Merge pull request projectcalico#8195 from mgleung/build-labels

Add build labels for the node image
wangguiyu · Nov 13, 2023 · cbce5a0 · cbce5a0
2 parents 252b833 + 3ef3c03
commit cbce5a0
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 5 deletions.
diff --git a/node/Dockerfile.amd64 b/node/Dockerfile.amd64
@@ -227,6 +227,9 @@ RUN /clean-up-filesystem.sh
 # Copy everything into a fresh scratch image so that naive CVE scanners don't pick up binaries and libraries
 # that have been removed in our later layers.
 FROM scratch
+
+ARG GIT_VERSION
+
 COPY --from=ubi / /
 
 # Add in top-level license file
@@ -245,7 +248,7 @@ LABEL name="Calico node" \
       release="1" \
       summary="Calico node handles networking and policy for Calico" \
       description="Calico node handles networking and policy for Calico" \
-      maintainer="laurence@tigera.io"
+      maintainer="maintainers@tigera.io"
 
 # Tell sv where to find the services.
 ENV SVDIR=/etc/service/enabled
diff --git a/node/Dockerfile.arm64 b/node/Dockerfile.arm64
@@ -249,6 +249,9 @@ RUN /clean-up-filesystem.sh
 # Copy everything into a fresh scratch image so that naive CVE scanners don't pick up binaries and libraries
 # that have been removed in our later layers.
 FROM scratch
+
+ARG GIT_VERSION
+
 COPY --from=ubi / /
 
 # Add in top-level license file
@@ -266,7 +269,7 @@ LABEL name="Calico node" \
       release="1" \
       summary="Calico node handles networking and policy for Calico" \
       description="Calico node handles networking and policy for Calico" \
-      maintainer="reza@tigera.io"
+      maintainer="maintainers@tigera.io"
 
 # Tell sv where to find the services.
 ENV SVDIR=/etc/service/enabled
diff --git a/node/Dockerfile.armv7 b/node/Dockerfile.armv7
@@ -21,6 +21,7 @@ FROM arm32v7/alpine:3.18 as base
 MAINTAINER Marc Crébassa <[email protected]>
 
 ARG ARCH=armv7
+ARG GIT_VERSION
 
 # Enable non-native builds of this image on an amd64 hosts.
 # This must be the first RUN command in this file!
@@ -50,5 +51,15 @@ RUN rm /usr/bin/qemu-arm-static
 
 CMD ["start_runit"]
 
+# Required labels for certification
+LABEL name="Calico node" \
+      vendor="Project Calico" \
+      version=$GIT_VERSION \
+      release="1" \
+      summary="Calico node handles networking and policy for Calico" \
+      description="Calico node handles networking and policy for Calico" \
+      maintainer="[email protected]"
+
+
 # Tell sv where to find the services.
 ENV SVDIR=/etc/service/enabled
diff --git a/node/Dockerfile.ppc64le b/node/Dockerfile.ppc64le
@@ -24,6 +24,7 @@ FROM ppc64le/alpine:3.18
 MAINTAINER David Wilder <[email protected]>
 
 ARG ARCH=ppc64le
+ARG GIT_VERSION
 
 # Set the minimum required Docker API version.
 ENV DOCKER_API_VERSION 1.21
@@ -58,5 +59,14 @@ RUN rm /usr/bin/qemu-${ARCH}-static
 
 CMD ["start_runit"]
 
+# Required labels for certification
+LABEL name="Calico node" \
+      vendor="Project Calico" \
+      version=$GIT_VERSION \
+      release="1" \
+      summary="Calico node handles networking and policy for Calico" \
+      description="Calico node handles networking and policy for Calico" \
+      maintainer="[email protected]"
+
 # Tell sv where to find the services.
 ENV SVDIR=/etc/service/enabled
diff --git a/node/Dockerfile.s390x b/node/Dockerfile.s390x
@@ -25,6 +25,7 @@ FROM s390x/alpine:3.18 as base
 # This must be the first RUN command in this file!
 COPY --from=qemu /usr/bin/qemu-*-static /usr/bin/
 ARG ARCH=s390x
+ARG GIT_VERSION
 
 # Install remaining runtime deps required for felix from the global repository
 RUN apk add --no-cache bash ip6tables ipset iputils iproute2 conntrack-tools runit file ca-certificates
@@ -58,7 +59,7 @@ LABEL name="Calico node" \
       release="1" \
       summary="Calico node handles networking and policy for Calico" \
       description="Calico node handles networking and policy for Calico" \
-      maintainer="laurence@tigera.io"
+      maintainer="maintainers@tigera.io"
 
 # Tell sv where to find the services.
 ENV SVDIR=/etc/service/enabled
diff --git a/node/Makefile b/node/Makefile
@@ -255,12 +255,12 @@ sub-image-fips-%:
 
 image $(NODE_IMAGE): register $(NODE_CONTAINER_MARKER)
 $(NODE_CONTAINER_CREATED): $(REMOTE_DEPS) ./Dockerfile.$(ARCH) $(NODE_CONTAINER_BINARY) $(INCLUDED_SOURCE) $(NODE_CONTAINER_FILES) $(TOOLS_MOUNTNS_BINARY)
-	$(DOCKER_BUILD) --build-arg BIN_DIR=$(NODE_CONTAINER_BIN_DIR) --build-arg BIRD_IMAGE=$(BIRD_IMAGE) -t $(NODE_IMAGE):latest-$(ARCH) -f ./Dockerfile.$(ARCH) . --load
+	$(DOCKER_BUILD) --build-arg BIN_DIR=$(NODE_CONTAINER_BIN_DIR) --build-arg BIRD_IMAGE=$(BIRD_IMAGE) --build-arg GIT_VERSION=$(GIT_VERSION) -t $(NODE_IMAGE):latest-$(ARCH) -f ./Dockerfile.$(ARCH) . --load
 	$(MAKE) retag-build-images-with-registries VALIDARCHES=$(ARCH) IMAGETAG=latest
 	touch $@
 
 $(NODE_CONTAINER_FIPS_CREATED): $(REMOTE_DEPS) ./Dockerfile.$(ARCH) $(NODE_CONTAINER_BINARY) $(INCLUDED_SOURCE) $(NODE_CONTAINER_FILES) $(TOOLS_MOUNTNS_BINARY)
-	$(DOCKER_BUILD) --build-arg BIN_DIR=$(NODE_CONTAINER_BIN_DIR) --build-arg BIRD_IMAGE=$(BIRD_IMAGE) -t $(NODE_IMAGE):latest-fips-$(ARCH) -f ./Dockerfile.$(ARCH) . --load
+	$(DOCKER_BUILD) --build-arg BIN_DIR=$(NODE_CONTAINER_BIN_DIR) --build-arg BIRD_IMAGE=$(BIRD_IMAGE) --build-arg GIT_VERSION=$(GIT_VERSION) -t $(NODE_IMAGE):latest-fips-$(ARCH) -f ./Dockerfile.$(ARCH) . --load
 	$(MAKE) retag-build-images-with-registries VALIDARCHES=$(ARCH) IMAGETAG=latest-fips LATEST_IMAGE_TAG=latest-fips
 	touch $@