ci: add OCI image annotations to docker images by candrews · Pull Request #3554 · moby/buildkit

candrews · 2023-01-30T19:40:14Z

See: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys

Closes: #3553

Signed-off-by: Craig Andrews [email protected]

crazy-max

Do you have specific needs for these labels? They will not be used anyway, see my comment.

https://github.com/moby/buildkit/pull/3204/files#diff-ffe3a297ed15e9a79846161a3731a580511bf13c6b5cc5a9e03ddcbd8515fdeeR205-R234 would help though for the BuildKit image.

crazy-max · 2023-01-30T20:16:16Z

        if: steps.build.outputs.result == 'true'
        uses: docker/build-push-action@v3
        with:
+          labels: ${{ steps.meta.outputs.labels }}


This step only produces BuildKit artifacts, not an image.

I have misunderstood the CI implementation, sorry!

Where would I make the change and have it actually apply then?

I've updated this PR so it adds the annotations in the right place

candrews · 2023-01-30T20:23:36Z

Do you have specific needs for these labels?

Yes, I do.

I use these images in a GitLab CI pipelines and I have Renovate submitting MRs to update the image references. Currently, the Renovate MRs do not have a changelog because Renovate doesn't know the GitHub URL for the project. By adding these labels, Renovate will be able to find the GitHub project and therefore include release notes. See https://github.com/renovatebot/renovate/blob/34.115.1/lib/modules/datasource/docker/readme.md

I also use other tools that would use the labels, including Snyk which uses them in its UI.

So having these labels populated would make life for myself and my colleagues just a little bit nicer, and I can only assume they would help others as well.

crazy-max · 2023-03-02T15:56:49Z

CI looks broken, I don't see any checks. Can you rebase?

candrews · 2024-07-17T19:33:16Z

CI looks broken, I don't see any checks. Can you rebase?

I've rebased and taken a different approach that addresses the previously expressed concerns.

Can you please run the workflow and review this PR?

crazy-max · 2024-07-18T15:08:58Z

+outputFlag="${outputFlag},annotation.org.opencontainers.image.title=BuildKit"
+if [ -n "$GITHUB_SHA" ]; then
+  outputFlag="${outputFlag},annotation.org.opencontainers.image.revision=$GITHUB_SHA"
+fi
+if [ -n "$GITHUB_REPOSITORY" ]; then
+  outputFlag="${outputFlag},annotation.org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
+  outputFlag="${outputFlag},annotation.org.opencontainers.image.url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
+fi
+if [ -n "$versionTag" ]; then
+  outputFlag="${outputFlag},annotation.org.opencontainers.image.version=$versionTag"
+fi


this should be done only on push so moved in https://github.com/moby/buildkit/pull/3554/files#diff-d131ef7e8954a6ffbaa57cfce3e105863587a19e310500d0c7c55b9f52038bfdR47

or if we also want to set annotations on pr for testing check localmode is not set

Sounds good, thank you!

Is there any more to do, or is this now ready to be merged?

sorry forgot to set "request for changes", we should check localmode is not set for this code otherwise it would break as docker exporter does not support annotations

also add GITHUB_SERVER_URL and GITHUB_SHA before

buildkit/hack/util

Line 7 in 36ffdf7

: "${GITHUB_REPOSITORY=}"

we should also check if [ "$GITHUB_ACTIONS" = "true" ]

I've updated this MR addressing your concerns. How does it look now?

See: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys Closes: moby#3553 Signed-off-by: Craig Andrews <[email protected]>

candrews · 2024-07-24T02:28:53Z

@crazy-max I saw that the shfmt test failed due to an extra space; I updated the MR to fix that.

I don't understand the other failing test, https://github.com/moby/buildkit/actions/runs/9996089167/job/27633669860?pr=3554 - it doesn't seem related.

Please let me know what else, if anything, I can do to get this across the finish line.

Thank you again!

candrews · 2024-07-29T15:32:13Z

@crazy-max friendly bump

crazy-max · 2024-07-29T15:34:09Z

I don't understand the other failing test, https://github.com/moby/buildkit/actions/runs/9996089167/job/27633669860?pr=3554 - it doesn't seem related.

This one is related to docker/buildx#2598 which has been fixed in v0.16.1: https://github.com/docker/buildx/releases/tag/v0.16.1.

