From 02c5f2943e0d0b81b5032322ebf9965988251724 Mon Sep 17 00:00:00 2001
From: Roman Gorshunov <roman.gorshunov@att.com>
Date: Fri, 21 Sep 2018 03:31:13 +0200
Subject: [PATCH] Fix: git commit id labels on images

1) Use OCI Image Specs for labels instead of custom 'commit-id=xxxxx'
   or legacy "Label Schema"
2) Fix missing git commit id labels on images (.revision)
3) Add human-readable title (.title) of the image, URL (.url), and
   a few other properties (annotations) according to the latest Specs
4) Unify docker-image-build.yaml playbook with other Airship-*
   components

Change-Id: I89afed3bf6a1f9fa92391d605bb6b3c871e58126
---
 Dockerfile                                   |  7 +++
 Makefile                                     | 14 ++++--
 tools/zuul/playbooks/docker-image-build.yaml | 51 +++++++++++++-------
 3 files changed, 52 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 69e12ecb..e1ad2d50 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,6 +15,13 @@
 ARG FROM=python:3.6
 FROM ${FROM}
 
+LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode'
+LABEL org.opencontainers.image.url='https://airshipit.org'
+LABEL org.opencontainers.image.documentation='https://airship-promenade.readthedocs.org'
+LABEL org.opencontainers.image.source='https://git.openstack.org/openstack/airship-promenade'
+LABEL org.opencontainers.image.vendor='The Airship Authors'
+LABEL org.opencontainers.image.licenses='Apache-2.0'
+
 VOLUME /etc/promenade
 VOLUME /target
 
diff --git a/Makefile b/Makefile
index a71b9d97..dbbe7c4c 100644
--- a/Makefile
+++ b/Makefile
@@ -22,7 +22,7 @@ PROXY             ?= http://proxy.foo.com:8000
 NO_PROXY          ?= localhost,127.0.0.1,.svc.cluster.local
 USE_PROXY         ?= false
 PUSH_IMAGE        ?= false
-LABEL             ?= commit-id
+COMMIT            ?= commit-id
 PYTHON            = python3
 CHARTS            := $(patsubst charts/%/.,%,$(wildcard charts/*/.))
 IMAGE             := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}
@@ -114,7 +114,11 @@ $(CHARTS): $(addprefix dry-run-,$(CHARTS)) chartbanner
 .PHONY: build_promenade
 build_promenade:
 ifeq ($(USE_PROXY), true)
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f ./Dockerfile \
+	docker build --network host -t $(IMAGE) \
+		--label "org.opencontainers.image.revision=$(COMMIT)" \
+		--label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \
+		--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
+		-f ./Dockerfile \
 		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
@@ -123,7 +127,11 @@ ifeq ($(USE_PROXY), true)
 		--build-arg no_proxy=$(NO_PROXY) \
 		--build-arg NO_PROXY=$(NO_PROXY) .
 else
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f ./Dockerfile \
+	docker build --network host -t $(IMAGE) \
+		--label "org.opencontainers.image.revision=$(COMMIT)" \
+		--label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \
+		--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
+		-f ./Dockerfile \
 		--build-arg FROM=$(PYTHON_BASE_IMAGE) .
 endif
 ifeq ($(PUSH_IMAGE), true)
diff --git a/tools/zuul/playbooks/docker-image-build.yaml b/tools/zuul/playbooks/docker-image-build.yaml
index 86592394..b1cba566 100644
--- a/tools/zuul/playbooks/docker-image-build.yaml
+++ b/tools/zuul/playbooks/docker-image-build.yaml
@@ -70,24 +70,14 @@
       debug:
         var: image_tags
 
-    - name: Docker login
-      docker_login:
-        password: "{{ airship_promenade_quay_creds.password }}"
-        username: "{{ airship_promenade_quay_creds.username }}"
-        registry_url: "https://quay.io/api/v1/"
-
-      become: True
-      when: publish
-
-    - name: Build (and push) images
+    - name: Make images
+      when: not publish
       block:
-        - docker_image:
-            name: "quay.io/airshipit/promenade"
-            dockerfile: "Dockerfile"
-            path: "{{ zuul.project.src_dir }}"
-            pull: false
-            push: "{{ publish }}"
-            tag: "{{ item }}"
+        - make:
+            chdir: "{{ zuul.project.src_dir }}"
+            target: images
+            params:
+              IMAGE_TAG: "{{ item }}"
           with_items: "{{ image_tags.stdout_lines }}"
 
         - shell: "docker images"
@@ -97,3 +87,30 @@
             var: docker_images
 
       become: True
+
+    - name: Publish images
+      block:
+        - docker_login:
+            username: "{{ airship_promenade_quay_creds.username }}"
+            password: "{{ airship_promenade_quay_creds.password }}"
+            registry_url: "https://quay.io/api/v1/"
+
+        - make:
+            chdir: "{{ zuul.project.src_dir }}"
+            target: images
+            params:
+              DOCKER_REGISTRY: "quay.io"
+              IMAGE_PREFIX: "airshipit"
+              IMAGE_TAG: "{{ item }}"
+              COMMIT: "{{ zuul.newrev }}"
+              PUSH_IMAGE: "true"
+          with_items: "{{ image_tags.stdout_lines }}"
+
+        - shell: "docker images"
+          register: docker_images
+
+        - debug:
+            var: docker_images
+
+      when: publish
+      become: True