Improve output message for signing in the OCI v1.0 compliant registry #926
Description
What is not working as expected?
I signed an image with --allow-referrers-api in the distribution registry (OCI v1.0 compliant) which doesn't support Referrers API. The signing operation executed successfully but fallback to referrers tag schema.
From the output message, it indicates that I signed successfully with --allow-referrers-api and it reminds users must set the --allow-referrers-api flag to list, inspect, and verify the signature. But the fact is that Notation fallback to store the signature with referrers tag schema and no need to --allow-referrers-api flag when verify the signaute. It might be misleading to users.
What did you expect to happen?
Explicitly tell users that the registry doesn't support Referrers API and will be fallback to referrers tag schema. So users don't need to set the flag --allow-referrers-api to list, inspect, and verify the signature.
How can we reproduce it?
Sign an image in the distribution registry:
$ notation sign localhost:5000/my-ubuntu@sha256:a3785f78ab8547ae2710c89e627783cfa7ee7824d3468cae6835c9f4eae23ff7 --key demo-key --allow-referrers-api
Warning: This feature is experimental and may not be fully tested or completed and may be deprecated. Report any issues to "https://github/notaryproject/notation"
Warning: using the Referrers API to store signature. On success, must set the `--allow-referrers-api` flag to list, inspect, and verify the signature.
Successfully signed localhost:5000/my-ubuntu@sha256:a3785f78ab8547ae2710c89e627783cfa7ee7824d3468cae6835c9f4eae23ff7
View referrers tag schema
$ oras repo tags localhost:5000/my-ubuntu
sha256-a3785f78ab8547ae2710c89e627783cfa7ee7824d3468cae6835c9f4eae23ff7
latest
Describe your environment
Linux Ubuntu 22.06
What is the version of your Notation CLI or Notation Library?
Notation v1.1.0