RocketChat
Adjust maintainer label to opencontainer spec
https://github.com/opencontainers/image-spec/blob/v1.0.1/annotations.md
From: https://github.com/docker-library/official-images/pull/5590#issuecomment-475786094
Please also add other org.opencontainers labels. Especially org.opencontainers.image.source would be really helpful as tools like renovate bot will use it to auto-fetch the change log.
The Docker images provided for rocket.chat currently do not contain any Docker labels that contain the corresponding references to the source repository, the license, the "manufacturer", the link to the documentation or similar. The OpenContainerInitiative has created an open standard that contains various meta information and is also officially recommended by Docker (e.g. instead of the deprecated MAINTAINER).
The solution i'd suggest
Adding the following labels:
org.opencontainers.image.title="Rocket.Chat" # Human-readable title of the image
org.opencontainers.image.description="The Complete Open Source Chat Solution" # Human-readable description of the software packaged in the image
org.opencontainers.image.created="2023-06-14T15:37:46Z" # date and time on which the image was built, conforming to RFC 3339
org.opencontainers.image.authors="Rocket.Chat Community" # contact details of the people or organization responsible for the image
org.opencontainers.image.url="https://www.rocket.chat/" # URL to find more information on the image
org.opencontainers.image.documentation="https://docs.rocket.chat/" # URL to get documentation on the image
org.opencontainers.image.source="https://github.com/RocketChat/Rocket.Chat" # URL to get source code for building the image
org.opencontainers.image.version="6.6.0" # version of the packaged software
org.opencontainers.image.revision="abf8f791360b2bc4a5c7d011877668679bcbb3f2" # Source control revision identifier for the packaged software --> aka. Git SHA
org.opencontainers.image.vendor="Rocket.Chat Community" # Name of the distributing entity, organization or individual
org.opencontainers.image.licenses="MIT" # License(s) under which contained software is distributed as an SPDX License Expression(https://spdx.github.io/spdx-spec/v2.3/SPDX-license-expressions/)
org.opencontainers.image.base.name="docker.io/library/debian:bullseye-slim"
Implementation
- The static values can be stored in the Dockerfile depending on the build setup, the dynamic values (commit ref, build date, etc.) must be set dynamically in the workflow.
- If the values are always set dynamically in the workflow, it has the advantage that packages are published with adapted values in the event of a fork.
Static labels (which won't change that often)
...
LABEL org.opencontainers.image.title="Rocket.Chat" \
org.opencontainers.image.description="The Complete Open Source Chat Solution" \
org.opencontainers.image.authors="Rocket.Chat Community" \
org.opencontainers.image.url="https://www.rocket.chat/" \
org.opencontainers.image.documentation="https://docs.rocket.chat/" \
org.opencontainers.image.source="https://github.com/RocketChat/Rocket.Chat" \
org.opencontainers.image.vendor="Rocket.Chat Community" \
org.opencontainers.image.licenses="MIT"
org.opencontainers.image.base.name="docker.io/library/debian:bullseye-slim"
...
... and dynamic labels (which are indeed mostly static, but could also be fetched dynamically for the afore-mentioned reasons of flexibility) since i couldn't find any github-based build workflow, here just the list instead instead of usable variables/placeholders:
...
echo "NOW=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
....
org.opencontainers.image.created=${{ env.NOW }}
org.opencontainers.image.version=${{VERSION}}
org.opencontainers.image.revision=${{REVISION_SHA}}
--> I would recommend a dynamic implementation where possible.
Advantages and benefits:
- Tools such as Renovate or Dependabot (which I actively use myself) read the tags and can embed the changelog or a reference to the source repo directly in the automated pull requests
- Github also displays the information contained in the own container registry GHCR
- the information can also be output via CLI
docker inspect:docker inspect $(docker ps -q) --format='{{ .Id }} {{ index .Config.Labels "org.opencontainers.image.source" }}'- or any other parameter instead of.source- so you can quickly see all active container licenses, the build date etc., for example.
Background informations
- the previously used label schema(https://github.com/label-schema/label-schema.org/blob/gh-pages/rc1.md) is deprecated and has been replaced by the OCI annotations - there is a corresponding mapping table for transfer.
