autonomy bundle push

Push a bundle tarball to an OCI registry

Synopsis

Attaches the policy bundle tarball at <bundle-path> to the agent image at
<image-ref> using the OCI Referrers API (preferred) or the sidecar tag
strategy as a fallback.

When --key-path is provided the push is followed by a cosign signing step
(equivalent to 'autonomy bundle push ... && autonomy sign ...').  The
image, policy sidecar, and optionally the lock sidecar are all signed in a
single fail-closed operation.  If signing fails the artifact must not be
treated as trusted.

COSIGN_PASSWORD must be set in the environment when --key-path points to
an encrypted cosign .key file.

AUTONOMY_TRUST_TIME (env var, default "true"):
  true  — embeds an autonomy.signed-at RFC3339 annotation in the signature.
  false — timestamp annotation omitted (weakens replay protection).

Usage

autonomy bundle push <bundle-path> <image-ref> [flags]

Examples

# Push without signing (bare attach)
  autonomy bundle push ./robot.tar registry/robot-behavior:v1

  # Push and sign (fail-closed)
  autonomy bundle push ./robot.tar registry/robot-behavior:v1 \
      --key-path ./keys/cosign.key

  # Push, sign, and also sign the lock sidecar
  autonomy bundle push ./robot.tar registry/robot-behavior:v1 \
      --key-path ./keys/cosign.key --sign-lock

  # Push to a local insecure registry
  autonomy bundle push ./robot.tar localhost:5000/agent:v1 \
      --allow-insecure-registry

Options

      --allow-insecure-registry   allow plain HTTP registry (auto-detected for localhost)
      --key-path string           path to cosign private key; when set the push is followed by signing
      --sign-lock                 also sign the lock sidecar artifact (<tag>-lock) during push-and-sign

See also

• autonomy bundle — Manage AutonomyOps bundles (pull, push, inspect, verify)