From 9386b9e0c33cf2cc15bf5a09c0c1f80f7b46960d Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Thu, 11 Aug 2022 17:31:20 +0300
Subject: [PATCH] Status update for RFC-0002 and RFC-0003

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 README.md                          |  1 +
 rfcs/0002-helm-oci/README.md       |  4 ++--
 rfcs/0003-kubernetes-oci/README.md | 27 +++++++++++++++++++++------
 3 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index cc96ed4c20..b0a8b4b4a1 100644
--- a/README.md
+++ b/README.md
@@ -52,6 +52,7 @@ guides](https://fluxcd.io/docs/gitops-toolkit/source-watcher/).
 
 - [Source Controller](https://fluxcd.io/docs/components/source/)
     - [GitRepository CRD](https://fluxcd.io/docs/components/source/gitrepositories/)
+    - [OCIRepository CRD](https://fluxcd.io/docs/components/source/ocirepositories/)
     - [HelmRepository CRD](https://fluxcd.io/docs/components/source/helmrepositories/)
     - [HelmChart CRD](https://fluxcd.io/docs/components/source/helmcharts/)
     - [Bucket CRD](https://fluxcd.io/docs/components/source/buckets/)
diff --git a/rfcs/0002-helm-oci/README.md b/rfcs/0002-helm-oci/README.md
index 8ea8b03dd7..d3abe0a9f4 100644
--- a/rfcs/0002-helm-oci/README.md
+++ b/rfcs/0002-helm-oci/README.md
@@ -176,8 +176,8 @@ The feature is enabled by default.
 
 * **2022-05-19** Partially implemented by [source-controller#690](https://github.com/fluxcd/source-controller/pull/690)
 * **2022-06-06** First implementation released with [flux2 v0.31.0](https://github.com/fluxcd/flux2/releases/tag/v0.31.0)
-
+* **2022-08-11** Resolve chart dependencies from OCI released with [flux2 v0.32.0](https://github.com/fluxcd/flux2/releases/tag/v0.32.0)
+ 
 ### TODOs
 
-* [Resolve chart dependencies from OCI](https://github.com/fluxcd/source-controller/issues/722)
 * [Add support for container registries with self-signed TLS certs](https://github.com/fluxcd/source-controller/issues/723)
diff --git a/rfcs/0003-kubernetes-oci/README.md b/rfcs/0003-kubernetes-oci/README.md
index e2960f50f8..16ef3887f7 100644
--- a/rfcs/0003-kubernetes-oci/README.md
+++ b/rfcs/0003-kubernetes-oci/README.md
@@ -1,10 +1,10 @@
 # RFC-0003 Flux OCI support for Kubernetes manifests
 
-**Status:** implementable
+**Status:** implemented (partially)
 
 **Creation date:** 2022-03-31
 
-**Last update:** 2022-08-02
+**Last update:** 2022-08-11
 
 ## Summary
 
@@ -359,7 +359,7 @@ The Flux CLI will produce OCI artifacts with the following format:
   "config": {
     "mediaType": "application/vnd.docker.container.image.v1+json",
     "size": 233,
-    "digest": "sha256:e7c52109f8e375176a888fd571dc0e0b40ed8a80d9301208474a2a906b0a2dcc"
+    "digest": "sha256:3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de"
   },
   "layers": [
     {
@@ -369,14 +369,16 @@ The Flux CLI will produce OCI artifacts with the following format:
     }
   ],
   "annotations": {
-    "source.toolkit.fluxcd.io/revision": "6.1.6/450796ddb2ab6724ee1cc32a4be56da032d1cca0",
-    "source.toolkit.fluxcd.io/url": "https://github.com/stefanprodan/podinfo.git"
+    "org.opencontainers.image.created": "2022-08-08T12:31:41+03:00",
+    "org.opencontainers.image.revision": "6.1.8/b3b00fe35424a45d373bf4c7214178bc36fd7872",
+    "org.opencontainers.image.source": "https://github.com/stefanprodan/podinfo.git"
   }
 }
 ```
 
 The source-controller will extract the first layer from the OCI artifact, and will repackage it
-as an internal `sourcev1.Artifact`. The internal artifact revision will be set to the OCI SHA256 digest:
+as an internal `sourcev1.Artifact`. The internal artifact revision will be set to the OCI SHA256 digest
+and the OpenContainers annotation will be copied to the internal artifact metadata:
 
 ```yaml
 apiVersion: source.toolkit.fluxcd.io/v1beta2
@@ -400,6 +402,10 @@ status:
   artifact:
     checksum: d7e924b4882e55b97627355c7b3d2e711e9b54303afa2f50c25377f4df66a83b
     lastUpdateTime: "2022-06-22T09:14:21Z"
+    metadata:
+      org.opencontainers.image.created: "2022-08-08T12:31:41+03:00"
+      org.opencontainers.image.revision: 6.1.8/b3b00fe35424a45d373bf4c7214178bc36fd7872
+      org.opencontainers.image.source: https://github.com/stefanprodan/podinfo.git
     path: ocirepository/oci/podinfo/3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de.tar.gz
     revision: 3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de
     size: 1105
@@ -424,3 +430,12 @@ status:
 ### Enabling the feature
 
 The feature is enabled by default.
+
+## Implementation History
+
+* **2022-08-08** Partially implemented by [source-controller#788](https://github.com/fluxcd/source-controller/pull/788)
+* **2022-06-06** First implementation released with [flux2 v0.32.0](https://github.com/fluxcd/flux2/releases/tag/v0.32.0)
+
+### TODOs
+
+* Add support for verifying the OCI artifacts with cosign