Test build for #1454

.obs/workflows.yml

@@ -13,6 +13,10 @@ staging_build:
         source_project: home:defolos:BCI:CR:SLE-15-SP6
         source_package: sac-apache-tomcat-10-java21-image
         target_project: home:defolos:BCI:CR:SLE-15-SP6:Staging
+    - branch_package:
+        source_project: home:defolos:BCI:CR:SLE-15-SP6
+        source_package: sles15-image
+        target_project: home:defolos:BCI:CR:SLE-15-SP6:Staging
     - branch_package:
         source_project: home:defolos:BCI:CR:SLE-15-SP6
         source_package: base-fips-image
@@ -219,6 +223,9 @@ refresh_devel_BCI:
     - trigger_services:
         project: devel:BCI:SLE-15-SP6
         package: sac-apache-tomcat-10-java21-image
+    - trigger_services:
+        project: devel:BCI:SLE-15-SP6
+        package: sles15-image
     - trigger_services:
         project: devel:BCI:SLE-15-SP6
         package: base-fips-image

sles15-image/LICENSE

@@ -0,0 +1,17 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

sles15-image/README.md

@@ -0,0 +1,40 @@
+# SLE BCI 15 SP6 Base Container Image
+![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green)
+[![SLSA](https://img.shields.io/badge/SLSA_(v0.1)-Level_4-Green)](https://documentation.suse.com/sbp/server-linux/html/SBP-SLSA4/)
+[![Provenance: Available](https://img.shields.io/badge/Provenance-Available-Green)](https://documentation.suse.com/container/all/html/Container-guide/index.html#container-verify)
+
+## Description
+
+SUSE Linux Enterprise Base Container Images (SLE BCI) provide truly open,
+flexible, and secure container images and application development tools. The
+images consist of container environments based on SUSE Linux Enterprise and
+designed to be a secure base for any containerized workload.
+
+SLE BCI is freely available, re-distributable, and supported across many
+different environments. These templates and tools address modern, containerized
+application development and CI/CD application containerization.  They can be
+used immediately by developers and integrators without the “lock-in” imposed by
+other offerings.
+
+SLE BCI inherits industry-leading security and compliance from SUSE Linux
+within your container build process. The container images are designed to be a
+secure base for any application workload. SUSE ensures that compliance
+standards are applied consistently and continuously improves security-related
+capabilities.
+
+SLE BCI is lightweight and easy to adopt, with the ability to run with any
+Linux OS. Avoid lock-in imposed by other vendors and get exactly what you need,
+fast. SLE BCI delivers a flexible developer experience that accounts for,
+integrates with, and supports language-native tools and workflows.
+
+## Licensing
+
+`SPDX-License-Identifier: MIT`
+
+This documentation and the build recipe are licensed as MIT.
+The container itself contains various software components under various open source licenses listed in the associated
+Software Bill of Materials (SBOM).
+
+This image is based on [SLE BCI](https://opensource.suse.com/bci/), a stable and redistributable foundation for software innovation. SLE BCI is enterprise-ready, and it comes with an option for support.
+
+See the [SLE BCI EULA](https://www.suse.com/licensing/eula/#bci) for further information.

sles15-image/_service

@@ -0,0 +1,4 @@
+<services>
+  <service mode="buildtime" name="kiwi_label_helper"/>
+  <service mode="buildtime" name="kiwi_metainfo_helper"/>
+</services>

sles15-image/config.sh

@@ -0,0 +1,85 @@
+#!/bin/bash
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: (c) 2022-2024 SUSE LLC
+
+set -euo pipefail
+
+test -f /.kconfig && . /.kconfig
+test -f /.profile && . /.profile
+
+echo "Configure image: [$kiwi_iname]..."
+
+#============================================
+# Import repositories' keys if rpm is present
+#--------------------------------------------
+if command -v rpm > /dev/null; then
+    suseImportBuildKey
+fi
+
+
+echo "Configure image: [$kiwi_iname]..."
+
+#======================================
+# Setup baseproduct link
+#--------------------------------------
+suseSetupProduct
+
+
+# don't have duplicate licenses of the same type
+jdupes -1 -L -r /usr/share/licenses
+
+zypper --non-interactive rm -u jdupes
+
+
+# Not needed, but neither rpm nor libzypp handle rpmlib(X-CheckUnifiedSystemdir) yet
+# which would avoid it being installed by filesystem package
+rpm -q compat-usrmerge-tools && rpm -e compat-usrmerge-tools
+
+#======================================
+# Disable recommends
+#--------------------------------------
+sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf
+
+#======================================
+# Exclude docs installation
+#--------------------------------------
+sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
+
+#======================================
+# Configure SLE BCI repositories
+#--------------------------------------
+zypper -n ar --refresh --gpgcheck --priority 100 --enable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product/' SLE_BCI
+zypper -n ar --refresh --gpgcheck --priority 100 --disable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product_debug/' SLE_BCI_debug
+zypper -n ar --refresh --gpgcheck --priority 100 --disable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product_source/' SLE_BCI_source
+
+#======================================
+# Remove zypp uuid (bsc#1098535)
+#--------------------------------------
+rm -f /var/lib/zypp/AnonymousUniqueId
+
+# Remove the entire zypper cache content (not the dir itself, owned by libzypp)
+rm -rf /var/cache/zypp/*
+
+#==========================================
+# Hack! The go container management tools can't handle sparse files:
+# https://github.com/golang/go/issues/13548
+# If lastlog doesn't exist, useradd doesn't attempt to reserve space,
+# also in derived containers.
+#------------------------------------------
+rm -f /var/log/lastlog
+
+#======================================
+# Remove locale files
+#--------------------------------------
+(shopt -s globstar; rm -f /usr/share/locale/**/*.mo)
+
+#=======================================
+# Clean up after zypper if it is present
+#---------------------------------------
+if command -v zypper > /dev/null; then
+    zypper -n clean
+fi
+
+rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2}
+
+exit 0

