From 2d813490100112894f38cb64f690a96ddd7b1f78 Mon Sep 17 00:00:00 2001
From: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Date: Fri, 9 Mar 2018 18:37:43 +0100
Subject: [PATCH 1/5] Refactor trust view command into a --pretty flag on trust
 inspect

Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
(cherry picked from commit c5554f811b385f84e57d57bf89d97d4ec1efe1e3)
---
 components/cli/cli/command/trust/cmd.go       |  1 -
 components/cli/cli/command/trust/inspect.go   | 39 ++++++++++-
 .../trust/{view.go => inspect_pretty.go}      | 27 +++-----
 .../{view_test.go => inspect_pretty_test.go}  | 66 +++++++++++--------
 .../cli/cli/command/trust/inspect_test.go     | 10 +--
 ...nspect-pretty-full-repo-no-signers.golden} | 10 ++-
 ...pect-pretty-full-repo-with-signers.golden} | 12 ++--
 ...t-inspect-pretty-one-tag-no-signers.golden | 10 +++
 ...ct-pretty-unsigned-tag-with-signers.golden | 14 ++++
 .../trust-view-one-tag-no-signers.golden      |  6 --
 ...rust-view-unsigned-tag-with-signers.golden | 13 ----
 11 files changed, 123 insertions(+), 85 deletions(-)
 rename components/cli/cli/command/trust/{view.go => inspect_pretty.go} (78%)
 rename components/cli/cli/command/trust/{view_test.go => inspect_pretty_test.go} (89%)
 rename components/cli/cli/command/trust/testdata/{trust-view-full-repo-no-signers.golden => trust-inspect-pretty-full-repo-no-signers.golden} (50%)
 rename components/cli/cli/command/trust/testdata/{trust-view-full-repo-with-signers.golden => trust-inspect-pretty-full-repo-with-signers.golden} (65%)
 create mode 100644 components/cli/cli/command/trust/testdata/trust-inspect-pretty-one-tag-no-signers.golden
 create mode 100644 components/cli/cli/command/trust/testdata/trust-inspect-pretty-unsigned-tag-with-signers.golden
 delete mode 100644 components/cli/cli/command/trust/testdata/trust-view-one-tag-no-signers.golden
 delete mode 100644 components/cli/cli/command/trust/testdata/trust-view-unsigned-tag-with-signers.golden

diff --git a/components/cli/cli/command/trust/cmd.go b/components/cli/cli/command/trust/cmd.go
index 6ffc57d05f3..3496ce65eef 100644
--- a/components/cli/cli/command/trust/cmd.go
+++ b/components/cli/cli/command/trust/cmd.go
@@ -16,7 +16,6 @@ func NewTrustCommand(dockerCli command.Cli) *cobra.Command {
 		Annotations: map[string]string{"experimentalCLI": ""},
 	}
 	cmd.AddCommand(
-		newViewCommand(dockerCli),
 		newRevokeCommand(dockerCli),
 		newSignCommand(dockerCli),
 		newTrustKeyCommand(dockerCli),
diff --git a/components/cli/cli/command/trust/inspect.go b/components/cli/cli/command/trust/inspect.go
index 772c95e8886..ae481c1ab7d 100644
--- a/components/cli/cli/command/trust/inspect.go
+++ b/components/cli/cli/command/trust/inspect.go
@@ -2,6 +2,7 @@ package trust
 
 import (
 	"encoding/json"
+	"fmt"
 	"sort"
 
 	"github.com/docker/cli/cli"
@@ -11,24 +12,56 @@ import (
 	"github.com/theupdateframework/notary/tuf/data"
 )
 
+type inspectOptions struct {
+	remotes []string
+	/* FIXME(n4ss): this is consistent with `docker service inspect` but we should provide
+	 * a `--format` flag too. (format and pretty-print should be exclusive)
+	 */
+	prettyPrint bool
+}
+
 func newInspectCommand(dockerCli command.Cli) *cobra.Command {
+	options := inspectOptions{}
 	cmd := &cobra.Command{
 		Use:   "inspect IMAGE[:TAG] [IMAGE[:TAG]...]",
 		Short: "Return low-level information about keys and signatures",
 		Args:  cli.RequiresMinArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
-			return runInspect(dockerCli, args)
+			options.remotes = args
+
+			return runInspect(dockerCli, options)
 		},
 	}
+
+	flags := cmd.Flags()
+	flags.BoolVar(&options.prettyPrint, "pretty", false, "Print the information in a human friendly format")
+
 	return cmd
 }
 
-func runInspect(dockerCli command.Cli, remotes []string) error {
+func runInspect(dockerCli command.Cli, opts inspectOptions) error {
+	if opts.prettyPrint {
+		var err error = nil
+
+		for index, remote := range opts.remotes {
+			if err = prettyPrintTrustInfo(dockerCli, remote); err != nil {
+				return err
+			}
+
+			// Additional separator between the inspection output of each image
+			if index < len(opts.remotes) - 1 {
+				fmt.Fprint(dockerCli.Out(), "\n\n")
+			}
+		}
+
+		return err
+	}
+
 	getRefFunc := func(ref string) (interface{}, []byte, error) {
 		i, err := getRepoTrustInfo(dockerCli, ref)
 		return nil, i, err
 	}
-	return inspect.Inspect(dockerCli.Out(), remotes, "", getRefFunc)
+	return inspect.Inspect(dockerCli.Out(), opts.remotes, "", getRefFunc)
 }
 
 func getRepoTrustInfo(cli command.Cli, remote string) ([]byte, error) {
diff --git a/components/cli/cli/command/trust/view.go b/components/cli/cli/command/trust/inspect_pretty.go
similarity index 78%
rename from components/cli/cli/command/trust/view.go
rename to components/cli/cli/command/trust/inspect_pretty.go
index 16e7f13f720..af146d20d20 100644
--- a/components/cli/cli/command/trust/view.go
+++ b/components/cli/cli/command/trust/inspect_pretty.go
@@ -4,34 +4,21 @@ import (
 	"fmt"
 	"io"
 	"sort"
-	"strings"
 
-	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/cli/cli/command/formatter"
-	"github.com/spf13/cobra"
 	"github.com/theupdateframework/notary/client"
 )
 
