Add OpenContainer Image Format Annotations as Labels to Docker Image

.github/workflows/ci.yaml

@@ -46,6 +46,11 @@ jobs:
           go-version-file: go.mod
       - name: "[preparation] set up qemu"
         uses: docker/[email protected]
+      - name: '[preparation] extract docker metadata'
+        id: meta
+        uses: docker/[email protected]
+        with:
+          images: ${DOCKER_HUB_REPO}
       - name: "[preparation] set up docker context for buildx"
         run: docker context create builders
       - name: "[preparation] set up docker buildx"
@@ -75,6 +80,14 @@ jobs:
           fi
           
           echo "CONTAINER_IMAGE_TAG=${CONTAINER_IMAGE_TAG}-${{ matrix.config.platform }}${{ matrix.config.version }}-${{ matrix.config.arch }}" >> $GITHUB_ENV
+      - name: "[preparation] set the container image labels"
+        run: |
+          CONTAINER_IMAGE_LABELS=()
+          while read -r label; do
+            CONTAINER_IMAGE_LABELS+=(--label "${label}")
+          done <<<"${DOCKER_METADATA_OUTPUT_LABELS}"
+
+          echo "CONTAINER_IMAGE_LABELS=${CONTAINER_IMAGE_LABELS}" >> $GITHUB_ENV      
       - name: "[execution] build linux & windows agent binaries"
         run: |
           mkdir -p dist/
@@ -84,13 +97,14 @@ jobs:
       - name: "[execution] build and push docker images"
         run: |
           if [ "${{ matrix.config.platform }}" == "windows" ]; then
-            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} --build-arg OSVERSION=${{ matrix.config.version }} -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" -f build/${{ matrix.config.platform }}/Dockerfile .
+            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} "${CONTAINER_IMAGE_LABELS[@]}" --build-arg OSVERSION=${{ matrix.config.version }} -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" -f build/${{ matrix.config.platform }}/Dockerfile .
           else 
-            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" -f build/${{ matrix.config.platform }}/Dockerfile .
-            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-alpine" -f build/${{ matrix.config.platform }}/alpine.Dockerfile .
+            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} "${CONTAINER_IMAGE_LABELS[@]}" -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}" -f build/${{ matrix.config.platform }}/Dockerfile .
+            docker buildx build --output=type=registry --attest type=provenance,mode=max --attest type=sbom,disabled=false --platform ${{ matrix.config.platform }}/${{ matrix.config.arch }} "${CONTAINER_IMAGE_LABELS[@]}" -t "${DOCKER_HUB_REPO}:${CONTAINER_IMAGE_TAG}-alpine" -f build/${{ matrix.config.platform }}/alpine.Dockerfile .
           fi
         env:
           CONTAINER_IMAGE_TAG: ${{ env.CONTAINER_IMAGE_TAG }}
+          CONTAINER_IMAGE_LABELS: ${{ env.CONTAINER_IMAGE_LABELS }}
   build_manifests:
     runs-on: ubuntu-latest
     needs: [build_images]