Add notes to clarify registry use. (#2145)

Signed-off-by: David Bendory <bendory@google.com>
sigstore · Aug 9, 2022 · 72c4224 · 72c4224
1 parent fdceee4
commit 72c4224
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -444,6 +444,22 @@ $ gcr.io/dlorenc-vmtest2/demo -> gcr.io/my-new-repo/demo:sha256-DIGEST.sig
 ```
 So the signature for `gcr.io/dlorenc-vmtest2/demo` will be stored in `gcr.io/my-new-repo/demo:sha256-DIGEST.sig`.
 
+Note: different registries might expect different formats for the "repository."
+
+* To use [GCR](https://cloud.google.com/container-registry), a registry name
+  like `gcr.io/$REPO` is sufficient, as in the example above.
+* To use [Artifact Registry](https://cloud.google.com/artifact-registry),
+  specify a full image name like
+  `$LOCATION-docker.pkg.dev/$PROJECT/$REPO/$STORAGE_IMAGE`, not just a
+  repository. For example,
+  ```
+  COSIGN_REPOSITORY=us-docker.pkg.dev/my-new-repo/demo
+  gcr.io/dlorenc-vmtest2/demo --> us-docker.pkg.dev/my-new-repo/demo:sha256-DIGEST.sig
+  ```
+  where the `sha256-DIGEST` will match the digest for
+  `gcr.io/dlorenc-vmtest2/demo`. Specifying just a repo like
+  `$LOCATION-docker.pkg.dev/$PROJECT/$REPO` will not work in Artifact Registry.
+
 
 ## Signature Specification