New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Docker job to create containers for tag & use org.opencontainers.image.source annotation #1390

Open

2 tasks

louise-davies opened this issue Apr 16, 2024 · 0 comments

Labels

deployment enhancement

Member

louise-davies commented Apr 16, 2024

Description:
Currently, the docker job runs on pull requests & main & dev branches only, which means we don't have a proper pipeline to create Docker images when we tag a release. As part of addressing this, we should consider adding the org.opencontainers.image.source annotation (see https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file?learn=dependency_version_updates&learnProduct=code-security#docker) - this requires the repo tags matches the docker images tags hence the first part of this issue is a prerequisite.

We should do this for all of our repos, just having the issue in SG to track it generally.

Acceptance criteria:

Docker images are published to Harbor for tags (corresponding to releases)
The org.opencontainers.image.source annotation is added to the Docker containers.

louise-davies added enhancement deployment labels

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment