Description
This is related to docker/compose#4787.
There doesn't seem to be any way within the Python API to get the equivalent of what the Go CLI supports via the DOCKER_CONTENT_TRUST and DOCKER_CONTENT_TRUST_SERVER environment variables as described here:
https://docs.docker.com/engine/security/trust/trust_sandbox/
Since docker-compose is based on docker-py, that would seem it can't do trusted pulls. Is that right? If so, that's a fairly serious limitation.
Is there any plan or timeline to add support for notary servers? There is a Python library which implements tuf support (https://github.com/theupdateframework/tuf), so adding support for a notary server to docker-py would seem to be a matter of integrating it the same way the Go bindings are used in docker/cli.