docker:security:use_labels_for_metadata
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| docker:security:use_labels_for_metadata [2020/04/18 19:38] – created peter | docker:security:use_labels_for_metadata [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 6: | Line 6: | ||
| Use and communicate a Responsible Security Disclosure policy by adopting a **SECURITY.TXT** policy file and providing this information in your images labels. | Use and communicate a Responsible Security Disclosure policy by adopting a **SECURITY.TXT** policy file and providing this information in your images labels. | ||
| + | |||
| + | ---- | ||
| + | |||
| + | Image labels provide metadata for the image you’re building. This help users understand how to use the image easily. The most common label is “maintainer”, | ||
| + | |||
| + | < | ||
| + | LABEL maintainer=" | ||
| + | </ | ||
| + | |||
| + | In addition to a maintainer contact, add any metadata that is important to you. This metadata could contain: a commit hash, a link to the relevant build, quality status (did all tests pass?), source code, a reference to your [[https:// | ||
| + | |||
| + | It is good practice to adopt a SECURITY.TXT (RFC5785) file that points to your responsible disclosure policy for your Docker label schema when adding labels, such as the following: | ||
| + | |||
| + | < | ||
| + | LABEL securitytxt=" | ||
| + | </ | ||
| + | |||
| + | See more information about labels for Docker images: https:// | ||
docker/security/use_labels_for_metadata.1587238720.txt.gz · Last modified: 2020/07/15 09:30 (external edit)