Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update image details readme and metadata.hcl #2130

Conversation

developer-guy
Copy link
Contributor

New Image Pull Request Template

Image Size

  • The Image is smaller in size than its common public counterpart.
  • The Image is larger in size than its common public counterpart (please explain in the notes).

Notes:

Image Vulnerabilities

  • The Grype vulnerability scan returned 0 CVE(s).
  • The Grype vulnerability scan returned > 0 CVE(s) (please explain in the notes).

Notes:

Image Tagging

  • The image is not tagged with version tags.
  • The image is tagged with :latest
  • The image is not tagged with :latest (please explain in the notes).

Notes:

Basic Testing - K8s cluster

  • The container image was successfully loaded into a kind cluster.
  • The container image could not be loaded into a kind cluster (please explain in the notes).

Notes:

Basic Testing - Package/Application

  • The application is accessible to the user/cluster/etc. after start-up.
  • The application is not accessible to the user/cluster/etc. after start-up. (please explain in the notes).

Notes:

Helm

  • A Helm chart has been provided and the container image can be used with the chart. If needed, please add a -compat package to close any gaps with the public helm chart.
  • A Helm chart has been provided and the container image is not working with the chart (please explain in the notes).
  • A Helm chart was not provided.

Notes:

Processor Architectures

  • The image was built and tested for x86_64.
  • The image could not be built for x86_64 (please explain in the notes).
  • The image was built and tested for aarch64.
  • The image could not be built for aarch64. (please explain in the notes).

Notes:

Functional Testing + Documentation

  • Functional tests have been included and the tests are passing. All tests have been documnted in the notes section.

Notes:

Environment Testing + Documentation

  • There has not been a request and/or there is no indication that this image needs tested on a public cloud provider.
  • The container image has been tested successfully on a public cloud provider (AWS, GCP, Azure).
  • The container image has not been tested successfully on a public cloud provider (AWS, GCP, Azure) (please explain in the notes).

Notes:

Version

  • The package version is the latest version of the package. The latest tag points to this version.
  • The package version is the not the latest version of the package (please explain in the notes).

Notes:

Dev Tag Availability

  • There is a dev tag available that includes a shell and apk tools (by depending on 'wolfi-base')
  • There is not a dev tag available that includes a shell and apk tools (by depending on 'wolfi-base') (please explain in the notes).

Notes:

Access Control + Authentication

  • The image runs as nonroot and GID/UID are set to 65532 or upstream default
  • Alternatively the username and GID/UID may be a commonly used one from the ecosystem e.g: postgres
  • The image requires a non-standard username or non-standard GID/UID (please explain in the notes).

ENTRYPOINT

  • applications/servers/utilities set to call main program with no arguments e.g. [redis-server]
  • applications/servers/utilities not set to call main program with no arguments e.g. [redis-server] (please explain in the notes)
  • base images leave empty.
  • base image and not empty (please explain in the notes).
  • dev variants is set to entrypoint script that falls back to system.
  • dev variants is not set to entrypoint script that falls back to system (please explain in the notes).

CMD

  • For server applications give arguments to start in daemon mode (may be empty)
  • For utilities/tooling bring up help e.g. –help
  • For base images with a shell, call it e.g. [/bin/sh]

Environment Variables

  • Environment variables added.
  • Environment variables not added and not required.

SIGTERM

  • The image responds to SIGTERM (e.g., docker kill $(docker run -d --rm cgr.dev/chainguard/nginx))

Logs

  • Error logs write to stderr and normal logs to stdout. Logs DO NOT write to file.

Documentation - README

  • A README file has been provided and it follows the README template.

Signed-off-by: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>
imjasonh
imjasonh previously approved these changes Jan 28, 2024
@imjasonh imjasonh enabled auto-merge (squash) January 28, 2024 21:46
Signed-off-by: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>
auto-merge was automatically disabled January 28, 2024 21:47

Head branch was pushed to by a user without write access

@imjasonh imjasonh merged commit ae7efdb into chainguard-images:main Jan 28, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants