Opencontainers

cmd/artifactPrepareVersion.go

@@ -235,7 +235,9 @@ func runArtifactPrepareVersion(config *artifactPrepareVersionOptions, telemetryD
 	log.Entry().Infof("New version: '%v'", newVersion)
 
 	commonPipelineEnvironment.git.commitID = gitCommitID // this commitID changes and is not necessarily the HEAD commitID
+	commonPipelineEnvironment.container.labels["org.opencontainers.image.revision"] = gitCommitID
 	commonPipelineEnvironment.artifactVersion = newVersion
+	commonPipelineEnvironment.container.labels["org.opencontainers.image.version"] = newVersion
 	commonPipelineEnvironment.originalArtifactVersion = version
 
 	gitCommitMessages := strings.Split(gitCommitMessage, "\n")

cmd/kanikoExecute.go

@@ -170,7 +170,7 @@ func runKanikoExecute(config *kanikoExecuteOptions, telemetryData *telemetry.Cus
 			log.Entry().Debugf("Building image '%v' using file '%v'", image, file)
 			containerImageNameAndTag := fmt.Sprintf("%v:%v", image, containerImageTag)
 			buildOpts := append(config.BuildOptions, "--destination", fmt.Sprintf("%v/%v", containerRegistry, containerImageNameAndTag))
-			if err = runKaniko(file, buildOpts, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
+			if err = runKaniko(config, file, buildOpts, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
 				return fmt.Errorf("failed to build image '%v' using '%v': %w", image, file, err)
 			}
 			commonPipelineEnvironment.container.imageNames = append(commonPipelineEnvironment.container.imageNames, image)
@@ -231,7 +231,7 @@ func runKanikoExecute(config *kanikoExecuteOptions, telemetryData *telemetry.Cus
 					dockerfilePath = entry.DockerfilePath
 				}
 
-				if err = runKaniko(dockerfilePath, buildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
+				if err = runKaniko(config, dockerfilePath, buildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
 					return fmt.Errorf("multipleImages: failed to build image '%v' using '%v': %w", entry.ContainerImageName, config.DockerfilePath, err)
 				}
 
@@ -262,7 +262,7 @@ func runKanikoExecute(config *kanikoExecuteOptions, telemetryData *telemetry.Cus
 					dockerfilePath = entry.DockerfilePath
 				}
 
-				if err = runKaniko(dockerfilePath, buildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
+				if err = runKaniko(config, dockerfilePath, buildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
 					return fmt.Errorf("multipleImages: failed to build image '%v' using '%v': %w", containerImageName, config.DockerfilePath, err)
 				}
 
@@ -356,7 +356,7 @@ func runKanikoExecute(config *kanikoExecuteOptions, telemetryData *telemetry.Cus
 		config.BuildOptions = append(config.BuildOptions, "--no-push")
 	}
 
-	if err = runKaniko(config.DockerfilePath, config.BuildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
+	if err = runKaniko(config, config.DockerfilePath, config.BuildOptions, config.ReadImageDigest, execRunner, fileUtils, commonPipelineEnvironment); err != nil {
 		return err
 	}
 
@@ -368,7 +368,7 @@ func runKanikoExecute(config *kanikoExecuteOptions, telemetryData *telemetry.Cus
 	return nil
 }
 
-func runKaniko(dockerFilepath string, buildOptions []string, readDigest bool, execRunner command.ExecRunner, fileUtils piperutils.FileUtils, commonPipelineEnvironment *kanikoExecuteCommonPipelineEnvironment) error {
+func runKaniko(config *kanikoExecuteOptions, dockerFilepath string, buildOptions []string, readDigest bool, execRunner command.ExecRunner, fileUtils piperutils.FileUtils, commonPipelineEnvironment *kanikoExecuteCommonPipelineEnvironment) error {
 	cwd, err := fileUtils.Getwd()
 	if err != nil {
 		return fmt.Errorf("failed to get current working directory: %w", err)
@@ -379,6 +379,10 @@ func runKaniko(dockerFilepath string, buildOptions []string, readDigest bool, ex
 	kanikoOpts := []string{"--dockerfile", dockerFilepath, "--context", "dir://" + cwd}
 	kanikoOpts = append(kanikoOpts, buildOptions...)
 
+	for label, value := range config.Labels {
+		kanikoOpts = append(kanikoOpts, "--label", fmt.Sprintf("%s=%s", label, value))
+	}
+
 	tmpDir, err := fileUtils.TempDir("", "*-kanikoExecute")
 	if err != nil {
 		return fmt.Errorf("failed to create tmp dir for kanikoExecute: %w", err)

resources/metadata/artifactPrepareVersion.yaml

@@ -40,7 +40,7 @@ metadata:
 
     The version is then either manually set by the team in the course of the development process or automatically pushed to master after a successful release.
 
-    Unlike for the _Continuous Deloyment_ pattern described above, in this case there is no dedicated tagging required for the build process since the version is already available in the repository.
+    Unlike for the _Continuous Deployment_ pattern described above, in this case there is no dedicated tagging required for the build process since the version is already available in the repository.
 
     Configuration of this pattern is done via `versioningType: library`.
 
@@ -385,6 +385,8 @@ spec:
           - name: git/commitId
           - name: git/headCommitId
           - name: git/commitMessage
+          - name: container/labels
+            type: map[string]interface{}
   containers:
     - image: maven:3.6-jdk-8
       conditions:

resources/metadata/kanikoExecute.yaml

@@ -103,7 +103,7 @@
             param: custom/buildSettingsInfo
       - name: containerBuildOptions
         type: string
-        description: Deprected, please use buildOptions. Defines the build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
+        description: Deprecated, please use buildOptions. Defines the build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
         scope:
           - PARAMETERS
           - STAGES
@@ -306,6 +306,19 @@
           - PARAMETERS
           - STEPS
         default: "https://github.com/anchore/syft/releases/download/v1.4.1/syft_1.4.1_linux_amd64.tar.gz"
+      - name: labels
+        type: map[string]interface{}
+        description: Map of labels to be added to the image. The key is the label name and the value is the label value.
+        # https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
+        default: []
+        scope:
+        - GENERAL
+        - STEPS
+        - STAGES
+        - PARAMETERS
+        resourceRef:
+        - name: commonPipelineEnvironment
+          param: container/labels
   outputs:
     resources:
       - name: commonPipelineEnvironment