OCI annotations can be set on manifests, to provide metadata about the images.
ko today supports setting labels (introduced by docker) but not setting annotations (introduced by the OCI spec).
It does set annotations related to the base image used, which is great, but it also sets additional annotations, inherited from the base image, which do not apply to the target image, and cannot be overwritten using ko.
This feature request stems from something I noticed on Tekton container images.
Since Tekton uses Chainguard's base images and ko to build its images, the annotations resulting in Tekton images look like:
OCI annotations can be set on manifests, to provide metadata about the images.
ko
today supports setting labels (introduced by docker) but not setting annotations (introduced by the OCI spec). It does set annotations related to the base image used, which is great, but it also sets additional annotations, inherited from the base image, which do not apply to the target image, and cannot be overwritten usingko
.This feature request stems from something I noticed on Tekton container images. Since Tekton uses Chainguard's base images and
ko
to build its images, the annotations resulting in Tekton images look like:While the
org.opencontainers.image.base
part is correct, the values author, source and URL do not apply to Tekton images.