How to pull signed docker images using dockerode NodeJS API

I have a node js application that does basic docker operations like pull images, create, run, start and stop docker containers. I am using dockerode library.
I want to enforce only trusted signed images are allowed to be pulled.
According to docker documentation, setting env variable DOCKER_CONTENT_TRUST=1. This is not feasible because I am invoking docker remotely.

Observation on command line: Without setting DOCKER_CONTENT_TRUST=1, using flag –disable-content-trust=false will force only trusted images to be downloaded.

  • Amazons EC2 container service - are tasks deployed as docker containers inside docker containers?
  • how load mysql extensions dockerfile with Docker, Compose with Pfm and Nginx and Mysql
  • Custom docker image missing from Bluemix
  • Listing all version numbers of docker image
  • Is there a way to rename network interfaces in Docker swarm?
  • docker local host url not opening
  • [root@vm ~]# echo $DOCKER_CONTENT_TRUST
    
    [root@vm ~]# docker pull --disable-content-trust=false docker/trusttest
    Using default tag: latest
    no trust data available
    [root@vm ~]# 
    

    But, this is no effect when called from node js using dockerode api

    Here is the node code:

    function pullImage(imageId){
        return new Promise((resolve, reject)=>{
            docker.pull(imageId,{"disable-content-trust":"false"},(err,stream)=>{
                if(err){
                    console.error("Docker pull failed for:" + imageId + "error:" + err);
                    reject(err);
                }else 
                    console.log("Docker image installed: " + imageId);
                    resolve(true);
                }
            });
        });
    }
    
    
    pullImage('docker/trusttest',{}).then((v)=>{
        console.log("pull image successful", v);
    }).catch((ex)=>{
        console.error("exception in pull image", ex);
    });
    

    This code downloads the image even though disable-content-trust=false.
    The question is am I passing the option parameters to docker.pull correctly ?
    I can’t find the documentation for option parameter values for dockerode.
    Any help is much appreciated.

    Links:
    https://docs.docker.com/engine/security/trust/content_trust/

    https://github.com/apocas/dockerode

  • Run VSCode in Dotnet docker container
  • ASP.NET 5: docker build with multi-projects solution
  • Docker input/output outside the container
  • InteliJ Idea: build and run Java apps in docker containers
  • Automated Build - image without source files
  • Cannot get SSL to work in Docker container
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.