-func newViewCommand(dockerCli command.Cli) *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "view IMAGE[:TAG]",
-		Short: "Display detailed information about keys and signatures",
-		Args:  cli.ExactArgs(1),
-		RunE: func(cmd *cobra.Command, args []string) error {
-			return viewTrustInfo(dockerCli, args[0])
-		},
-	}
-	return cmd
-}
-
-func viewTrustInfo(cli command.Cli, remote string) error {
+func prettyPrintTrustInfo(cli command.Cli, remote string) error {
 	signatureRows, adminRolesWithSigs, delegationRoles, err := lookupTrustInfo(cli, remote)
 	if err != nil {
 		return err
 	}
 
 	if len(signatureRows) > 0 {
+		fmt.Fprintf(cli.Out(), "\nSignatures for %s\n\n", remote)
+
 		if err := printSignatures(cli.Out(), signatureRows); err != nil {
 			return err
 		}
@@ -42,14 +29,14 @@ func viewTrustInfo(cli command.Cli, remote string) error {
 
 	// If we do not have additional signers, do not display
 	if len(signerRoleToKeyIDs) > 0 {
-		fmt.Fprintf(cli.Out(), "\nList of signers and their keys for %s:\n\n", strings.Split(remote, ":")[0])
+		fmt.Fprintf(cli.Out(), "\nList of signers and their keys for %s\n\n", remote)
 		if err := printSignerInfo(cli.Out(), signerRoleToKeyIDs); err != nil {
 			return err
 		}
 	}
 
 	// This will always have the root and targets information
-	fmt.Fprintf(cli.Out(), "\nAdministrative keys for %s:\n", strings.Split(remote, ":")[0])
+	fmt.Fprintf(cli.Out(), "\nAdministrative keys for %s\n\n", remote)
 	printSortedAdminKeys(cli.Out(), adminRolesWithSigs)
 	return nil
 }
@@ -57,7 +44,9 @@ func viewTrustInfo(cli command.Cli, remote string) error {
 func printSortedAdminKeys(out io.Writer, adminRoles []client.RoleWithSignatures) {
 	sort.Slice(adminRoles, func(i, j int) bool { return adminRoles[i].Name > adminRoles[j].Name })
 	for _, adminRole := range adminRoles {
-		fmt.Fprintf(out, "%s", formatAdminRole(adminRole))
+		if formattedAdminRole := formatAdminRole(adminRole); formattedAdminRole != "" {
+			fmt.Fprintf(out, "  %s", formattedAdminRole)
+		}
 	}
 }
 
diff --git a/components/cli/cli/command/trust/view_test.go b/components/cli/cli/command/trust/inspect_pretty_test.go
similarity index 89%
rename from components/cli/cli/command/trust/view_test.go
rename to components/cli/cli/command/trust/inspect_pretty_test.go
index a8a69d207b0..7cfe86cfefd 100644
--- a/components/cli/cli/command/trust/view_test.go
+++ b/components/cli/cli/command/trust/inspect_pretty_test.go
@@ -16,11 +16,13 @@ import (
 	"github.com/theupdateframework/notary/tuf/data"
 )
 
+/* TODO(n4ss): remove common tests with the regular inspect command */
+
 type fakeClient struct {
 	dockerClient.Client
 }
 
-func TestTrustViewCommandErrors(t *testing.T) {
+func TestTrustInspectPrettyCommandErrors(t *testing.T) {
 	testCases := []struct {
 		name          string
 		args          []string
@@ -28,12 +30,7 @@ func TestTrustViewCommandErrors(t *testing.T) {
 	}{
 		{
 			name:          "not-enough-args",
-			expectedError: "requires exactly 1 argument",
-		},
-		{
-			name:          "too-many-args",
-			args:          []string{"remote1", "remote2"},
-			expectedError: "requires exactly 1 argument",
+			expectedError: "requires at least 1 argument",
 		},
 		{
 			name:          "sha-reference",
@@ -47,50 +44,56 @@ func TestTrustViewCommandErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		cmd := newViewCommand(
+		cmd := newInspectCommand(
 			test.NewFakeCli(&fakeClient{}))
 		cmd.SetArgs(tc.args)
 		cmd.SetOutput(ioutil.Discard)
+		cmd.Flags().Set("pretty", "true")
 		testutil.ErrorContains(t, cmd.Execute(), tc.expectedError)
 	}
 }
 
-func TestTrustViewCommandOfflineErrors(t *testing.T) {
+func TestTrustInspectPrettyCommandOfflineErrors(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getOfflineNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"nonexistent-reg-name.io/image"})
 	cmd.SetOutput(ioutil.Discard)
 	testutil.ErrorContains(t, cmd.Execute(), "No signatures or cannot access nonexistent-reg-name.io/image")
 
 	cli = test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getOfflineNotaryRepository)
-	cmd = newViewCommand(cli)
+	cmd = newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"nonexistent-reg-name.io/image:tag"})
 	cmd.SetOutput(ioutil.Discard)
 	testutil.ErrorContains(t, cmd.Execute(), "No signatures or cannot access nonexistent-reg-name.io/image")
 }
 
-func TestTrustViewCommandUninitializedErrors(t *testing.T) {
+func TestTrustInspectPrettyCommandUninitializedErrors(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getUninitializedNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"reg/unsigned-img"})
 	cmd.SetOutput(ioutil.Discard)
 	testutil.ErrorContains(t, cmd.Execute(), "No signatures or cannot access reg/unsigned-img")
 
 	cli = test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getUninitializedNotaryRepository)
-	cmd = newViewCommand(cli)
+	cmd = newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"reg/unsigned-img:tag"})
 	cmd.SetOutput(ioutil.Discard)
 	testutil.ErrorContains(t, cmd.Execute(), "No signatures or cannot access reg/unsigned-img:tag")
 }
 
