ci: Add image descriptions and source

More information in case the image is consumed via different sources than the official one. While at it, make the action steps more readable by adding separating newlines. Signed-off-by: Jan Kiszka <[email protected]>
siemens · Mar 9, 2024 · c4e4bf3 · c4e4bf3
1 parent 9103719
commit c4e4bf3
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 6 deletions.
diff --git a/.github/actions/docker-init/action.yml b/.github/actions/docker-init/action.yml
@@ -5,56 +5,87 @@ inputs:
     required: true
   deploy-token:
     required: true
-  cache-key:
+  image-name:
     required: true
 
 runs:
   using: composite
   steps:
     - name: Set up QEMU
       uses: docker/setup-qemu-action@v3
+
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
       with:
         driver-opts: image=moby/buildkit:v0.13.0
+
     - name: Login to ghcr.io
       uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ inputs.deploy-user }}
         password: ${{ inputs.deploy-token }}
+
     - name: Set SOURCE_DATE_EPOCH
       run: |
         echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
       shell: bash
+
     - name: Determine Debian tag
       run: |
         DEBIAN_RELEASE=$(grep -m 1 'ARG DEBIAN_TAG=' Dockerfile | sed 's/.*DEBIAN_TAG=\(.*\)-.*/\1/')
         echo "DEBIAN_TAG=$(podman image search --list-tags debian --limit 1000000000 | \
                            grep "$DEBIAN_RELEASE-.*-slim" | sort -r | head -1 | sed 's/.*[ ]\+//')" >> $GITHUB_ENV
       shell: bash
+
     - name: Prepare repository for COPY-in
       run: |
         git clone . /home/runner/kas-clone
       shell: bash
+
+    - name: Define image description
+      run: |
+        case ${{ inputs.image-name }} in
+        kas)
+            echo "IMAGE_DESCRIPTION=kas build environment for Yocto/OpenEmbedded projects" >> $GITHUB_ENV
+            ;;
+        kas-isar)
+            echo "IMAGE_DESCRIPTION=kas build environment for isar-based Debian projects" >> $GITHUB_ENV
+            ;;
+        esac
+      shell: bash
+
+    - name: Extract metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        annotations: |
+          org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
+          org.opencontainers.image.licenses=MIT and others
+      env:
+        DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
+
     - name: Cache var-cache-apt
       id: cache-var-cache-apt
       uses: actions/cache@v4
       with:
         path: var-cache-apt
-        key: var-cache-apt-${{ env.DEBIAN_TAG }}-${{ inputs.cache-key }}
+        key: var-cache-apt-${{ env.DEBIAN_TAG }}-${{ inputs.image-name }}
+
     - name: Cache var-lib-apt
       id: cache-var-lib-apt
       uses: actions/cache@v4
       with:
         path: var-lib-apt
-        key: var-lib-apt-${{ env.DEBIAN_TAG }}-${{ inputs.cache-key }}
+        key: var-lib-apt-${{ env.DEBIAN_TAG }}-${{ inputs.image-name }}
+
     - name: Inject var-cache-apt into docker
       uses: reproducible-containers/[email protected]
       with:
         cache-source: var-cache-apt
         cache-target: /var/cache/apt
         skip-extraction: ${{ steps.cache-var-cache-apt.outputs.cache-hit }}
+
     - name: Inject var-lib-apt into docker
       uses: reproducible-containers/[email protected]
       with:

diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
@@ -30,7 +30,7 @@ jobs:
         with:
           deploy-user: ${{ github.actor }}
           deploy-token: ${{ secrets.GITHUB_TOKEN }}
-          cache-key: ${{ matrix.image-name }}
+          image-name: ${{ matrix.image-name }}
       - name: Build ${{ matrix.image-name }} image
         uses: docker/build-push-action@v5
         if: ${{ env.PUSH_MASTER }}
@@ -44,3 +44,4 @@ jobs:
           provenance: mode=max,reproducible=true
           outputs: type=registry,rewrite-timestamp=true
           tags: ghcr.io/siemens/kas/${{ matrix.image-name }}
+          annotations: ${{ env.DOCKER_METADATA_OUTPUT_ANNOTATIONS }}
diff --git a/.github/workflows/next.yml b/.github/workflows/next.yml
@@ -76,7 +76,7 @@ jobs:
         with:
           deploy-user: ${{ github.actor }}
           deploy-token: ${{ secrets.GITHUB_TOKEN }}
-          cache-key: ${{ matrix.image-name }}
+          image-name: ${{ matrix.image-name }}
 
       - name: Build ${{ matrix.image-name }} image
         uses: docker/build-push-action@v5
@@ -105,3 +105,4 @@ jobs:
           provenance: mode=max,reproducible=true
           outputs: type=registry,rewrite-timestamp=true
           tags: ghcr.io/siemens/kas/${{ matrix.image-name }}:next
+          annotations: ${{ env.DOCKER_METADATA_OUTPUT_ANNOTATIONS }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -22,7 +22,7 @@ jobs:
         with:
           deploy-user: ${{ github.actor }}
           deploy-token: ${{ secrets.GITHUB_TOKEN }}
-          cache-key: ${{ matrix.image-name }}
+          image-name: ${{ matrix.image-name }}
       - name: Build ${{ matrix.image-name }} image
         uses: docker/build-push-action@v5
         with:
@@ -38,3 +38,4 @@ jobs:
             ghcr.io/siemens/kas/${{ matrix.image-name }}
             ghcr.io/siemens/kas/${{ matrix.image-name }}:${{ env.RELEASE_VERSION }}
             ghcr.io/siemens/kas/${{ matrix.image-name }}:latest-release
+          annotations: ${{ env.DOCKER_METADATA_OUTPUT_ANNOTATIONS }}