sles15-image/sles15-image.changes

@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Thu Jul 25 10:09:04 UTC 2024 - SUSE Update Bot <[email protected]>
+
+- First version of the Base BCI

sles15-image/sles15-image.kiwi

@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- SPDX-License-Identifier: MIT -->
+<!-- 
+    Copyright (c) 2024 SUSE LLC
+
+All modifications and additions to the file contributed by third parties
+remain the property of their copyright owners, unless otherwise agreed
+upon.
+
+The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
+It is maintained by the BCI team and generated by
+https://github.com/SUSE/BCI-dockerfile-generator
+
+Please submit bugfixes or comments via https://bugs.opensuse.org/
+You can contact the BCI team via https://github.com/SUSE/bci/discussions
+-->
+<!-- OBS-AddTag: suse/sle15:%OS_VERSION_ID_SP% suse/sle15:%OS_VERSION_ID_SP%.%RELEASE% bci/bci-base:%OS_VERSION_ID_SP% bci/bci-base:%OS_VERSION_ID_SP%.%RELEASE% -->
+<!-- OBS-ExclusiveArch: aarch64 x86_64 ppc64le s390x -->
+<!-- OBS-IgnorePackage: rpm -->
+<!-- OBS-Imagerepo: obsrepositories:/ -->
+
+<image schemaversion="7.4" name="base-image" xmlns:suse_label_helper="com.suse.label_helper">
+  <description type="system">
+    <author>SUSE LLC</author>
+    <contact>https://www.suse.com/</contact>
+    <specification>SLE BCI %OS_VERSION_NO_DASH% Base Container Image</specification>
+  </description>
+  <preferences>
+    <type image="docker">
+      <containerconfig
+          name="suse/sle15"
+          tag="%OS_VERSION_ID_SP%"
+          additionaltags="%OS_VERSION_ID_SP%.%RELEASE%"
+          maintainer="SUSE LLC (https://www.suse.com/)">
+        <labels>
+          <suse_label_helper:add_prefix prefix="com.suse.bci.base">
+            <label name="org.opencontainers.image.title" value="SLE BCI %OS_VERSION_NO_DASH% Base"/>
+            <label name="org.opencontainers.image.description" value="Image for containers based on %OS_PRETTY_NAME%."/>
+            <label name="org.opencontainers.image.version" value="%OS_VERSION_ID_SP%.%RELEASE%"/>
+            <label name="org.opencontainers.image.created" value="%BUILDTIME%"/>
+            <label name="org.opencontainers.image.vendor" value="SUSE LLC"/>
+            <label name="org.opencontainers.image.source" value="%SOURCEURL%"/>
+            <label name="org.opencontainers.image.url" value="https://www.suse.com/products/base-container-images/"/>
+            <label name="org.opensuse.reference" value="registry.suse.com/bci/bci-base:%OS_VERSION_ID_SP%.%RELEASE%"/>
+            <label name="org.openbuildservice.disturl" value="%DISTURL%"/>
+            <label name="com.suse.supportlevel" value="l3"/>
+            <label name="com.suse.eula" value="sle-bci"/>
+            <label name="com.suse.release-stage" value="released"/>
+            <label name="com.suse.lifecycle-url" value="https://www.suse.com/lifecycle#suse-linux-enterprise-server-15"/>
+          </suse_label_helper:add_prefix>
+          <label name="io.artifacthub.package.readme-url" value="%SOURCEURL%/README.md"/>
+          <label name="io.artifacthub.package.logo-url" value="https://opensource.suse.com/bci/SLE_BCI_logomark_green.svg"/>
+        </labels>
+      </containerconfig>
+    </type>
+    <version>15.6.0</version>
+    <packagemanager>zypper</packagemanager>
+    <rpm-check-signatures>false</rpm-check-signatures>
+    <rpm-excludedocs>true</rpm-excludedocs>
+  </preferences>
+  <repository type="rpm-md">
+    <source path="obsrepositories:/"/>
+  </repository>
+  <packages type="bootstrap">
+    <package name="aaa_base"/>
+    <package name="cracklib-dict-small"/>
+    <package name="filesystem"/>
+    <package name="jdupes"/>
+    <package name="kubic-locale-archive"/>
+    <package name="patterns-base-fips"/>
+    <package name="patterns-base-minimal_base"/>
+    <package name="rpm-ndb"/>
+    <package name="shadow"/>
+    <package name="sles-release"/>
+    <package name="zypper"/>
+  </packages>
+  <packages type="image">
+    <package name="bash"/>
+    <package name="ca-certificates-mozilla"/>
+    <package name="coreutils"/>
+    <package name="curl"/>
+    <package name="gzip"/>
+    <package name="netcfg"/>
+    <package name="openssl"/>
+    <package name="shadow"/>
+    <package name="tar"/>
+    <package name="timezone"/>
+    <package name="container-suseconnect"/>
+    <package name="skelcd-EULA-bci"/>
+    <package name="sle-module-basesystem-release"/>
+    <package name="sle-module-server-applications-release"/>
+    <package name="sle-module-python3-release"/>
+    <package name="suse-build-key"/>
+  </packages>
+
+</image>