-func TestTrustViewCommandEmptyNotaryRepoErrors(t *testing.T) {
+func TestTrustInspectPrettyCommandEmptyNotaryRepoErrors(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getEmptyTargetsNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"reg/img:unsigned-tag"})
 	cmd.SetOutput(ioutil.Discard)
 	assert.NoError(t, cmd.Execute())
@@ -99,7 +102,8 @@ func TestTrustViewCommandEmptyNotaryRepoErrors(t *testing.T) {
 
 	cli = test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getEmptyTargetsNotaryRepository)
-	cmd = newViewCommand(cli)
+	cmd = newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"reg/img"})
 	cmd.SetOutput(ioutil.Discard)
 	assert.NoError(t, cmd.Execute())
@@ -107,44 +111,48 @@ func TestTrustViewCommandEmptyNotaryRepoErrors(t *testing.T) {
 	assert.Contains(t, cli.OutBuffer().String(), "Administrative keys for reg/img:")
 }
 
-func TestTrustViewCommandFullRepoWithoutSigners(t *testing.T) {
+func TestTrustInspectPrettyCommandFullRepoWithoutSigners(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getLoadedWithNoSignersNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"signed-repo"})
 	assert.NoError(t, cmd.Execute())
 
-	golden.Assert(t, cli.OutBuffer().String(), "trust-view-full-repo-no-signers.golden")
+	golden.Assert(t, cli.OutBuffer().String(), "trust-inspect-pretty-full-repo-no-signers.golden")
 }
 
-func TestTrustViewCommandOneTagWithoutSigners(t *testing.T) {
+func TestTrustInspectPrettyCommandOneTagWithoutSigners(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getLoadedWithNoSignersNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"signed-repo:green"})
 	assert.NoError(t, cmd.Execute())
 
-	golden.Assert(t, cli.OutBuffer().String(), "trust-view-one-tag-no-signers.golden")
+	golden.Assert(t, cli.OutBuffer().String(), "trust-inspect-pretty-one-tag-no-signers.golden")
 }
 
-func TestTrustViewCommandFullRepoWithSigners(t *testing.T) {
+func TestTrustInspectPrettyCommandFullRepoWithSigners(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getLoadedNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"signed-repo"})
 	assert.NoError(t, cmd.Execute())
 
-	golden.Assert(t, cli.OutBuffer().String(), "trust-view-full-repo-with-signers.golden")
+	golden.Assert(t, cli.OutBuffer().String(), "trust-inspect-pretty-full-repo-with-signers.golden")
 }
 
-func TestTrustViewCommandUnsignedTagInSignedRepo(t *testing.T) {
+func TestTrustInspectPrettyCommandUnsignedTagInSignedRepo(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getLoadedNotaryRepository)
-	cmd := newViewCommand(cli)
+	cmd := newInspectCommand(cli)
+	cmd.Flags().Set("pretty", "true")
 	cmd.SetArgs([]string{"signed-repo:unsigned"})
 	assert.NoError(t, cmd.Execute())
 
-	golden.Assert(t, cli.OutBuffer().String(), "trust-view-unsigned-tag-with-signers.golden")
+	golden.Assert(t, cli.OutBuffer().String(), "trust-inspect-pretty-unsigned-tag-with-signers.golden")
 }
 
 func TestNotaryRoleToSigner(t *testing.T) {
diff --git a/components/cli/cli/command/trust/inspect_test.go b/components/cli/cli/command/trust/inspect_test.go
index cb2ee800a8c..7073f10bcf2 100644
--- a/components/cli/cli/command/trust/inspect_test.go
+++ b/components/cli/cli/command/trust/inspect_test.go
@@ -18,12 +18,7 @@ func TestTrustInspectCommandErrors(t *testing.T) {
 	}{
 		{
 			name:          "not-enough-args",
-			expectedError: "requires exactly 1 argument",
-		},
-		{
-			name:          "too-many-args",
-			args:          []string{"remote1", "remote2"},
-			expectedError: "requires exactly 1 argument",
+			expectedError: "requires at least 1 argument",
 		},
 		{
 			name:          "sha-reference",
@@ -37,8 +32,9 @@ func TestTrustInspectCommandErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		cmd := newViewCommand(
+		cmd := newInspectCommand(
 			test.NewFakeCli(&fakeClient{}))
+		cmd.Flags().Set("pretty", "true")
 		cmd.SetArgs(tc.args)
 		cmd.SetOutput(ioutil.Discard)
 		testutil.ErrorContains(t, cmd.Execute(), tc.expectedError)
diff --git a/components/cli/cli/command/trust/testdata/trust-view-full-repo-no-signers.golden b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-no-signers.golden
similarity index 50%
rename from components/cli/cli/command/trust/testdata/trust-view-full-repo-no-signers.golden
rename to components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-no-signers.golden
index 6fb3b5b34be..9f3ada08432 100644
--- a/components/cli/cli/command/trust/testdata/trust-view-full-repo-no-signers.golden
+++ b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-no-signers.golden
@@ -1,6 +1,10 @@
+
+Signatures for signed-repo
+
 SIGNED TAG          DIGEST                     SIGNERS
 green               677265656e2d646967657374   (Repo Admin)
 
-Administrative keys for signed-repo:
-Repository Key:	targetsID
-Root Key:	rootID
+Administrative keys for signed-repo
+
+  Repository Key:	targetsID
+  Root Key:	rootID
diff --git a/components/cli/cli/command/trust/testdata/trust-view-full-repo-with-signers.golden b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-with-signers.golden
similarity index 65%
rename from components/cli/cli/command/trust/testdata/trust-view-full-repo-with-signers.golden
rename to components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-with-signers.golden
index 7e73f067263..49b1efd2b0f 100644
--- a/components/cli/cli/command/trust/testdata/trust-view-full-repo-with-signers.golden
+++ b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-full-repo-with-signers.golden
@@ -1,14 +1,18 @@
+
+Signatures for signed-repo
+
 SIGNED TAG          DIGEST                     SIGNERS
 blue                626c75652d646967657374     alice
 green               677265656e2d646967657374   (Repo Admin)
 red                 7265642d646967657374       alice, bob
 
-List of signers and their keys for signed-repo:
+List of signers and their keys for signed-repo
 
