podman-manifest-add - Man Page
Add an image or artifact to a manifest list or image index
Synopsis
podman manifest add [options] listnameorindexname [transport]:imagename imageorartifactname [...]
Description
Adds the specified image to the specified manifest list or image index, or creates an artifact manifest and adds it to the specified image index.
Return Value
The list image's ID.
Options
--all
If the image which is added to the list or index is itself a list or index, add all of the contents to the local list. By default, only one image from such a list or index is added to the list or index. Combining --all with any of the other options described below is NOT recommended.
--annotation=annotation=value
Set an annotation on the entry for the specified image or artifact.
--arch=architecture
Override the architecture which the list or index records as a requirement for the image. If imageName refers to a manifest list or image index, the architecture information is retrieved from it. Otherwise, it is retrieved from the image's configuration information.
--artifact
Create an artifact manifest and add it to the image index. Arguments after the index name will be interpreted as file names rather than as image references. In most scenarios, the --artifact-type option should also be specified.
--artifact-config=path
When creating an artifact manifest and adding it to the image index, use the specified file's contents as the configuration blob in the artifact manifest. In most scenarios, leaving the default value, which signifies an empty configuration, unchanged, is the preferred option.
--artifact-config-type=type
When creating an artifact manifest and adding it to the image index, use the specified MIME type as the mediaType associated with the configuration blob in the artifact manifest. In most scenarios, leaving the default value, which signifies either an empty configuration or the standard OCI configuration type, unchanged, is the preferred option.
--artifact-exclude-titles
When creating an artifact manifest and adding it to the image index, do not set "org.opencontainers.image.title" annotations equal to the file's basename for each file added to the artifact manifest. Tools which retrieve artifacts from a registry may use these values to choose names for files when saving artifacts to disk, so this option is not recommended unless it is required for interoperability with a particular registry.
--artifact-layer-type=type
When creating an artifact manifest and adding it to the image index, use the specified MIME type as the mediaType associated with the files' contents. If not specified, guesses based on either the files names or their contents will be made and used, but the option should be specified if certainty is needed.
--artifact-subject=imageName
When creating an artifact manifest and adding it to the image index, set the subject field in the artifact manifest to mark the artifact manifest as being associated with the specified image in some way. An artifact manifest can only be associated with, at most, one subject.
--artifact-type=type
When creating an artifact manifest, use the specified MIME type as the manifest's artifactType value instead of the less informative default value.
--authfile=path
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json on Linux, and $HOME/.config/containers/auth.json on Windows/macOS. The file is created by podman login. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login.
Note: There is also the option to override the default path of the authentication file by setting the REGISTRY_AUTH_FILE environment variable. This can be done with export REGISTRY_AUTH_FILE=path.
--cert-dir=path
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry. (Default: /etc/containers/certs.d) For details, see containers-certs.d(5). (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
--creds=[username[:password]]
The [username[:password]] to use to authenticate with the registry, if required. If one or both values are not supplied, a command line prompt appears and the value can be entered. The password is entered without echo.
Note that the specified credentials are only used to authenticate against target registries. They are not used for mirrors or when the registry gets rewritten (see containers-registries.conf(5)); to authenticate against those consider using a containers-auth.json(5) file.
--features=feature
Specify the features list which the list or index records as requirements for the image. This option is rarely used.
--os=OS
Override the OS which the list or index records as a requirement for the image. If imagename refers to a manifest list or image index, the OS information is retrieved from it. Otherwise, it is retrieved from the image's configuration information.
--os-version=version
Specify the OS version which the list or index records as a requirement for the image. This option is rarely used.
--tls-verify
Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, TLS verification is used. If set to false, TLS verification is not used. If not specified, TLS verification is used unless the target registry is listed as an insecure registry in containers-registries.conf(5)
--variant
Specify the variant which the list or index records for the image. This option is typically used to distinguish between multiple entries which share the same architecture value, but which expect different versions of its instruction set.
Transport
Multiple transports are supported:
docker://docker-reference (default)
An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in $XDG_RUNTIME_DIR/containers/auth.json, which is set using (podman login). If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using (docker login).
$ podman manifest add mylist:v1.11 docker://quay.io/username/myimage
containers-storage:oci-reference
An image in oci-reference format stored in the local container storage. oci-reference must contain a tag.
$ podman manifest add mylist:v1.11 containers-storage:quay.io/username/myimage
dir:path
An existing local directory path storing the manifest, layer tarballs, and signatures as individual files. This
is a non-standardized format, primarily useful for debugging or noninvasive container inspection.
$ podman manifest add dir:/tmp/myimage
docker-archive:path[:docker-reference]
An image is stored in the docker save formatted file. docker-reference is only used when creating such a
file, and it must not contain a digest.
$ podman manifest add docker-archive:/tmp/myimage
docker-daemon:docker-reference
An image in docker-reference format stored in the docker daemon internal storage. The docker-reference can also be an image ID (docker-daemon:algo:digest).
$ sudo podman manifest add docker-daemon:docker.io/library/myimage:33
oci-archive:path:tag
An image tag in a directory compliant with "Open Container Image Layout Specification" at path.
$ podman manifest add oci-archive:/tmp/myimage
Example
Add specified default image from source manifest list to destination manifest list:
podman manifest add mylist:v1.11 docker://fedora 71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
Add all images from source manifest list to destination manifest list:
podman manifest add --all mylist:v1.11 docker://fedora 71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
Add selected image matching arch and variant from source manifest list to destination manifest list:
podman manifest add --arch arm64 --variant v8 mylist:v1.11 docker://71c201d10fffdcac52968a000d85a0a016ca1c7d5473948000d3131c1773d965
See Also
Referenced By
The man page docker-manifest-add(1) is an alias of podman-manifest-add(1).