Better support for org.opencontainers.image labels? #50014
GitCodeGoose
started this conversation in
General
Replies: 1 comment
-
|
If you're building with BuildKit and either use the containerd image-store, or push images directly from your build, you can have annotations, attestations, SBOMS and provenance attached with your image; |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi
I am under the impression that labels could be really useful for managing some aspects of docker container image vulnerabilities. Yet they seem not to be widely used.
While some labels can be easily set using --label from the CLI.
e.g. authors, documentation, url, ...
other labels would require evaluation of the Dockerfile with the args.
E.g. base images and resolved digests, ...
base.name,
base.digest
AFAIK there might also be several base images: base-build and base-runtime, ...
Is this on other peoples' minds? Is there already a feature request for that?
Thanks for the help!
Beta Was this translation helpful? Give feedback.
All reactions