Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Utilize pre-defined annotation keys from OCI Image Format Specification #2147

Open
hiddeco opened this issue Jun 11, 2024 · 5 comments
Open

Utilize pre-defined annotation keys from OCI Image Format Specification #2147

hiddeco opened this issue Jun 11, 2024 · 5 comments
Labels
area/api area/controller area/usability kind/discussion priority/low

Comments

@hiddeco
Copy link
Contributor

hiddeco commented Jun 11, 2024
edited
Loading

The OCI Image Format Specification defines a set of annotation keys that can be used to attach metadata (like the source of an artifact, or the build timestamp) in a standardized manner to a container image (or OCI artifact).

Some of these are interesting to Kargo to improve (for example, build time instead of push time for sorting), enrich (for example, determining the source of a container image for other registries than GHCR), or further extend the metadata we gather for an image artifact which is part of a Freight.

As the adoption of this is quite mature 1, 2, I think it would be wonderful to see if and how we can better utilize these within Kargo.
@krancour
Copy link
Member

I especially like the potential to use this to connect the dots from an image back to the repo with the source the image was built from.

@jessesuen
Copy link
Member

Love this idea.

It's always been a goal to somehow link back to original source code so that users know the contents of what they were promoting. This is why the GitRepoURL field exists (which isn't really used).

org.opencontainers.image.source would be a much better way to do this.

@hiddeco
Copy link
Contributor Author

hiddeco commented Jun 12, 2024

That's indeed also one of the use cases I had in mind myself.

The other one, is starting to use org.opencontainers.image.created instead of the (push) timestamp we receive from the registry when we order by build time. The advantage of this, is that these annotations can be transferred to any other registry, which could prevent potential issues when people move to e.g. an in-cluster mirror or a different registry host.

This was referenced Oct 23, 2024
Open
Open
@jessesuen
Copy link
Member

I think this feature can be as simple as surfacing OCI metadata into the freight. Then, other Kargo features (#2830, #821) will take advantage of that metadata as UI or git commit features.

@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it had no activity for 90 days. It will be closed if no activity occurs in the next 30 days but can be reopened if it becomes relevant again.

@github-actions github-actions bot added the stale label Jan 22, 2025
@krancour krancour removed the stale label Jan 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/api area/controller area/usability kind/discussion priority/low
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@krancour @hiddeco @jessesuen