docker manifest annotate should be able to add os.version to an image(Windows version support)

[andyzhangx]

Description
When creating Windows containers, there are a few things to keep in mind:

you cannot start containers which have images with a newer OS version than the host (e.g: you cannot start a container with the image mcr.microsoft.com/windows/servercore:1903 on a Windows Server 2019 (1809) node).
without Hyper-V Isolation, you cannot create containers which have images with a much older OS version than the host (e.g.: you cannot start the image mcr.microsoft.com/windows/servercore:1903 on a Windows Server 1909 node).
This is currently documented here: https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/version-compatibility?tabs=windows-server-2004%2Cwindows-10-2004

Currently, docker manifest annotate doesn't allow its users to also add information about an image's OS version:

docker manifest annotate --help

Usage:  docker manifest annotate [OPTIONS] MANIFEST_LIST MANIFEST

Add additional information to a local image manifest

Options:
      --arch string           Set architecture
      --os string             Set operating system
      --os-features strings   Set operating system feature
      --variant string        Set architecture variant

Typically, the os.version information is useful for Windows nodes to pull the most appropriate Windows image from the manifest list.

When creating the manifest list with images that have been built on Windows nodes and pushed, that information is included in the manfiest list by default. However, if a Windows image is built with docker buildx, that information is no longer included. The only way to actually include this information inside the manifest list before pushing it is to edit the manifest list file itself manually:

IMAGE_TAG="claudiubelu/busybox:1.29-sample"

# The images in the manifest list are stored locally. The folder / file name is almost the same,
# with a few changes.
manifest_image_folder=$(echo "docker.io/${IMAGE_TAG}" | sed "s|/|_|g" | sed "s/:/-/")

# create the manifest list and annotate the OS and arch.
docker manifest create --amend "${IMAGE_TAG}" "${IMAGE_TAG}-windows-amd64-1809" "${IMAGE_TAG}-windows-amd64-1903"
docker manifest annotate --os "windows" --arch "amd64" "${IMAGE_TAG}" "${IMAGE_TAG}-windows-amd64-1809"
docker manifest annotate --os "windows" --arch "amd64" "${IMAGE_TAG}" "${IMAGE_TAG}-windows-amd64-1903"

echo "The 'os.version' information will not be present."
docker manifest inspect "${IMAGE_TAG}"

# Getting the full OS version from the original image this was built from.
BASEIMAGE="mcr.microsoft.com/windows/nanoserver:1809"
full_version=$(docker manifest inspect ${BASEIMAGE} | grep "os.version" | head -n 1 | awk '{print $2}') || true

# At the moment, docker manifest annotate doesn't allow us to set the os.version, so we'll have to
# it ourselves. The manifest list can be found locally as JSONs.
sed -i -r "s/(\"os\"\:\"windows\")/\0,\"os.version\":$full_version/" \
    "${HOME}/.docker/manifests/${manifest_image_folder}/${manifest_image_folder}-windows-amd64-1809"

echo "The 'os.version' information has been added to the 1809 image in the manifest list. The other one should be added as well before pushing the manifest list."
docker manifest inspect "${IMAGE_TAG}"

Steps to reproduce the issue:

1. Create windows images with docker buildx
2. Create manifest list with those images.
3. Inspect the manifest list, see that there is no os.version on the images included in the manfiest list.
4. Try to add the os.version through the docker CLI.

Describe the results you received:
Docker CLI should be able to add the os.version information through docker manifest annotate.

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Version:           19.03.6
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        369ce74a3c
 Built:             Fri Feb 28 23:45:43 2020
 OS/Arch:           linux/amd64
 Experimental:      true

Server:
 Engine:
  Version:          19.03.6
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.17
  Git commit:       369ce74a3c
  Built:            Wed Feb 19 01:06:16 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.3.3-0ubuntu1~18.04.2
  GitCommit:
 runc:
  Version:          spec: 1.0.1-dev
  GitCommit:
 docker-init:
  Version:          0.18.0
  GitCommit:

Output of docker info:

docker info
Client:
 Debug Mode: false
 Plugins:
  buildx: Build with BuildKit (Docker Inc., v0.4.1-25-ge24e04b)

Server:
 Containers: 1
  Running: 1
  Paused: 0
  Stopped: 0
 Images: 105
 Server Version: 19.03.6
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version:
 runc version:
 init version:
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.3.0-1034-azure
 Operating System: Ubuntu 18.04.4 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 7.749GiB
 Name: ubuntu
 ID: GSNQ:BJWA:TNPW:FHXF:KXYF:YRVY:BAOP:YNPI:7MRD:JRYC:HF4B:ONL5
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Username: claudiubelu
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No swap limit support

Additional environment details (AWS, VirtualBox, physical, etc.):

[thaJeztah]

Thanks; I just realise this is already implemented in #2578, but not yet released (will be in the upcoming 20.xx release of docker).

Let me go ahead and close