From 75c59c50d530898c3694f4cee4d8c7c7b84eb318 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 7 Nov 2023 13:19:03 -0500
Subject: [PATCH] docs: Finish sentence around pull secret

Followup to https://github.com/containers/bootc/pull/182#discussion_r1384597462

Signed-off-by: Colin Walters <walters@verbum.org>
---
 docs/install.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docs/install.md b/docs/install.md
index ad7027c42..5baadb845 100644
--- a/docs/install.md
+++ b/docs/install.md
@@ -76,8 +76,11 @@ in `/etc/containers/policy.json` in the target OS to verify signatures.
 
 If you are pushing an unsigned image, you must specify `bootc install --target-no-signature-verification`.
 
-Additionally note that to perform an install from an authenticated registry, you must also embed
-the pull secret into the image to pass this check.  If you are fetching
+Additionally note that to perform an install with a target image reference set to an
+authenticated registry, you must provide a pull secret.  One path is to embed the pull secret into
+the image in `/etc/ostree/auth.json`.
+Alternatively, the secret can be added after an installation process completes and managed separately;
+in that case you will need to specify `--skip-fetch-check`.
 
 ### Operating system install configuration required