问题
Does Nexus 3 private docker registry support container image signing? The RHEL documentation here suggests not, but I'd like confirmation.
回答1:
In the sense that Nexus supports the v2 Registry API, it should be able to handle signed images. I don't believe Nexus supplies a Notary service though which is where most of the signing operations occur and image/key information is stored. The Nexus docco mentions nothing about signing.
You can delegate trust for your Nexus repo to a local Notary service (github) as you would for any private repo. Nexus repo's have a habit of tripping over edge cases though.
来源:https://stackoverflow.com/questions/46684151/does-nexus-3-support-container-image-signing