From 9f57e178877c3792b68cd09674730766c267e692 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Thu, 18 Mar 2021 16:28:03 -0400 Subject: [PATCH] add labels to the docker image + pin the docker pipeline install version Signed-off-by: Alex Goodman --- .github/workflows/release.yaml | 2 +- .goreleaser.yaml | 6 ++++++ Dockerfile | 14 ++++++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e3119140d..6e9393c3a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -83,7 +83,7 @@ jobs: needs: [wait-for-checks] runs-on: macos-latest # Due to our code signing process, it's vital that we run our release steps on macOS. steps: - - uses: docker-practice/actions-setup-docker@master + - uses: docker-practice/actions-setup-docker@v1 - uses: actions/setup-go@v2 with: diff --git a/.goreleaser.yaml b/.goreleaser.yaml index ec798ff33..bd8c7749e 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -101,3 +101,9 @@ dockers: - "anchore/syft:{{ .Tag }}" - "anchore/syft:v{{ .Major }}" - "anchore/syft:v{{ .Major }}.{{ .Minor }}" + + build_flag_templates: + - "--build-arg=BUILD_DATE={{.Date}}" + - "--build-arg=BUILD_VERSION={{.Version}}" + - "--build-arg=VCS_REF={{.FullCommit}}" + - "--build-arg=VCS_URL={{.GitURL}}" diff --git a/Dockerfile b/Dockerfile index af76ed5a3..7843e305e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,4 +11,18 @@ WORKDIR /tmp COPY syft / +ARG BUILD_DATE +ARG BUILD_VERSION +ARG VCS_REF +ARG VCS_URL + +LABEL org.label-schema.schema-version="1.0" +LABEL org.label-schema.build-date=$BUILD_DATE +LABEL org.label-schema.name="syft" +LABEL org.label-schema.description="CLI tool and library for generating a Software Bill of Materials from container images and filesystems" +LABEL org.label-schema.vcs-url=$VCS_URL +LABEL org.label-schema.vcs-ref=$VCS_REF +LABEL org.label-schema.vendor="Anchore, Inc." +LABEL org.label-schema.version=$BUILD_VERSION + ENTRYPOINT ["/syft"]