docs: Finish sentence around pull secret

Followup to #182 (comment) Signed-off-by: Colin Walters <walters@verbum.org>
containers · Nov 7, 2023 · 75c59c5 · 75c59c5
1 parent e8430d6
commit 75c59c5
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/docs/install.md b/docs/install.md
@@ -76,8 +76,11 @@ in `/etc/containers/policy.json` in the target OS to verify signatures.
 
 If you are pushing an unsigned image, you must specify `bootc install --target-no-signature-verification`.
 
-Additionally note that to perform an install from an authenticated registry, you must also embed
-the pull secret into the image to pass this check.  If you are fetching
+Additionally note that to perform an install with a target image reference set to an
+authenticated registry, you must provide a pull secret.  One path is to embed the pull secret into
+the image in `/etc/ostree/auth.json`.
+Alternatively, the secret can be added after an installation process completes and managed separately;
+in that case you will need to specify `--skip-fetch-check`.
 
 ### Operating system install configuration required