From 71ccc68078c473544315863eabb2f95140f7e1bf Mon Sep 17 00:00:00 2001
From: Jason Hall <jasonhall@redhat.com>
Date: Thu, 18 Feb 2021 09:12:33 -0500
Subject: [PATCH 1/4] Add standard base image annotations

Signed-off-by: Jason Hall <jasonhall@redhat.com>
---
 annotations.md             | 8 ++++++++
 specs-go/v1/annotations.go | 6 ++++++
 2 files changed, 14 insertions(+)

diff --git a/annotations.md b/annotations.md
index 0c7ad0aa1..d2dd73ee5 100644
--- a/annotations.md
+++ b/annotations.md
@@ -40,6 +40,14 @@ This specification defines the following annotation keys, intended for but not l
     ```
 * **org.opencontainers.image.title** Human-readable title of the image (string)
 * **org.opencontainers.image.description** Human-readable description of the software packaged in the image (string)
+* **org.opencontainers.image.base.digest** [Digest](descriptor.md#digests) of the image this image is based on (string)
+  * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
+  * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
+* **org.opencontainers.image.base.ref.name** Image reference of the image this image is based on (string)
+  * This SHOULD be image references in the format defined by [distribution/distribution](https://github.com/distribution/distribution/blob/d0deff9cd6c2b8c82c6f3d1c713af51df099d07b/reference/reference.go).
+  * This SHOULD be a fully qualified reference name, without any assumed default registry. (e.g., `index.docker.io/my-org/my-image:tag` instead of `my-org/my-image:tag`).
+  * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
+  * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
 
 ## Back-compatibility with Label Schema
 
diff --git a/specs-go/v1/annotations.go b/specs-go/v1/annotations.go
index 35d810895..34ced01c8 100644
--- a/specs-go/v1/annotations.go
+++ b/specs-go/v1/annotations.go
@@ -53,4 +53,10 @@ const (
 
 	// AnnotationDescription is the annotation key for the human-readable description of the software packaged in the image.
 	AnnotationDescription = "org.opencontainers.image.description"
+
+	// AnnotationBaseImageDigest is the annotation key for the digest of the image's base image.
+	AnnotationBaseImageDigest = "org.opencontainers.image.base.digest"
+
+	// AnnotationBaseImageRefName is the annotation key for the image reference of the image's base image.
+	AnnotationBaseImageRefName = "org.opencontainers.image.base.ref.name"
 )

From 4feeaac105c8ef59ff42665e097c4001c8ea7de0 Mon Sep 17 00:00:00 2001
From: Jason Hall <jasonhall@redhat.com>
Date: Wed, 30 Jun 2021 16:50:53 -0400
Subject: [PATCH 2/4] Describe how index manifests should work with base image
 annotations

Signed-off-by: Jason Hall <jasonhall@redhat.com>
---
 annotations.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/annotations.md b/annotations.md
index d2dd73ee5..99d5e1f0f 100644
--- a/annotations.md
+++ b/annotations.md
@@ -48,6 +48,7 @@ This specification defines the following annotation keys, intended for but not l
   * This SHOULD be a fully qualified reference name, without any assumed default registry. (e.g., `index.docker.io/my-org/my-image:tag` instead of `my-org/my-image:tag`).
   * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
   * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
+  * If the `image.base.ref.name` annotation is specified, the `image.base.digest` annotation SHOULD be the digest of the manifest referenced by the `image.base.ref.name` annotation.
 
