-
Notifications
You must be signed in to change notification settings - Fork 90
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #370 from tom-rm-meyer-ISST/feat/vault
feat: added vault image to TRG 4.06
- Loading branch information
Showing
2 changed files
with
139 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,138 @@ | ||
| --- | ||
| title: TRG 4.06 - Notice for docker images | ||
| --- | ||
|
|
||
| :::caution | ||
| Proposed release date: "mandatory after": 19th of May 2023 | ||
| ::: | ||
|
|
||
| | Status | Created | Post-History | | ||
| |--------|-------------|------------------| | ||
| | Draft | 04-May-2023 | Initial release | | ||
|
|
||
| ## Why | ||
|
|
||
| Due to legal constrains we need to annotate the released container images to make it clear that we do our best to provide good images for demo purposes, | ||
| but we do not provide any legal guarantee. | ||
| This has to be defined in a dedicated 'Notice for docker image' section in our repositories and on the respective image page on `DockerHub`. | ||
|
|
||
| ## Description | ||
|
|
||
| There are a few properties and links, that **must** be present on each notice, but they do vary for each image and product. | ||
| The minimum set of information is: | ||
|
|
||
| - Link to the source of your base image (Container registry and GitHub if available) | ||
| - Link to your product image on `DockerHub` | ||
| - Link to your repository on GitHub | ||
| - Direct link to the Dockerfile used to build your image | ||
| - Link to `LICENCE` file in your repo as 'Project License' (make clear, that this is the PROJECT licence, not an image license) | ||
|
|
||
| ## How and where to annotate the base image | ||
|
|
||
| The above information **must** be provided in Markdown format, either in your toplevel `README.md`, or in a dedicated | ||
| notice Markdown file, that you then reference from your toplevel `README.md`. | ||
|
|
||
| A dedicated notice file can be necessary, if you built multiple container image from a single repository. | ||
| Multiple notice files ensure, that you can directly link the specific `Dockerfile`, that is used and include it in the description, that is pushed to `DockerHub`. | ||
|
|
||
| The notice **must** always start with the following headline and the reference to your image on `DockerHub` | ||
| (example taken from [app-dashboard](https://github.com/eclipse-tractusx/app-dashboard#notice-for-docker-image): | ||
|
|
||
| ```markdown | ||
| ## Notice for Docker image | ||
|
|
||
| DockerHub: [https://hub.docker.com/r/tractusx/app-dashboard](https://hub.docker.com/r/tractusx/app-dashboard) | ||
| ``` | ||
|
|
||
| Following this, you **must** provide additional information on your product: | ||
| (example taken from [app-dashboard](https://github.com/eclipse-tractusx/app-dashboard#notice-for-docker-image): | ||
|
|
||
| ```markdown | ||
| Eclipse Tractus-X product(s) installed within the image: | ||
|
|
||
| __<your product name>__ | ||
|
|
||
| - GitHub: https://github.com/eclipse-tractusx/<your-product-repo> | ||
| - Project home: https://projects.eclipse.org/projects/automotive.tractusx | ||
| - Dockerfile: https://github.com/eclipse-tractusx/<your-product-repo>/blob/main/<path-to-Dockerfile> | ||
| - Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/<your-product-repo>/blob/main/LICENSE) | ||
| ``` | ||
|
|
||
| The last bits of information you **must** provide is related to your used base image. | ||
| As previously described, the following information should be provided, if available: | ||
|
|
||
| - DockerHub links | ||
| - GitHub repo | ||
| - direct links to Dockerfile | ||
|
|
||
| The following example is taken from the [IRS product](https://github.com/eclipse-tractusx/item-relationship-service#notice-for-docker-image): | ||
|
|
||
| ```markdown | ||
| **Used base image** | ||
|
|
||
| - [eclipse-temurin:20-jre-alpine](https://github.com/adoptium/containers) | ||
| - Official Eclipse Temurin DockerHub page: https://hub.docker.com/_/eclipse-temurin | ||
| - Eclipse Temurin Project: https://projects.eclipse.org/projects/adoptium.temurin | ||
| - Additional information about the Eclipse Temurin images: https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin | ||