Rerunning the workflow with your PR and should be good

crazy-max

LGTM thanks!

crazy-max · 2024-07-29T16:18:23Z

@candrews This might need a follow-up if you want the same for the Dockerfile frontend image.

candrews · 2024-07-29T16:20:20Z

@candrews This might need a follow-up if you want the same for the Dockerfile frontend image.

That would be ideal - can you point me in the right direction and I'll get on it?

crazy-max · 2024-07-29T16:28:14Z

@candrews This might need a follow-up if you want the same for the Dockerfile frontend image.

That would be ideal - can you point me in the right direction and I'll get on it?

https://github.com/moby/buildkit/blob/master/frontend/dockerfile/cmd/dockerfile-frontend/hack/release

candrews · 2024-07-29T21:18:12Z

@candrews This might need a follow-up if you want the same for the Dockerfile frontend image.

That would be ideal - can you point me in the right direction and I'll get on it?

https://github.com/moby/buildkit/blob/master/frontend/dockerfile/cmd/dockerfile-frontend/hack/release

Thank you! Here's the PR: #5197

crazy-max reviewed Jan 30, 2023

View reviewed changes

candrews force-pushed the patch-1 branch from 0a14d9c to d72297f Compare June 27, 2023 18:21

candrews force-pushed the patch-1 branch from d72297f to 9a9f1e0 Compare July 12, 2024 17:42

candrews changed the title ~~ci: add labels to docker images~~ ci: add OCI image annotatons to docker images Jul 12, 2024

candrews force-pushed the patch-1 branch from 9a9f1e0 to 4c11474 Compare July 12, 2024 19:22

candrews changed the title ~~ci: add OCI image annotatons to docker images~~ ci: add OCI image annotations to docker images Jul 12, 2024

candrews force-pushed the patch-1 branch from 4c11474 to b83365c Compare July 12, 2024 21:37

thompson-shaun assigned crazy-max Jul 18, 2024

thompson-shaun added area/hack building buildkit itself area/ci labels Jul 18, 2024

crazy-max reviewed Jul 18, 2024

View reviewed changes

candrews force-pushed the patch-1 branch from b83365c to 4f529f1 Compare July 18, 2024 17:35

ci: add OCI image annotations to docker images

06a1708

See: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys Closes: moby#3553 Signed-off-by: Craig Andrews <[email protected]>

candrews force-pushed the patch-1 branch from 4f529f1 to 06a1708 Compare July 24, 2024 02:27

crazy-max approved these changes Jul 29, 2024

View reviewed changes

crazy-max merged commit d75ba52 into moby:master Jul 29, 2024

crazy-max mentioned this pull request Aug 6, 2024

ci: add OCI image annotations to Dockerfile frontend images #5197

Merged

crazy-max added this to the v0.16.0 milestone Aug 6, 2024

Conversation

candrews commented Jan 30, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

crazy-max left a comment

Choose a reason for hiding this comment

Uh oh!

crazy-max Jan 30, 2023

Choose a reason for hiding this comment

Uh oh!

candrews Jan 30, 2023

Choose a reason for hiding this comment

Uh oh!

candrews Jul 12, 2024

Choose a reason for hiding this comment

Uh oh!

candrews commented Jan 30, 2023

Uh oh!

crazy-max commented Mar 2, 2023

Uh oh!

candrews commented Jul 17, 2024

Uh oh!

crazy-max Jul 18, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

candrews Jul 18, 2024

Choose a reason for hiding this comment

Uh oh!

crazy-max Jul 18, 2024

Choose a reason for hiding this comment

Uh oh!

crazy-max Jul 18, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

crazy-max Jul 18, 2024

Choose a reason for hiding this comment

Uh oh!

candrews Jul 18, 2024

Choose a reason for hiding this comment

Uh oh!

candrews commented Jul 24, 2024

Uh oh!

candrews commented Jul 29, 2024

Uh oh!

crazy-max commented Jul 29, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

crazy-max left a comment

Choose a reason for hiding this comment

Uh oh!

crazy-max commented Jul 29, 2024

Uh oh!

candrews commented Jul 29, 2024

Uh oh!

crazy-max commented Jul 29, 2024

Uh oh!

candrews commented Jul 29, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

candrews commented Jan 30, 2023 •

edited

Loading

crazy-max Jul 18, 2024 •

edited

Loading

crazy-max Jul 18, 2024 •

edited

Loading

crazy-max commented Jul 29, 2024 •

edited

Loading