From 6e1a19f1d1f0113f812ca93696f1e2b8352cdbb2 Mon Sep 17 00:00:00 2001
From: "Nicholas St. Germain" <nick@cajun.pro>
Date: Thu, 10 Sep 2020 00:11:03 -0500
Subject: [PATCH] clean up container

---
 .github/workflows/docker.yaml | 10 +++++++++-
 Dockerfile                    | 10 ++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 807554b..6e17016 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -31,7 +31,10 @@ jobs:
           if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
             TAGS="$TAGS,${DOCKER_IMAGE}:latest,ghcr.io/${DOCKER_IMAGE}:latest,quay.io/${DOCKER_IMAGE}:latest"
           fi
+          echo ::set-output name=version::${VERSION}
           echo ::set-output name=tags::${TAGS}
+          echo ::set-output name=build_date::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+          echo ::set-output name=vcs_ref::${GITHUB_SHA::8}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
@@ -74,6 +77,11 @@ jobs:
             linux/arm/v7
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.prep.outputs.tags }}
+          build-args: |
+            VERSION=${{ steps.prep.outputs.version }}
+            BUILD_DATE=${{ steps.prep.outputs.build_date }}
+            VCS_REF=${{ steps.prep.outputs.vcs_ref }}
       - name: Inspect
+        if: ${{ github.event_name != 'pull_request' }}
         run: |
-          docker buildx imagetools inspect ${DOCKER_IMAGE}:${{ needs.version-check.outputs.version }}
+          docker buildx imagetools inspect ${DOCKER_IMAGE}:${{ steps.prep.outputs.version }}
diff --git a/Dockerfile b/Dockerfile
index a9d60e8..2ce393f 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,6 +21,16 @@ RUN make build
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
+LABEL maintainer="DirtyCajunRice,mcavoyk" \
+  org.opencontainers.image.created=$BUILD_DATE \
+  org.opencontainers.image.url="https://github.com/itscontained/secret-manager" \
+  org.opencontainers.image.source="https://github.com/itscontained/secret-manager" \
+  org.opencontainers.image.version=$VERSION \
+  org.opencontainers.image.revision=$VCS_REF \
+  org.opencontainers.image.vendor="itscontained" \
+  org.opencontainers.image.title="secret-manager" \
+  org.opencontainers.image.description="Secret Manager is a set of Kubernetes CRDs and controllers which define a common method of interacting with External SecretStores." \
+  org.opencontainers.image.licenses="APACHE"
 COPY --from=builder /workspace/bin/manager .
 USER nonroot:nonroot