Test build for #1220

dirkmueller · SUSE Update Bot · commit 8ac360784a3b · 2024-06-21T15:47:09.000Z
diff --git a/base-image/README.md b/base-image/README.md
@@ -1,9 +1,33 @@
-# The Basalt Project BCI Base container image
+# Basalt Project BCI Base Container Image
 ![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green)![Support Level](https://img.shields.io/badge/Support_Level-techpreview-blue)
 [![SLSA](https://img.shields.io/badge/SLSA_(v0.1)-Level_4-Green)](https://documentation.suse.com/sbp/server-linux/html/SBP-SLSA4/)
 [![Provenance: Available](https://img.shields.io/badge/Provenance-Available-Green)](https://documentation.suse.com/container/all/html/Container-guide/index.html#container-verify)
 
-Base container based on the SUSE Adaptable Linux Platform (ALP).
+## Description
+
+SUSE Linux Enterprise Base Container Images (SLE BCI) provide truly open,
+flexible, and secure container images and application development tools. The
+images consist of container environments based on SUSE Linux Enterprise and
+designed to be a secure base for any containerized workload.
+
+SLE BCI is freely available, re-distributable, and supported across many
+different environments. These templates and tools address modern, containerized
+application development and CI/CD application containerization.  They can be
+used immediately by developers and integrators without the “lock-in” imposed by
+other offerings.
+
+SLE BCI inherits industry-leading security and compliance from SUSE Linux
+within your container build process. The container images are designed to be a
+secure base for any application workload. SUSE ensures that compliance
+standards are applied consistently and continuously improves security-related
+capabilities.
+
+SLE BCI is lightweight and easy to adopt, with the ability to run with any
+Linux OS. Avoid lock-in imposed by other vendors and get exactly what you need,
+fast. SLE BCI delivers a flexible developer experience that accounts for,
+integrates with, and supports language-native tools and workflows.
+
+## Usage
 
 ## Licensing
 
diff --git a/base-image/base-image.kiwi b/base-image/base-image.kiwi
@@ -21,7 +21,7 @@ You can contact the BCI team via https://github.com/SUSE/bci/discussions
   <description type="system">
     <author>SUSE LLC</author>
     <contact>https://www.suse.com/</contact>
-    <specification>Basalt Project BCI Base Container Image</specification>
+    <specification>Basalt Project BCI Base Container Image Container Image</specification>
   </description>
   <preferences>
     <type image="docker">
@@ -32,8 +32,8 @@ You can contact the BCI team via https://github.com/SUSE/bci/discussions
           additionaltags="%OS_VERSION_ID_SP%.%RELEASE%,latest">
         <labels>
           <suse_label_helper:add_prefix prefix="com.suse.basalt.bci.base">
-            <label name="org.opencontainers.image.title" value="Basalt Project BCI Base"/>
-            <label name="org.opencontainers.image.description" value="Base container based on the SUSE Adaptable Linux Platform (ALP)."/>
+            <label name="org.opencontainers.image.title" value="Basalt Project BCI Base Container Image"/>
+            <label name="org.opencontainers.image.description" value="Base Container Image container based on the SUSE Adaptable Linux Platform (ALP)."/>
             <label name="org.opencontainers.image.version" value="%OS_VERSION_ID_SP%.%RELEASE%"/>
             <label name="org.opencontainers.image.created" value="%BUILDTIME%"/>
             <label name="org.opencontainers.image.vendor" value="SUSE LLC"/>
@@ -47,6 +47,7 @@ You can contact the BCI team via https://github.com/SUSE/bci/discussions
             <label name="com.suse.lifecycle-url" value="https://www.suse.com/lifecycle"/>
           </suse_label_helper:add_prefix>
           <label name="io.artifacthub.package.readme-url" value="%SOURCEURL%/README.md"/>
+          <label name="io.artifacthub.package.logo-url" value="https://opensource.suse.com/bci/SLE_BCI_logomark_green.svg"/>
         </labels>
       </containerconfig>
     </type>
@@ -60,24 +61,37 @@ You can contact the BCI team via https://github.com/SUSE/bci/discussions
   </repository>
   <packages type="bootstrap">
     <package name="aaa_base"/>
+    <package name="cracklib-dict-small"/>
+    <package name="filesystem"/>
+    <package name="jdupes"/>
+    <package name="kubic-locale-archive"/>
+    <package name="patterns-base-fips"/>
+    <package name="patterns-base-minimal_base"/>
+    <package name="rpm-ndb"/>
+    <package name="shadow"/>
+    <package name="sles-release"/>
+    <package name="zypper"/>
+  </packages>
+  <packages type="image">
     <package name="bash"/>
-    <package name="ca-certificates"/>
     <package name="ca-certificates-mozilla"/>
+    <package name="ca-certificates"/>
+    <package name="container-suseconnect"/>
     <package name="coreutils"/>
-    <package name="cracklib-dict-small"/>
     <package name="curl"/>
-    <package name="filesystem"/>
+    <package name="findutils"/>
     <package name="glibc-locale-base"/>
     <package name="gzip"/>
-    <package name="jdupes"/>
+    <package name="lsb-release"/>
     <package name="netcfg"/>
-    <package name="ALP-dummy-release"/>
     <package name="openssl"/>
+    <package name="skelcd-EULA-bci"/>
+    <package name="sle-module-basesystem-release"/>
+    <package name="sle-module-server-applications-release"/>
+    <package name="sle-module-python3-release"/>
     <package name="suse-build-key"/>
     <package name="tar"/>
     <package name="timezone"/>
-    <package name="zypper"/>
-    <package name="findutils"/>
   </packages>
 