| ``` | ||
|
|
||
| Closing the notice, we provide a general statement about potentially contained other tools and the demo/experimental purpose | ||
| of our images. We use the following text: | ||
|
|
||
| ```markdown | ||
| As with all Docker images, these likely also contain other software which may be under other licenses | ||
| (such as Bash, etc. from the base distribution, along with any direct or indirect dependencies of the primary software being contained). | ||
|
|
||
| As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. | ||
| ``` | ||
|
|
||
| ## Examples | ||
|
|
||
| The following examples are shown as reference, to see already existing and complete versions of a 'Notice for docker images'. | ||
| They **can not** be used for your product without modifications. | ||
|
|
||
| Good example for notice integrated in toplevel `README.md`: [IRS](https://github.com/eclipse-tractusx/item-relationship-service#notice-for-docker-image) | ||
|
|
||
| Good example for a dedicated notice file: [edc-controlplane-memory-hashicorp-vault](https://github.com/eclipse-tractusx/tractusx-edc/edit/main/edc-controlplane/edc-controlplane-memory-hashicorp-vault/notice.md) | ||
|
|
||
| ## Already collected base image information | ||
|
|
||
| The following sections contain information, that already has been collected on base images, that are used in Eclipse Tractus-X. | ||
| You can use that information for your own notice. **Be careful**, when it comes to version, like JRE versions for example. | ||
| You have to adapt some of the provided links to match your used version. | ||
|
|
||
| ### Eclipse Temurin (JRE) | ||
|
|
||
| - Base image reference (example) `eclipse-temurin:20-jre-alpine` | ||
| - [GitHub repo](https://github.com/adoptium/containers) | ||
| - [Official Eclipse Temurin DockerHub page](https://hub.docker.com/_/eclipse-temurin) | ||
| - [Eclipse Temurin Project](https://projects.eclipse.org/projects/adoptium.temurin) | ||
| - [Additional information about the Eclipse Temurin images](https://github.com/docker-library/repo-info/tree/master/repos/eclipse-temurin) | ||
|
|
||
| ### Nginx-unprivileged (serve static HTML and JS bundles) | ||
|
|
||
| - Base image reference (example) `nginxinc/nginx-unprivileged:alpine` | ||
| - [Dockerfile (alpine)](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/Dockerfile-alpine.template) | ||
| - GitHub project: [https://github.com/nginxinc/docker-nginx-unprivileged](https://github.com/nginxinc/docker-nginx-unprivileged) | ||
| - DockerHub: [https://hub.docker.com/r/nginxinc/nginx-unprivileged](https://hub.docker.com/r/nginxinc/nginx-unprivileged) | ||
|
|
||
| ### .NET runtime | ||
|
|
||
| - Base image reference (example): `mcr.microsoft.com/dotnet/runtime:6.0-alpine` | ||
| - Dockerfile (:6-alpine): [mcr.microsoft.com/dotnet/runtime:6.0-alpine](https://github.com/dotnet/dotnet-docker/blob/e1984aaea51a796b68f6672749d280525c30e063/src/runtime/6.0/alpine3.17/amd64/Dockerfile) | ||
| - GitHub project: [https://github.com/dotnet/dotnet-docker](https://github.com/dotnet/dotnet-docker) | ||
| - DockerHub: [https://hub.docker.com/_/microsoft-dotnet-runtime](https://hub.docker.com/_/microsoft-dotnet-runtime) | ||
|
|
||
| ### ASP.NET core runtime | ||
|
|
||
| - Base image reference (example): `mcr.microsoft.com/dotnet/aspnet:6.0-alpine` | ||
| - Dockerfile (:6-alpine): [mcr.microsoft.com/dotnet/aspnet:6.0-alpine](https://github.com/dotnet/dotnet-docker/blob/e1984aaea51a796b68f6672749d280525c30e063/src/aspnet/6.0/alpine3.17/amd64/Dockerfile) | ||
| - GitHub project: [https://github.com/dotnet/dotnet-docker](https://github.com/dotnet/dotnet-docker) | ||
| - DockerHub: [https://hub.docker.com/_/microsoft-dotnet-aspnet](https://hub.docker.com/_/microsoft-dotnet-aspnet) | ||
|
|
||
| ### Hashicorp Vault image | ||
|
|
||
| - Base image reference (example): `vault:13.3` | ||
| - Dockerfile (:13.3): [vault:13.3](https://github.com/hashicorp/docker-vault/blob/v1.13.3/0.X/Dockerfile) | ||
| - GitHub project: [https://github.com/hashicorp/docker-vault](https://github.com/hashicorp/docker-vault) | ||
| - DockerHub: [hhttps://hub.docker.com/_/vault](https://hub.docker.com/_/vault) |