 SIGNER              KEYS
 alice               A
 bob                 B
 
-Administrative keys for signed-repo:
-Repository Key:	targetsID
-Root Key:	rootID
+Administrative keys for signed-repo
+
+  Repository Key:	targetsID
+  Root Key:	rootID
diff --git a/components/cli/cli/command/trust/testdata/trust-inspect-pretty-one-tag-no-signers.golden b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-one-tag-no-signers.golden
new file mode 100644
index 00000000000..b58572890ea
--- /dev/null
+++ b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-one-tag-no-signers.golden
@@ -0,0 +1,10 @@
+
+Signatures for signed-repo:green
+
+SIGNED TAG          DIGEST                     SIGNERS
+green               677265656e2d646967657374   (Repo Admin)
+
+Administrative keys for signed-repo:green
+
+  Repository Key:	targetsID
+  Root Key:	rootID
diff --git a/components/cli/cli/command/trust/testdata/trust-inspect-pretty-unsigned-tag-with-signers.golden b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-unsigned-tag-with-signers.golden
new file mode 100644
index 00000000000..302a6b5e66d
--- /dev/null
+++ b/components/cli/cli/command/trust/testdata/trust-inspect-pretty-unsigned-tag-with-signers.golden
@@ -0,0 +1,14 @@
+
+No signatures for signed-repo:unsigned
+
+
+List of signers and their keys for signed-repo:unsigned
+
+SIGNER              KEYS
+alice               A
+bob                 B
+
+Administrative keys for signed-repo:unsigned
+
+  Repository Key:	targetsID
+  Root Key:	rootID
diff --git a/components/cli/cli/command/trust/testdata/trust-view-one-tag-no-signers.golden b/components/cli/cli/command/trust/testdata/trust-view-one-tag-no-signers.golden
deleted file mode 100644
index 6fb3b5b34be..00000000000
--- a/components/cli/cli/command/trust/testdata/trust-view-one-tag-no-signers.golden
+++ /dev/null
@@ -1,6 +0,0 @@
-SIGNED TAG          DIGEST                     SIGNERS
-green               677265656e2d646967657374   (Repo Admin)
-
-Administrative keys for signed-repo:
-Repository Key:	targetsID
-Root Key:	rootID
diff --git a/components/cli/cli/command/trust/testdata/trust-view-unsigned-tag-with-signers.golden b/components/cli/cli/command/trust/testdata/trust-view-unsigned-tag-with-signers.golden
deleted file mode 100644
index c00a9feecf4..00000000000
--- a/components/cli/cli/command/trust/testdata/trust-view-unsigned-tag-with-signers.golden
+++ /dev/null
@@ -1,13 +0,0 @@
-
-No signatures for signed-repo:unsigned
-
-
-List of signers and their keys for signed-repo:
-
-SIGNER              KEYS
-alice               A
-bob                 B
-
-Administrative keys for signed-repo:
-Repository Key:	targetsID
-Root Key:	rootID

From 3d69121433bc3dfc1b42ae4d679b860154b20e68 Mon Sep 17 00:00:00 2001
From: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Date: Fri, 9 Mar 2018 20:26:43 +0100
Subject: [PATCH 2/5] Fix comment and misc code issues

Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
(cherry picked from commit 8c3d0b93d631f948376a81c7baecc6dad88ce248)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
---
 components/cli/cli/command/trust/inspect.go             | 9 ++++-----
 components/cli/cli/command/trust/inspect_pretty_test.go | 6 +++---
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/components/cli/cli/command/trust/inspect.go b/components/cli/cli/command/trust/inspect.go
index ae481c1ab7d..9f10878acc6 100644
--- a/components/cli/cli/command/trust/inspect.go
+++ b/components/cli/cli/command/trust/inspect.go
@@ -14,9 +14,8 @@ import (
 
 type inspectOptions struct {
 	remotes []string
-	/* FIXME(n4ss): this is consistent with `docker service inspect` but we should provide
-	 * a `--format` flag too. (format and pretty-print should be exclusive)
-	 */
+	// FIXME(n4ss): this is consistent with `docker service inspect` but we should provide
+	// a `--format` flag too. (format and pretty-print should be exclusive)
 	prettyPrint bool
 }
 
@@ -41,7 +40,7 @@ func newInspectCommand(dockerCli command.Cli) *cobra.Command {
 
 func runInspect(dockerCli command.Cli, opts inspectOptions) error {
 	if opts.prettyPrint {
-		var err error = nil
+		var err error
 
 		for index, remote := range opts.remotes {
 			if err = prettyPrintTrustInfo(dockerCli, remote); err != nil {
@@ -49,7 +48,7 @@ func runInspect(dockerCli command.Cli, opts inspectOptions) error {
 			}
 
 			// Additional separator between the inspection output of each image
-			if index < len(opts.remotes) - 1 {
+			if index < len(opts.remotes)-1 {
 				fmt.Fprint(dockerCli.Out(), "\n\n")
 			}
 		}
diff --git a/components/cli/cli/command/trust/inspect_pretty_test.go b/components/cli/cli/command/trust/inspect_pretty_test.go
index 7cfe86cfefd..93e56869580 100644
--- a/components/cli/cli/command/trust/inspect_pretty_test.go
+++ b/components/cli/cli/command/trust/inspect_pretty_test.go
@@ -16,7 +16,7 @@ import (
 	"github.com/theupdateframework/notary/tuf/data"
 )
 
-/* TODO(n4ss): remove common tests with the regular inspect command */
+// TODO(n4ss): remove common tests with the regular inspect command
 
 type fakeClient struct {
 	dockerClient.Client
@@ -98,7 +98,7 @@ func TestTrustInspectPrettyCommandEmptyNotaryRepoErrors(t *testing.T) {
 	cmd.SetOutput(ioutil.Discard)
 	assert.NoError(t, cmd.Execute())
 	assert.Contains(t, cli.OutBuffer().String(), "No signatures for reg/img:unsigned-tag")
-	assert.Contains(t, cli.OutBuffer().String(), "Administrative keys for reg/img:")
+	assert.Contains(t, cli.OutBuffer().String(), "Administrative keys for reg/img")
 
 	cli = test.NewFakeCli(&fakeClient{})
 	cli.SetNotaryClient(getEmptyTargetsNotaryRepository)
@@ -108,7 +108,7 @@ func TestTrustInspectPrettyCommandEmptyNotaryRepoErrors(t *testing.T) {
 	cmd.SetOutput(ioutil.Discard)
 	assert.NoError(t, cmd.Execute())
 	assert.Contains(t, cli.OutBuffer().String(), "No signatures for reg/img")
-	assert.Contains(t, cli.OutBuffer().String(), "Administrative keys for reg/img:")
+	assert.Contains(t, cli.OutBuffer().String(), "Administrative keys for reg/img")
 }
 
 func TestTrustInspectPrettyCommandFullRepoWithoutSigners(t *testing.T) {

From 48712f36a62164fab1bdf737e889016f5f61ae4e Mon Sep 17 00:00:00 2001
From: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Date: Fri, 9 Mar 2018 21:10:23 +0100
Subject: [PATCH 3/5] Move Docker Trust out of experimental

Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
(cherry picked from commit ac35e851e858b61b0b93167d94708b6e90e4b954)
---
 components/cli/cli/command/trust/cmd.go    | 9 ++++-----
 components/cli/cli/command/trust/key.go    | 2 +-
 components/cli/cli/command/trust/signer.go | 2 +-
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/components/cli/cli/command/trust/cmd.go b/components/cli/cli/command/trust/cmd.go
index 3496ce65eef..bb6ceace042 100644
--- a/components/cli/cli/command/trust/cmd.go
+++ b/components/cli/cli/command/trust/cmd.go
@@ -9,11 +9,10 @@ import (
 // NewTrustCommand returns a cobra command for `trust` subcommands
 func NewTrustCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := &cobra.Command{
-		Use:         "trust",
-		Short:       "Manage trust on Docker images (experimental)",
-		Args:        cli.NoArgs,
-		RunE:        command.ShowHelp(dockerCli.Err()),
-		Annotations: map[string]string{"experimentalCLI": ""},
+		Use:   "trust",
+		Short: "Manage trust on Docker images",
+		Args:  cli.NoArgs,
+		RunE:  command.ShowHelp(dockerCli.Err()),
 	}
 	cmd.AddCommand(
 		newRevokeCommand(dockerCli),
diff --git a/components/cli/cli/command/trust/key.go b/components/cli/cli/command/trust/key.go
index b24a34c38a2..f57b44c771b 100644
--- a/components/cli/cli/command/trust/key.go
+++ b/components/cli/cli/command/trust/key.go
@@ -10,7 +10,7 @@ import (
 func newTrustKeyCommand(dockerCli command.Streams) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "key",
-		Short: "Manage keys for signing Docker images (experimental)",
+		Short: "Manage keys for signing Docker images",
 		Args:  cli.NoArgs,
 		RunE:  command.ShowHelp(dockerCli.Err()),
 	}
diff --git a/components/cli/cli/command/trust/signer.go b/components/cli/cli/command/trust/signer.go
index c0111ef3f3a..807ad6c955d 100644
--- a/components/cli/cli/command/trust/signer.go
+++ b/components/cli/cli/command/trust/signer.go
@@ -10,7 +10,7 @@ import (
 func newTrustSignerCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "signer",
-		Short: "Manage entities who can sign Docker images (experimental)",
+		Short: "Manage entities who can sign Docker images",
 		Args:  cli.NoArgs,
 		RunE:  command.ShowHelp(dockerCli.Err()),
 	}

From 518a7181ad3b1eb9e013b4a730585e5859aa8f41 Mon Sep 17 00:00:00 2001
From: Victor Vieux <victorvieux@gmail.com>
Date: Tue, 13 Mar 2018 15:26:39 -0700
Subject: [PATCH 4/5] update doc

Signed-off-by: Victor Vieux <victorvieux@gmail.com>
(cherry picked from commit 09ec6d4ad9f7040918f410e7382095dd70570261)
---
 .../reference/commandline/trust_inspect.md    | 136 +++++++++++++++--
 .../commandline/trust_key_generate.md         |   4 +-
 .../reference/commandline/trust_key_load.md   |   4 +-
 .../reference/commandline/trust_revoke.md     |   2 -
 .../docs/reference/commandline/trust_sign.md  |   2 -
 .../reference/commandline/trust_signer_add.md |   2 -
 .../commandline/trust_signer_remove.md        |   2 -
 .../docs/reference/commandline/trust_view.md  | 138 ------------------
 8 files changed, 123 insertions(+), 167 deletions(-)
 delete mode 100644 components/cli/docs/reference/commandline/trust_view.md

diff --git a/components/cli/docs/reference/commandline/trust_inspect.md b/components/cli/docs/reference/commandline/trust_inspect.md
index db970a7d6cc..4d1663d761c 100644
--- a/components/cli/docs/reference/commandline/trust_inspect.md
+++ b/components/cli/docs/reference/commandline/trust_inspect.md
@@ -1,7 +1,7 @@
 ---
 title: "trust inspect"
 description: "The inspect command description and usage"
-keywords: "view, notary, trust"
+keywords: "inspect, notary, trust"
 ---
 
 <!-- This file is maintained within the docker/cli GitHub
@@ -20,6 +20,9 @@ Usage:  docker trust inspect IMAGE[:TAG] [IMAGE[:TAG]...]
 
 Return low-level information about keys and signatures
 
+Options:
+      --help            Print usage
+      --pretty          Print the information in a human friendly format
 ```
 
 ## Description
@@ -28,12 +31,6 @@ Return low-level information about keys and signatures
 This includes all image tags that are signed, who signed them, and who can sign
 new tags.
 
-`docker trust inspect` prints the trust information in a machine-readable format. Refer to
-[`docker trust view`](trust_view.md) for a human-friendly output.
-
-`docker trust inspect` is currently experimental.
-
-
 ## Examples
 
 ### Get low-level details about signatures for a single image tag
@@ -78,13 +75,13 @@ $ docker trust inspect alpine:latest
 ]
 ```
 
-The `SignedTags` key will list the `SignedTag` name, its `Digest`, and the `Signers` responsible for the signature.
+The `SignedTags` key will list the `SignedTag` name, its `Digest`,
+and the `Signers` responsible for the signature.
 
 `AdministrativeKeys` will list the `Repository` and `Root` keys.
 