 </image>
diff --git a/base-image/config.sh b/base-image/config.sh
@@ -16,21 +16,29 @@ if command -v rpm > /dev/null; then
     suseImportBuildKey
 fi
 
+
 echo "Configure image: [$kiwi_iname]..."
 
-# don't have multiple licenses of the same type
+#======================================
+# Setup baseproduct link
+#--------------------------------------
+suseSetupProduct
+
+#======================================
+# Import repositories' keys
+#--------------------------------------
+suseImportBuildKey
+
+
+# don't have duplicate licenses of the same type
 jdupes -1 -L -r /usr/share/licenses
 
-#
 zypper --non-interactive rm -u jdupes
 
 # Not needed, but neither rpm nor libzypp handle rpmlib(X-CheckUnifiedSystemdir) yet
 # which would avoid it being installed by filesystem package
 rpm -e compat-usrmerge-tools
 
-# FIXME: stop hardcoding the url, use some external mechanism once available
-zypper -n ar --gpgcheck --enable 'https://updates.suse.com/SUSE/Products/ALP-Dolomite/1.0/$basearch/product/' repo-basalt
-
 #======================================
 # Disable recommends
 #--------------------------------------
@@ -41,16 +49,25 @@ sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.c
 #--------------------------------------
 sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
 
+#======================================
+# Configure SLE BCI repositories
+#--------------------------------------
+zypper -n ar --refresh --gpgcheck --priority 100 --enable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product/' SLE_BCI
+zypper -n ar --refresh --gpgcheck --priority 100 --disable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product_debug/' SLE_BCI_debug
+zypper -n ar --refresh --gpgcheck --priority 100 --disable 'https://updates.suse.com/SUSE/Products/SLE-BCI/$releasever_major-SP$releasever_minor/$basearch/product_source/' SLE_BCI_source
+
 #======================================
 # Remove locale files
 #--------------------------------------
 shopt -s globstar
 rm -f /usr/share/locale/**/*.mo
 
+#======================================
 # Remove zypp uuid (bsc#1098535)
+#--------------------------------------
 rm -f /var/lib/zypp/AnonymousUniqueId
 
-# Remove various log files. While it's possible to just rm -rf /var/log/*, that
+# Remove various log files. Although possible to just rm -rf /var/log/*, that
 # would also remove some package owned directories (not %ghost) and some files
 # are actually wanted, like lastlog in the !docker case.
 # For those wondering about YaST2 here: Kiwi writes /etc/hosts, so the version
@@ -62,14 +79,20 @@ rm -rf /var/log/{zypper.log,zypp/history,YaST2}
 # Remove the entire zypper cache content (not the dir itself, owned by libzypp)
 rm -rf /var/cache/zypp/*
 
-# Assign a fixed architecture in zypp.conf, to use the container's arch even if
-# the host arch differs (e.g. docker with --platform doesn't affect uname)
-arch=$(rpm -q --qf %{arch} glibc)
-if [ "$arch" = "i586" ] || [ "$arch" = "i686" ]; then
-	sed -i "s/^# arch =.*\$/arch = i686/" /etc/zypp/zypp.conf
-	# Verify that it's applied
-	grep -q '^arch =' /etc/zypp/zypp.conf
-fi
+#==========================================
+# Hack! The go container management tools can't handle sparse files:
+# https://github.com/golang/go/issues/13548
+# If lastlog doesn't exist, useradd doesn't attempt to reserve space,
+# also in derived containers.
+#------------------------------------------
+rm -f /var/log/lastlog
+
+#======================================
+# Remove locale files
+#--------------------------------------
+find /usr/share/locale -name '*.mo' -delete
+
+exit 0
 
 
 #=======================================
