Details
https://docs.docker.com/engine/security/trust/content_trust/
2.https://docs.docker.com/engine/reference/commandline/cli/#notary
3.https://docs.docker.com/engine/reference/commandline/cli/#environment-variables
Solution
To enable content trust in a bash shell, enter the following command-export DOCKER_CONTENT_TRUST=1Alternatively, set this environment variable in your profile file so that content trust in
enabled on every login.Impact-In an environment where DOCKER_CONTENT_TRUST is set, you are required to follow trust
procedures while working with images – build, create, pull, push and run. You can use
the –disable-content-trust flag to run individual operations on tagged images without
content trust on an as-needed basis but that defeats the purpose of enabling content trust
and hence, should be avoided wherever possible.Note- Content trust is currently only available for users of the public Docker Hub. It is
currently not available for the Docker Trusted Registry or for private registries.Default Value-By default, content trust is disabled.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.