Closed trallard closed 2 years ago
Hey @trallard, thanks for the suggestion! I'm only faintly aware of OCI, but I started with adding the following labels:
LABEL org.opencontainers.image.authors="Quansight" \
org.opencontainers.image.source="https://github.com/Quansight/qhub"
Are there any others that you would recommend? Perhaps a description for each of image in question?
I would suggest adding the following on top of source and maintainer:
Also it is advisable that the author
label has a contact option (email, github handle, etc)
@trallard @HarshCasper I just realized that we already set OCI-compliant labels :)
https://github.com/Quansight/qhub/runs/4111162873?check_suite_focus=true#step:5:32
Who should we add as author
? @costrouc?
Maybe the QHub development team? - do we have a qhub email or something?
@iameskild are you still working on items related to this or shall we close the issue?
Hey @trallard, I believe that we can. Here are the labels currently being applied:
"org.opencontainers.image.title": "qhub",
"org.opencontainers.image.description": "QHub deployment tool",
"org.opencontainers.image.url": "https://github.com/Quansight/qhub",
"org.opencontainers.image.source": "https://github.com/Quansight/qhub",
"org.opencontainers.image.version": "docs-update-cleanup",
"org.opencontainers.image.created": "2021-12-13T18:02:27.414Z",
"org.opencontainers.image.revision": "7bcfa7e72875102025276298168c8a95e2518f5c",
"org.opencontainers.image.licenses": "BSD-3-Clause"
I didn't find "email" as a predefined OCI key but we can add another field/key if you would like to include it. Otherwise this issue can be closed.
that should be enough - will go ahead and close this issue
Description
As part of the Docker over-haul currently going on it would be good to add better metadata for the Docker images, to facilitate findability, reproducibility and trust Right now the Docker images have a single label
maintainer
Suggestion
Add more
OCI
compliant annotations to the Docker images seehttps://github.com/opencontainers/image-spec/blob/main/annotations.mdContext
This adheres to industry-standard best practices and increases the end-user confidence