`
			`Successfully deleted signature for example/trust-demo:red`
			```

docs: update docker trust docs with correct tense and formatting Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 14:42:44 -04:00			`After revocation, the tag is removed from the list of released tags:`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
reference docs: fix broken links and markdown touch-ups - fix various broken links - fix incorrect anchors - updated links for content that moved, so that no redirect to the new location is needed. - touched-up Markdown; - re-format some JSON output - add blank line betweeen command and command output - format "note" blocks Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-04-19 09:43:08 -04:00			`$ docker trust inspect --pretty example/trust-demo`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`SIGNED TAG DIGEST SIGNERS`
			`blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob`

trust: rename inspect to view, add repo name to signer table header Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-09-19 17:59:48 -04:00			`List of signers and their keys for example/trust-demo:`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`SIGNER KEYS`
			`alice 05e87edcaecb`
			`bob 5600f5ab76a2`

			`Administrative keys for example/trust-demo:`
Fix whitespace that caused short-format in generated YAML If the markdown contains trailing spaces, or has tabs included, the YAML generator uses a compact format for the text (using `\n` and `\t`, instead of plain newlines). The compact format makes it difficult to review changes in the yaml docs when vendoring in the documentation repository. This patch: - removes trailing whitespace - replaces tabs for spaces - fixes some minor formatting and markdown issues Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-03-15 10:11:43 -04:00			`Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e`
			`Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			```

			`### Revoke signatures on all tags in a repository`

			When no tag is specified, `docker trust` revokes all signatures that you have a signing key for.

docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
reference docs: fix broken links and markdown touch-ups - fix various broken links - fix incorrect anchors - updated links for content that moved, so that no redirect to the new location is needed. - touched-up Markdown; - re-format some JSON output - add blank line betweeen command and command output - format "note" blocks Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-04-19 09:43:08 -04:00			`$ docker trust inspect --pretty example/trust-demo`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`SIGNED TAG DIGEST SIGNERS`
			`red 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943 alice`
			`blue f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197 alice, bob`

trust: rename inspect to view, add repo name to signer table header Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-09-19 17:59:48 -04:00			`List of signers and their keys for example/trust-demo:`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`SIGNER KEYS`
			`alice 05e87edcaecb`
			`bob 5600f5ab76a2`

			`Administrative keys for example/trust-demo:`
Fix whitespace that caused short-format in generated YAML If the markdown contains trailing spaces, or has tabs included, the YAML generator uses a compact format for the text (using `\n` and `\t`, instead of plain newlines). The compact format makes it difficult to review changes in the yaml docs when vendoring in the documentation repository. This patch: - removes trailing whitespace - replaces tabs for spaces - fixes some minor formatting and markdown issues Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-03-15 10:11:43 -04:00			`Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e`
			`Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			```

docs: update docker trust docs with correct tense and formatting Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 14:42:44 -04:00			When `alice`, one of the signers, runs `docker trust revoke`:
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`$ docker trust revoke example/trust-demo`
trust: address review feedback, refactor to align with existing cli/command semantics Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 17:49:40 -04:00			`Please confirm you would like to delete all signature data for example/trust-demo? [y/N] y`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			`Enter passphrase for delegation key with ID 27d42a8:`
			`Successfully deleted signature for example/trust-demo`
			```

docs: update docker trust docs with correct tense and formatting Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-25 14:42:44 -04:00			All tags that have `alice`'s signature on them are removed from the list of released tags:
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
docs: use "console" code-hint for shell examples This replaces the use of bash where suitable, to allow easier copy/pasting of shell examples without copying the prompt or process output. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-08-21 08:54:14 -04:00			```console
reference docs: fix broken links and markdown touch-ups - fix various broken links - fix incorrect anchors - updated links for content that moved, so that no redirect to the new location is needed. - touched-up Markdown; - re-format some JSON output - add blank line betweeen command and command output - format "note" blocks Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-04-19 09:43:08 -04:00			`$ docker trust inspect --pretty example/trust-demo`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`No signatures for example/trust-demo`


trust: rename inspect to view, add repo name to signer table header Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-09-19 17:59:48 -04:00			`List of signers and their keys for example/trust-demo:`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00
			`SIGNER KEYS`
			`alice 05e87edcaecb`
			`bob 5600f5ab76a2`

			`Administrative keys for example/trust-demo:`
Fix whitespace that caused short-format in generated YAML If the markdown contains trailing spaces, or has tabs included, the YAML generator uses a compact format for the text (using `\n` and `\t`, instead of plain newlines). The compact format makes it difficult to review changes in the yaml docs when vendoring in the documentation repository. This patch: - removes trailing whitespace - replaces tabs for spaces - fixes some minor formatting and markdown issues Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2020-03-15 10:11:43 -04:00			`Repository Key: ecc457614c9fc399da523a5f4e24fe306a0a6ee1cc79a10e4555b3c6ab02f71e`
			`Root Key: 3cb2228f6561e58f46dbc4cda4fcaff9d5ef22e865a94636f82450d1d2234949`
trust revoke: docs for docker trust revoke Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com> 2017-08-24 18:46:24 -04:00			```