Test build for #1454

.obs/workflows.yml

@@ -25,6 +25,10 @@ staging_build:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: apache-tomcat-9-java-17-image
         target_project: home:defolos:BCI:CR:Tumbleweed:Staging
+    - branch_package:
+        source_project: home:defolos:BCI:CR:Tumbleweed
+        source_package: opensuse-base-image
+        target_project: home:defolos:BCI:CR:Tumbleweed:Staging
     - branch_package:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: blackbox_exporter-image
@@ -252,6 +256,9 @@ refresh_devel_BCI:
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: apache-tomcat-9-java-17-image
+    - trigger_services:
+        project: devel:BCI:Tumbleweed
+        package: opensuse-base-image
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: blackbox_exporter-image

opensuse-base-image/LICENSE

@@ -0,0 +1,17 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

opensuse-base-image/README.md

@@ -0,0 +1,36 @@
+# SLE BCI  Base Container Image
+![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green)
+
+## Description
+
+SUSE Linux Enterprise Base Container Images (SLE BCI) provide truly open,
+flexible, and secure container images and application development tools. The
+images consist of container environments based on SUSE Linux Enterprise and
+designed to be a secure base for any containerized workload.
+
+SLE BCI is freely available, re-distributable, and supported across many
+different environments. These templates and tools address modern, containerized
+application development and CI/CD application containerization.  They can be
+used immediately by developers and integrators without the “lock-in” imposed by
+other offerings.
+
+SLE BCI inherits industry-leading security and compliance from SUSE Linux
+within your container build process. The container images are designed to be a
+secure base for any application workload. SUSE ensures that compliance
+standards are applied consistently and continuously improves security-related
+capabilities.
+
+SLE BCI is lightweight and easy to adopt, with the ability to run with any
+Linux OS. Avoid lock-in imposed by other vendors and get exactly what you need,
+fast. SLE BCI delivers a flexible developer experience that accounts for,
+integrates with, and supports language-native tools and workflows.
+
+## Licensing
+
+`SPDX-License-Identifier: MIT`
+
+This documentation and the build recipe are licensed as MIT.
+The container itself contains various software components under various open source licenses listed in the associated
+Software Bill of Materials (SBOM).
+
+This image is based on [openSUSE Tumbleweed](https://get.opensuse.org/tumbleweed/).

opensuse-base-image/_service

@@ -0,0 +1,4 @@
+<services>
+  <service mode="buildtime" name="kiwi_label_helper"/>
+  <service mode="buildtime" name="kiwi_metainfo_helper"/>
+</services>

opensuse-base-image/config.sh

@@ -0,0 +1,91 @@
+#!/bin/bash
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: (c) 2022-2024 SUSE LLC
+
+set -euo pipefail
+
+test -f /.kconfig && . /.kconfig
+test -f /.profile && . /.profile
+
+echo "Configure image: [$kiwi_iname]..."
+
+#============================================
+# Import repositories' keys if rpm is present
+#--------------------------------------------
+if command -v rpm > /dev/null; then
+    suseImportBuildKey
+fi
+
+
+echo "Configure image: [$kiwi_iname]..."
+
+#======================================
+# Setup baseproduct link
+#--------------------------------------
+suseImportBuildKey
+
+
+# don't have duplicate licenses of the same type
+jdupes -1 -L -r /usr/share/licenses
+
+#======================================
+# Add repos from control.xml
+#--------------------------------------
+add-yast-repos
+zypper --non-interactive rm -u live-add-yast-repos jdupes
+
+
+# Not needed, but neither rpm nor libzypp handle rpmlib(X-CheckUnifiedSystemdir) yet
+# which would avoid it being installed by filesystem package
+rpm -q compat-usrmerge-tools && rpm -e compat-usrmerge-tools
+
+#======================================
+# Disable recommends
+#--------------------------------------
+sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf
+
+#======================================
+# Exclude docs installation
+#--------------------------------------
+sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
+
+
+
+#======================================
+# Remove zypp uuid (bsc#1098535)
+#--------------------------------------
+rm -f /var/lib/zypp/AnonymousUniqueId
+
+# Remove the entire zypper cache content (not the dir itself, owned by libzypp)
+rm -rf /var/cache/zypp/*
+
+# Assign a fixed architecture in zypp.conf, to use the container's arch even if
+# the host arch differs (e.g. docker with --platform doesn't affect uname)
+arch=$(rpm -q --qf %{arch} glibc)
+if [ "$arch" = "i586" ] || [ "$arch" = "i686" ]; then
+    sed -i "s/^# arch =.*\$/arch = i686/" /etc/zypp/zypp.conf
+    # Verify that it's applied
+    grep -q '^arch =' /etc/zypp/zypp.conf
+fi#==========================================
+# Hack! The go container management tools can't handle sparse files:
+# https://github.com/golang/go/issues/13548
+# If lastlog doesn't exist, useradd doesn't attempt to reserve space,
+# also in derived containers.
+#------------------------------------------
+rm -f /var/log/lastlog
+
+#======================================
+# Remove locale files
+#--------------------------------------
+(shopt -s globstar; rm -f /usr/share/locale/**/*.mo)
+
+#=======================================
+# Clean up after zypper if it is present
+#---------------------------------------
+if command -v zypper > /dev/null; then
+    zypper -n clean
+fi
+
+rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2}
+
+exit 0