-This format mirrors the output of `docker trust view` 
-
-If signers are set up for the repository via other `docker trust` commands, `docker trust inspect` includes a `Signers` key:
+If signers are set up for the repository via other `docker trust`
+commands, `docker trust inspect` includes a `Signers` key:
 
 ```bash
 $ docker trust inspect my-image:purple
@@ -156,14 +153,16 @@ $ docker trust inspect my-image:purple
 ]
 ```
 
-If the image tag is unsigned or unavailable, `docker trust inspect` does not display any signed tags.
+If the image tag is unsigned or unavailable, `docker trust inspect` does not
+display any signed tags.
 
 ```bash
 $ docker trust inspect unsigned-img
 No signatures or cannot access unsigned-img
 ```
 
-However, if other tags are signed in the same image repository, `docker trust inspect` reports relevant key information:
+However, if other tags are signed in the same image repository,
+`docker trust inspect` reports relevant key information:
 
 ```bash
 $ docker trust inspect alpine:unsigned
@@ -195,7 +194,8 @@ $ docker trust inspect alpine:unsigned
 
 ### Get details about signatures for all image tags in a repository
 
-If no tag is specified, `docker trust inspect` will report details for all signed tags in the repository:
+If no tag is specified, `docker trust inspect` will report details for all
+signed tags in the repository:
 
 ```bash
 $ docker trust inspect alpine
@@ -258,7 +258,8 @@ $ docker trust inspect alpine
 
 ### Get details about signatures for multiple images
 
-`docker trust inspect` can take multiple repositories and images as arguments, and reports the results in an ordered list:
+`docker trust inspect` can take multiple repositories and images as arguments,
+and reports the results in an ordered list:
 
 ```bash
 $ docker trust inspect alpine notary
@@ -362,3 +363,108 @@ $ docker trust inspect alpine notary
     }
 ]
 ```
+
+### Formatting
+
+You can print the inspect output in a human-readable format instead of the default
+JSON output, by using the `--pretty` option:
+
+### Get details about signatures for a single image tag
+
+```bash
+$ docker trust inspect --pretty alpine:latest
+
+SIGNED TAG          DIGEST                                                             SIGNERS
+latest              1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
+
+Administrative keys for alpine:latest:
+Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
+Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
+```
+
+The `SIGNED TAG` is the signed image tag with a unique content-addressable
+`DIGEST`. `SIGNERS` lists all entities who have signed.
+
+The administrative keys listed specify the root key of trust, as well as
+the administrative repository key. These keys are responsible for modifying
+signers, and rotating keys for the signed repository.
+
+If signers are set up for the repository via other `docker trust` commands,
+`docker trust inspect --pretty` displays them appropriately as a `SIGNER`
+and specify their `KEYS`:
+
+```bash
+$ docker trust inspect --pretty my-image:purple
+SIGNED TAG          DIGEST                                                              SIGNERS
+purple              941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557    alice, bob, carol
+
+List of signers and their keys:
+
+SIGNER              KEYS
+alice               47caae5b3e61, a85aab9d20a4
+bob                 034370bcbd77, 82a66673242c
+carol               b6f9f8e1aab0
+
+Administrative keys for my-image:
+Repository Key:	27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44
+Root Key:	40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f
+```
+
+However, if other tags are signed in the same image repository,
+`docker trust inspect` reports relevant key information.
+
+```bash
+$ docker trust inspect --pretty alpine:unsigned
+
+No signatures for alpine:unsigned
+
+
+Administrative keys for alpine:unsigned:
+Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
+Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
+```
+
+### Get details about signatures for all image tags in a repository
+
+```bash
+$ docker trust inspect --pretty alpine
+SIGNED TAG          DIGEST                                                             SIGNERS
+2.6                 9ace551613070689a12857d62c30ef0daa9a376107ec0fff0e34786cedb3399b   (Repo Admin)
+2.7                 9f08005dff552038f0ad2f46b8e65ff3d25641747d3912e3ea8da6785046561a   (Repo Admin)
+3.1                 d9477888b78e8c6392e0be8b2e73f8c67e2894ff9d4b8e467d1488fcceec21c8   (Repo Admin)
+3.2                 19826d59171c2eb7e90ce52bfd822993bef6a6fe3ae6bb4a49f8c1d0a01e99c7   (Repo Admin)
+3.3                 8fd4b76819e1e5baac82bd0a3d03abfe3906e034cc5ee32100d12aaaf3956dc7   (Repo Admin)
+3.4                 833ad81ace8277324f3ca8c91c02bdcf1d13988d8ecf8a3f97ecdd69d0390ce9   (Repo Admin)
+3.5                 af2a5bd2f8de8fc1ecabf1c76611cdc6a5f1ada1a2bdd7d3816e121b70300308   (Repo Admin)
+3.6                 1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
+edge                79d50d15bd7ea48ea00cf3dd343b0e740c1afaa8e899bee475236ef338e1b53b   (Repo Admin)
+latest              1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
+
+Administrative keys for alpine:
+Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
+Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
+```
+
+Here's an example with signers that are set up by `docker trust` commands:
+
+```bash
+$ docker trust inspect --pretty my-image
+SIGNED TAG          DIGEST                                                              SIGNERS
+red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
+blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob
+green               cae8fedc840f90c8057e1c24637d11865743ab1e61a972c1c9da06ec2de9a139    alice, bob
+yellow              9cc65fc3126790e683d1b92f307a71f48f75fa7dd47a7b03145a123eaf0b45ba    carol
+purple              941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557    alice, bob, carol
+orange              d6c271baa6d271bcc24ef1cbd65abf39123c17d2e83455bdab545a1a9093fc1c    alice
+
+List of signers and their keys for my-image:
+
+SIGNER              KEYS
+alice               47caae5b3e61, a85aab9d20a4
+bob                 034370bcbd77, 82a66673242c
+carol               b6f9f8e1aab0
+
+Administrative keys for my-image:
+Repository Key:	27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44
+Root Key:	40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f
+```
diff --git a/components/cli/docs/reference/commandline/trust_key_generate.md b/components/cli/docs/reference/commandline/trust_key_generate.md
index ad2758d0b1b..f026b98a352 100644
--- a/components/cli/docs/reference/commandline/trust_key_generate.md
+++ b/components/cli/docs/reference/commandline/trust_key_generate.md
@@ -1,7 +1,7 @@
 ---
 title: "key generate"
 description: "The key generate command description and usage"
-keywords: "Key, notary, trust"
+keywords: "key, notary, trust"
 ---
 
 <!-- This file is maintained within the docker/cli Github
@@ -30,8 +30,6 @@ Options:
 `docker trust key generate` generates a key-pair to be used with signing,
  and loads the private key into the local docker trust keystore.
 
