Add OCI Image Annotations to ci-templates Docker images

Proposal

The purpose of this issue is to add OCI image annotations to the Secure stage Docker images.

These annotations are useful for people to manual use as well as for use by tools. For example, Snyk uses them in its UI and Renovate uses them to find release notes.

See:

https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys
https://snyk.io/blog/how-and-when-to-use-docker-labels-oci-container-annotations/
https://github.com/renovatebot/renovate/blob/34.115.1/lib/modules/datasource/docker/readme.md

Implementation Plan

Update the scripts/build_image.sh script in the ci-templates project to include annotations for the following fields:

Annotation	Value
`annotation.org.opencontainers.image.revision`	`CI_COMMIT_SHA`
`annotation.org.opencontainers.image.source`	`CI_PROJECT_URL`
`annotation.org.opencontainers.image.url`	`CI_PROJECT_URL`
`annotation.org.opencontainers.image.title`	`CI_PROJECT_TITLE`
`annotation.org.opencontainers.image.vendor`	`GitLab`

Test to ensure that the annotations are added as expected.

Tested here

/cc @tkopel

Edited Oct 23, 2024 by Adam Cohen