opensuse-base-image/opensuse-base-image.changes

@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Thu Jul 25 10:09:04 UTC 2024 - SUSE Update Bot <[email protected]>
+
+- First version of the Base BCI

opensuse-base-image/opensuse-base-image.kiwi

@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- SPDX-License-Identifier: MIT -->
+<!-- 
+    Copyright (c) 2024 SUSE LLC
+
+All modifications and additions to the file contributed by third parties
+remain the property of their copyright owners, unless otherwise agreed
+upon.
+
+The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
+It is maintained by the BCI team and generated by
+https://github.com/SUSE/BCI-dockerfile-generator
+
+Please submit bugfixes or comments via https://bugs.opensuse.org/
+You can contact the BCI team via https://github.com/SUSE/bci/discussions
+-->
+<!-- OBS-AddTag: opensuse/bci/bci-base:%OS_VERSION_ID_SP% opensuse/bci/bci-base:%OS_VERSION_ID_SP%.%RELEASE% -->
+<!-- OBS-ExclusiveArch: aarch64 x86_64 ppc64le s390x -->
+<!-- OBS-Imagerepo: obsrepositories:/ -->
+
+<image schemaversion="7.4" name="base-image" xmlns:suse_label_helper="com.suse.label_helper">
+  <description type="system">
+    <author>openSUSE Project</author>
+    <contact>https://www.suse.com/</contact>
+    <specification>openSUSE Tumbleweed BCI %OS_VERSION_NO_DASH% Base Container Image</specification>
+  </description>
+  <preferences>
+    <type image="docker">
+      <containerconfig
+          name="opensuse/bci/bci-base"
+          tag="%OS_VERSION_ID_SP%"
+          additionaltags="%OS_VERSION_ID_SP%.%RELEASE%"
+          maintainer="openSUSE (https://www.opensuse.org/)">
+        <labels>
+          <suse_label_helper:add_prefix prefix="org.opensuse.bci.base">
+            <label name="org.opencontainers.image.title" value="openSUSE Tumbleweed BCI %OS_VERSION_NO_DASH% Base"/>
+            <label name="org.opencontainers.image.description" value="Image for containers based on %OS_PRETTY_NAME%."/>
+            <label name="org.opencontainers.image.version" value="%OS_VERSION_ID_SP%.%RELEASE%"/>
+            <label name="org.opencontainers.image.created" value="%BUILDTIME%"/>
+            <label name="org.opencontainers.image.vendor" value="openSUSE Project"/>
+            <label name="org.opencontainers.image.source" value="%SOURCEURL%"/>
+            <label name="org.opencontainers.image.url" value="https://www.opensuse.org"/>
+            <label name="org.opensuse.reference" value="registry.opensuse.org/opensuse/bci/bci-base:%OS_VERSION_ID_SP%.%RELEASE%"/>
+            <label name="org.openbuildservice.disturl" value="%DISTURL%"/>
+            <label name="org.opensuse.release-stage" value="released"/>
+            <label name="org.opensuse.lifecycle-url" value="https://en.opensuse.org/Lifetime"/>
+          </suse_label_helper:add_prefix>
+          <label name="io.artifacthub.package.readme-url" value="https://raw.githubusercontent.com/SUSE/BCI-dockerfile-generator/Tumbleweed/opensuse-base-image/README.md"/>
+          <label name="io.artifacthub.package.logo-url" value="https://opensource.suse.com/bci/SLE_BCI_logomark_green.svg"/>
+        </labels>
+      </containerconfig>
+    </type>
+    <version>2024</version>
+    <packagemanager>zypper</packagemanager>
+    <rpm-check-signatures>false</rpm-check-signatures>
+    <rpm-excludedocs>true</rpm-excludedocs>
+  </preferences>
+  <repository type="rpm-md">
+    <source path="obsrepositories:/"/>
+  </repository>
+  <packages type="bootstrap">
+    <package name="aaa_base"/>
+    <package name="cracklib-dict-small"/>
+    <package name="filesystem"/>
+    <package name="glibc-locale-base"/>
+    <package name="jdupes"/>
+    <package name="openSUSE-release"/>
+    <package name="openSUSE-release-appliance-docker"/>
+    <package name="patterns-base-fips"/>
+    <package name="patterns-base-minimal_base"/>
+    <package name="shadow"/>
+    <package name="zypper"/>
+  </packages>
+  <packages type="image">
+    <package name="bash"/>
+    <package name="ca-certificates-mozilla"/>
+    <package name="coreutils"/>
+    <package name="curl"/>
+    <package name="gzip"/>
+    <package name="netcfg"/>
+    <package name="openssl"/>
+    <package name="shadow"/>
+    <package name="tar"/>
+    <package name="timezone"/>
+    <package name="gawk"/>
+    <package name="libcurl-mini4"/>
+    <package name="live-add-yast-repos"/>
+    <package name="lsb-release"/>
+    <package name="openSUSE-build-key"/>
+    <package name="procps"/>
+  </packages>
+
+</image>