-`docker trust key generate` is currently experimental.
-
 ## Examples
 
 ### Generate a key-pair
diff --git a/components/cli/docs/reference/commandline/trust_key_load.md b/components/cli/docs/reference/commandline/trust_key_load.md
index 6a29dd88741..15047431af7 100644
--- a/components/cli/docs/reference/commandline/trust_key_load.md
+++ b/components/cli/docs/reference/commandline/trust_key_load.md
@@ -1,7 +1,7 @@
 ---
 title: "key load"
 description: "The key load command description and usage"
-keywords: "Key, notary, trust"
+keywords: "key, notary, trust"
 ---
 
 <!-- This file is maintained within the docker/cli Github
@@ -29,8 +29,6 @@ Options:
 
 `docker trust key load` adds private keys to the local docker trust keystore. To add a signer to a repository use `docker trust signer add`.
 
-`docker trust key load` is currently experimental.
-
 ## Examples
 
 ### Load a single private key
diff --git a/components/cli/docs/reference/commandline/trust_revoke.md b/components/cli/docs/reference/commandline/trust_revoke.md
index e46057d319e..799d6639b9e 100644
--- a/components/cli/docs/reference/commandline/trust_revoke.md
+++ b/components/cli/docs/reference/commandline/trust_revoke.md
@@ -29,8 +29,6 @@ Options:
 
 `docker trust revoke` removes signatures from tags in signed repositories.
 
-`docker trust revoke` is currently experimental.
-
 ## Examples
 
 ### Revoke signatures from a signed tag
diff --git a/components/cli/docs/reference/commandline/trust_sign.md b/components/cli/docs/reference/commandline/trust_sign.md
index b2b54c6f5c1..0d422041601 100644
--- a/components/cli/docs/reference/commandline/trust_sign.md
+++ b/components/cli/docs/reference/commandline/trust_sign.md
@@ -30,8 +30,6 @@ Options:
 
 `docker trust sign` adds signatures to tags to create signed repositories.
 
-`docker trust sign` is currently experimental.
-
 ## Examples
 
 ### Sign a tag as a repo admin
diff --git a/components/cli/docs/reference/commandline/trust_signer_add.md b/components/cli/docs/reference/commandline/trust_signer_add.md
index bda45196f7b..f9ae03b3cdd 100644
--- a/components/cli/docs/reference/commandline/trust_signer_add.md
+++ b/components/cli/docs/reference/commandline/trust_signer_add.md
@@ -29,8 +29,6 @@ Options:
 
 `docker trust signer add` adds signers to signed repositories.
 
-`docker trust signer add` is currently experimental.
-
 ## Examples
 
 ### Add a signer to a repo
diff --git a/components/cli/docs/reference/commandline/trust_signer_remove.md b/components/cli/docs/reference/commandline/trust_signer_remove.md
index 6afe160040f..e496db9dc02 100644
--- a/components/cli/docs/reference/commandline/trust_signer_remove.md
+++ b/components/cli/docs/reference/commandline/trust_signer_remove.md
@@ -29,8 +29,6 @@ Options:
 
 `docker trust signer remove` removes signers from signed repositories.
 
-`docker trust signer remove` is currently experimental.
-
 ## Examples
 
 ### Remove a signer from a repo
diff --git a/components/cli/docs/reference/commandline/trust_view.md b/components/cli/docs/reference/commandline/trust_view.md
deleted file mode 100644
index 1a28db9063f..00000000000
--- a/components/cli/docs/reference/commandline/trust_view.md
+++ /dev/null
@@ -1,138 +0,0 @@
----
-title: "trust view"
-description: "The view command description and usage"
-keywords: "view, notary, trust"
----
-
-<!-- This file is maintained within the docker/cli GitHub
-     repository at https://github.com/docker/cli/. Make all
-     pull requests against that repo. If you see this file in
-     another repository, consider it read-only there, as it will
-     periodically be overwritten by the definitive file. Pull
-     requests which include edits to this file in other repositories
-     will be rejected.
--->
-
-# trust view
-
-```markdown
-Usage:  docker trust view IMAGE[:TAG]
-
-Display detailed information about keys and signatures
-
-```
-
-## Description
-
-`docker trust view` provides detailed information on signed repositories.
-This includes all image tags that are signed, who signed them, and who can sign
-new tags.
-
-By default, `docker trust view` renders results in a table.
-
-`docker trust view` is currently experimental.
-
-
-## Examples
-
-### Get details about signatures for a single image tag
-
-
-```bash
-$ docker trust view alpine:latest
-
-SIGNED TAG          DIGEST                                                             SIGNERS
-latest              1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
-
-Administrative keys for alpine:latest:
-Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
-Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
-```
-
-The `SIGNED TAG` is the signed image tag with a unique content-addressable `DIGEST`. `SIGNERS` lists all entities who have signed.
-
-The administrative keys listed specify the root key of trust, as well as the administrative repository key. These keys are responsible for modifying signers, and rotating keys for the signed repository.
-
-If signers are set up for the repository via other `docker trust` commands, `docker trust view` displays them appropriately as a `SIGNER` and specify their `KEYS`:
-
-```bash
-$ docker trust view my-image:purple
-SIGNED TAG          DIGEST                                                              SIGNERS
-purple              941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557    alice, bob, carol
-
-List of signers and their keys:
-
-SIGNER              KEYS
-alice               47caae5b3e61, a85aab9d20a4
-bob                 034370bcbd77, 82a66673242c
-carol               b6f9f8e1aab0
-
-Administrative keys for my-image:
-Repository Key:	27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44
-Root Key:	40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f
-```
-
-If the image tag is unsigned or unavailable, `docker trust view` does not display any signed tags.
-
-```bash
-$ docker trust view unsigned-img
-No signatures or cannot access unsigned-img
-```
-
-However, if other tags are signed in the same image repository, `docker trust view` reports relevant key information.
-
-```bash
-$ docker trust view alpine:unsigned
-
-No signatures for alpine:unsigned
-
-
-Administrative keys for alpine:unsigned:
-Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
-Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
-```
-
-### Get details about signatures for all image tags in a repository
-
-```bash
-$ docker trust view alpine
-SIGNED TAG          DIGEST                                                             SIGNERS
-2.6                 9ace551613070689a12857d62c30ef0daa9a376107ec0fff0e34786cedb3399b   (Repo Admin)
-2.7                 9f08005dff552038f0ad2f46b8e65ff3d25641747d3912e3ea8da6785046561a   (Repo Admin)
-3.1                 d9477888b78e8c6392e0be8b2e73f8c67e2894ff9d4b8e467d1488fcceec21c8   (Repo Admin)
-3.2                 19826d59171c2eb7e90ce52bfd822993bef6a6fe3ae6bb4a49f8c1d0a01e99c7   (Repo Admin)
-3.3                 8fd4b76819e1e5baac82bd0a3d03abfe3906e034cc5ee32100d12aaaf3956dc7   (Repo Admin)
-3.4                 833ad81ace8277324f3ca8c91c02bdcf1d13988d8ecf8a3f97ecdd69d0390ce9   (Repo Admin)
-3.5                 af2a5bd2f8de8fc1ecabf1c76611cdc6a5f1ada1a2bdd7d3816e121b70300308   (Repo Admin)
-3.6                 1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
-edge                79d50d15bd7ea48ea00cf3dd343b0e740c1afaa8e899bee475236ef338e1b53b   (Repo Admin)
-latest              1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe   (Repo Admin)
-
-Administrative keys for alpine:
-Repository Key:	5a46c9aaa82ff150bb7305a2d17d0c521c2d784246807b2dc611f436a69041fd
-Root Key:	a2489bcac7a79aa67b19b96c4a3bf0c675ffdf00c6d2fabe1a5df1115e80adce
-```
-
-Here's an example with signers that are set up by `docker trust` commands:
-
-```bash
-$ docker trust view my-image
-SIGNED TAG          DIGEST                                                              SIGNERS
-red                 852cc04935f930a857b630edc4ed6131e91b22073bcc216698842e44f64d2943    alice
-blue                f1c38dbaeeb473c36716f6494d803fbfbe9d8a76916f7c0093f227821e378197    alice, bob
-green               cae8fedc840f90c8057e1c24637d11865743ab1e61a972c1c9da06ec2de9a139    alice, bob
-yellow              9cc65fc3126790e683d1b92f307a71f48f75fa7dd47a7b03145a123eaf0b45ba    carol
-purple              941d3dba358621ce3c41ef67b47cf80f701ff80cdf46b5cc86587eaebfe45557    alice, bob, carol
-orange              d6c271baa6d271bcc24ef1cbd65abf39123c17d2e83455bdab545a1a9093fc1c    alice
-
-List of signers and their keys for my-image:
-
-SIGNER              KEYS
-alice               47caae5b3e61, a85aab9d20a4
-bob                 034370bcbd77, 82a66673242c
-carol               b6f9f8e1aab0
-
-Administrative keys for my-image:
-Repository Key:	27df2c8187e7543345c2e0bf3a1262e0bc63a72754e9a7395eac3f747ec23a44
-Root Key:	40b66ccc8b176be8c7d365a17f3e046d1c3494e053dd57cfeacfe2e19c4f8e8f
-```

From 093b46e361746b6b928de8cc15d7d2b1f6be0365 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Wed, 14 Mar 2018 01:01:25 +0100
Subject: [PATCH 5/5] Bash: update trust completions

The `docker trust` commands were moved out of experimental,
and the `docker trust view` command was changed to
`docker trust inspect --pretty`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2a6808db87229fb4269251f6bd69e9079cc827b4)
---
 components/cli/contrib/completion/bash/docker | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/components/cli/contrib/completion/bash/docker b/components/cli/contrib/completion/bash/docker
index efc64abede5..a3f1bd0db0d 100644
--- a/components/cli/contrib/completion/bash/docker
+++ b/components/cli/contrib/completion/bash/docker
@@ -4713,9 +4713,9 @@ _docker_tag() {
 
 _docker_trust() {
 	local subcommands="
+		inspect
 		revoke
 		sign
-		view
 	"
 	__docker_subcommands "$subcommands" && return
 
@@ -4729,10 +4729,10 @@ _docker_trust() {
 	esac
 }
 
-_docker_trust_revoke() {
+_docker_trust_inspect() {
 	case "$cur" in
 		-*)
-			COMPREPLY=( $( compgen -W "--help --yes -y" -- "$cur" ) )
+			COMPREPLY=( $( compgen -W "--help --pretty" -- "$cur" ) )
 			;;
 		*)
 			local counter=$(__docker_pos_first_nonflag)
@@ -4743,29 +4743,29 @@ _docker_trust_revoke() {
 	esac
 }
 
-_docker_trust_sign() {
+_docker_trust_revoke() {
 	case "$cur" in
 		-*)
-			COMPREPLY=( $( compgen -W "--help --local" -- "$cur" ) )
+			COMPREPLY=( $( compgen -W "--help --yes -y" -- "$cur" ) )
 			;;
 		*)
 			local counter=$(__docker_pos_first_nonflag)
 			if [ "$cword" -eq "$counter" ]; then
-				__docker_complete_images --force-tag --id
+				__docker_complete_images --repo --tag
 			fi
 			;;
 	esac
 }
 
-_docker_trust_view() {
+_docker_trust_sign() {
 	case "$cur" in
 		-*)
-			COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+			COMPREPLY=( $( compgen -W "--help --local" -- "$cur" ) )
 			;;
 		*)
 			local counter=$(__docker_pos_first_nonflag)
 			if [ "$cword" -eq "$counter" ]; then
-				__docker_complete_images --repo --tag
+				__docker_complete_images --force-tag --id
 			fi
 			;;
 	esac
@@ -4947,6 +4947,7 @@ _docker() {
 		stack
 		swarm
 		system
+		trust
 		volume
 	)
 
@@ -4999,7 +5000,6 @@ _docker() {
 	local experimental_commands=(
 		checkpoint
 		deploy
-		trust
 	)
 
 	local commands=(${management_commands[*]} ${top_level_commands[*]})