 ## Back-compatibility with Label Schema
 

From eaa222c578652d2fe41f2142020e713e5865ca1a Mon Sep 17 00:00:00 2001
From: Jason Hall <jasonhall@redhat.com>
Date: Wed, 30 Jun 2021 20:09:11 -0400
Subject: [PATCH 3/4] image.base.ref.name -> image.base.name based on
 stevvooe's feedback

Signed-off-by: Jason Hall <jasonhall@redhat.com>
---
 annotations.md             | 4 ++--
 specs-go/v1/annotations.go | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/annotations.md b/annotations.md
index 99d5e1f0f..ead0ce538 100644
--- a/annotations.md
+++ b/annotations.md
@@ -43,12 +43,12 @@ This specification defines the following annotation keys, intended for but not l
 * **org.opencontainers.image.base.digest** [Digest](descriptor.md#digests) of the image this image is based on (string)
   * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
   * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
-* **org.opencontainers.image.base.ref.name** Image reference of the image this image is based on (string)
+* **org.opencontainers.image.base.name** Image reference of the image this image is based on (string)
   * This SHOULD be image references in the format defined by [distribution/distribution](https://github.com/distribution/distribution/blob/d0deff9cd6c2b8c82c6f3d1c713af51df099d07b/reference/reference.go).
   * This SHOULD be a fully qualified reference name, without any assumed default registry. (e.g., `index.docker.io/my-org/my-image:tag` instead of `my-org/my-image:tag`).
   * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
   * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
-  * If the `image.base.ref.name` annotation is specified, the `image.base.digest` annotation SHOULD be the digest of the manifest referenced by the `image.base.ref.name` annotation.
+  * If the `image.base.name` annotation is specified, the `image.base.digest` annotation SHOULD be the digest of the manifest referenced by the `image.ref.name` annotation.
 
 ## Back-compatibility with Label Schema
 
diff --git a/specs-go/v1/annotations.go b/specs-go/v1/annotations.go
index 34ced01c8..581cf7cdf 100644
--- a/specs-go/v1/annotations.go
+++ b/specs-go/v1/annotations.go
@@ -57,6 +57,6 @@ const (
 	// AnnotationBaseImageDigest is the annotation key for the digest of the image's base image.
 	AnnotationBaseImageDigest = "org.opencontainers.image.base.digest"
 
-	// AnnotationBaseImageRefName is the annotation key for the image reference of the image's base image.
-	AnnotationBaseImageRefName = "org.opencontainers.image.base.ref.name"
+	// AnnotationBaseImageName is the annotation key for the image reference of the image's base image.
+	AnnotationBaseImageName = "org.opencontainers.image.base.name"
 )

From ebb32fd9c31048b499cf24cec7011842a6efb275 Mon Sep 17 00:00:00 2001
From: Jason Hall <jasonhall@redhat.com>
Date: Mon, 12 Jul 2021 13:39:42 -0400
Subject: [PATCH 4/4] Use registry.example.com as example default registry

Signed-off-by: Jason Hall <jasonhall@redhat.com>
---
 annotations.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/annotations.md b/annotations.md
index ead0ce538..907220796 100644
--- a/annotations.md
+++ b/annotations.md
@@ -45,7 +45,7 @@ This specification defines the following annotation keys, intended for but not l
   * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
 * **org.opencontainers.image.base.name** Image reference of the image this image is based on (string)
   * This SHOULD be image references in the format defined by [distribution/distribution](https://github.com/distribution/distribution/blob/d0deff9cd6c2b8c82c6f3d1c713af51df099d07b/reference/reference.go).
-  * This SHOULD be a fully qualified reference name, without any assumed default registry. (e.g., `index.docker.io/my-org/my-image:tag` instead of `my-org/my-image:tag`).
+  * This SHOULD be a fully qualified reference name, without any assumed default registry. (e.g., `registry.example.com/my-org/my-image:tag` instead of `my-org/my-image:tag`).
   * This SHOULD be the immediate image sharing zero-indexed layers with the image, such as from a Dockerfile `FROM` statement.
   * This SHOULD NOT reference any other images used to generate the contents of the image (e.g., multi-stage Dockerfile builds).
   * If the `image.base.name` annotation is specified, the `image.base.digest` annotation SHOULD be the digest of the manifest referenced by the `image.ref.name` annotation.