Support setting OCI annotations in images built by ko - and stop inheriting all annotations #1395
Comments
seankhliao
added a commit
to seankhliao/ko
that referenced
this issue
Oct 15, 2024
This adds a new build flag for setting annotations on image indexes and manifests. Annotations are no longer copied from the base image. `org.opencontainers.image.base.digest` and `org.opencontainers.image.base.name` are always set to the resolved values. Usage example: ```sh ko build --image-annotation foo=bar,fizz=buzz . ``` Fixes ko-build#1090 Fixes ko-build#1090 Fixes ko-build#1231 Fixes ko-build#1235 Fixes ko-build#1395
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 7, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description
This was referenced Jan 7, 2025
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 7, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 7, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 8, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 8, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 8, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description Signed-off-by: Florian Ströger <[email protected]>
Preisschild
added a commit
to Preisschild/etcd-defrag
that referenced
this issue
Jan 8, 2025
Currently, this label is set to `https://github.com/chainguard-images/images/tree/main/images/static` (because the ko base image is this chainguard image). This leads to issues with dependency managers like renovate, which uses this label to parse the change log. Setting this label to the correct source URL fixes such problems. More Information on those labels: https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys ko-build/ko#1395 https://docs.renovatebot.com/modules/datasource/docker/#description Signed-off-by: Florian Ströger <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OCI annotations can be set on manifests, to provide metadata about the images.
kotoday supports setting labels (introduced by docker) but not setting annotations (introduced by the OCI spec).It does set annotations related to the base image used, which is great, but it also sets additional annotations, inherited from the base image, which do not apply to the target image, and cannot be overwritten using
ko.This feature request stems from something I noticed on Tekton container images.
Since Tekton uses Chainguard's base images and
koto build its images, the annotations resulting in Tekton images look like:While the
org.opencontainers.image.basepart is correct, the values author, source and URL do not apply to Tekton images.The text was updated successfully, but these errors were encountered: