What problem are you facing?

My organization uses Kargo to manage the deployment of Crossplane Configuration and Functions. Kargo allows us to access custom image metadata through OCI annotations.

Currently it's unclear how to add annotations to images produced from crossplane xkpg build and pushed with crossplane xpkg push. The annotations in crossplane.yaml are only really "visible" to Crossplane itself and aren't exposed on the image manifest.

There are tools like oras and crane that can do image post-processing but it's unclear how best to utilize these while maintaining repo image immutability and compliance with the Crossplane standard. Furthermore, I prefer not to extend my toolchain, especially in light of recent high-profile supply chain attacks.

How could Crossplane help solve your problem?

There are 2 options I see here as an end-user:

1. Adding a --annotation/-a flag to the crossplane xpkg build and/or crossplane xpkg push command(s)
2. Support for e.g. metadata.imageAnnotations in packages' crossplane.yaml

Some combination of both would be awesome! I would likely use option (2) for "static" annotations, and option (1) for dynamic (build-time) annotations