-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
88 changed files
with
149 additions
and
4,108 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| --- | ||
| version: 2 | ||
| updates: | ||
| - package-ecosystem: "github-actions" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "daily" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,57 @@ | ||
| --- | ||
| name: Check whether packages are missing on OBS | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - 'sle15-sp3' | ||
|
|
||
| jobs: | ||
| create-issues-for-dan: | ||
| name: create an issue for Dan to create the packages in devel:BCI | ||
| runs-on: ubuntu-latest | ||
| container: ghcr.io/dcermak/bci-ci:latest | ||
|
|
||
| strategy: | ||
| fail-fast: false | ||
|
|
||
| steps: | ||
| # we need all branches for the build checks | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
| ref: main | ||
| token: ${{ secrets.CHECKOUT_TOKEN }} | ||
|
|
||
| - uses: actions/cache@v3 | ||
| with: | ||
| path: ~/.cache/pypoetry/virtualenvs | ||
| key: poetry-${{ hashFiles('poetry.lock') }} | ||
|
|
||
| - name: fix the file permissions of the repository | ||
| run: chown -R $(id -un):$(id -gn) . | ||
|
|
||
| - name: install python dependencies | ||
| run: poetry install | ||
|
|
||
| - name: find the packages that are missing | ||
| run: | | ||
| pkgs=$(poetry run scratch-build-bot --os-version 3 find_missing_packages) | ||
| if [[ ${pkgs} = "" ]]; then | ||
| echo "missing_pkgs=false" >> $GITHUB_ENV | ||
| else | ||
| echo "missing_pkgs=true" >> $GITHUB_ENV | ||
| echo "pkgs=${pkgs}" >> $GITHUB_ENV | ||
| fi | ||
| cat test-build.env >> $GITHUB_ENV | ||
| env: | ||
| OSC_PASSWORD: ${{ secrets.OSC_PASSWORD }} | ||
| OSC_USER: "defolos" | ||
|
|
||
| - uses: JasonEtco/create-an-issue@v2 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| update_existing: true | ||
| filename: ".github/create-package.md" | ||
| if: env.missing_pkgs == 'true' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| # SPDX-License-Identifier: MIT | ||
|
|
||
| # Copyright (c) 2024 SUSE LLC | ||
|
|
||
| # All modifications and additions to the file contributed by third parties | ||
| # remain the property of their copyright owners, unless otherwise agreed | ||
| # upon. | ||
|
|
||
| # The content of THIS FILE IS AUTOGENERATED and should not be manually modified. | ||
| # It is maintained by the BCI team and generated by | ||
| # https://github.com/SUSE/BCI-dockerfile-generator | ||
|
|
||
| # Please submit bugfixes or comments via https://bugs.opensuse.org/ | ||
| # You can contact the BCI team via https://github.com/SUSE/bci/discussions | ||
|
|
||
| #!ExclusiveArch: x86_64 | ||
| #!BuildTag: suse/ltss/sle15.3/bci-base-fips:%OS_VERSION_ID_SP% | ||
| #!BuildTag: suse/ltss/sle15.3/bci-base-fips:%OS_VERSION_ID_SP%.%RELEASE% | ||
| #!BuildName: suse-ltss-sle15.3-bci-base-fips-%OS_VERSION_ID_SP% | ||
| #!BuildVersion: 15.3 | ||
| FROM suse/ltss/sle15.3/sle15:15.3 | ||
|
|
||
| MAINTAINER SUSE LLC (https://www.suse.com/) | ||
|
|
||
| # Define labels according to https://en.opensuse.org/Building_derived_containers | ||
| # labelprefix=com.suse.sle.base-fips | ||
| LABEL org.opencontainers.image.title="SLE LTSS BCI 15 SP3 FIPS-140-2" | ||
| LABEL org.opencontainers.image.description="15 SP3 FIPS-140-2 container based on the SLE LTSS Base Container Image." | ||
| LABEL org.opencontainers.image.version="%OS_VERSION_ID_SP%.%RELEASE%" | ||
| LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" | ||
| LABEL org.opencontainers.image.created="%BUILDTIME%" | ||
| LABEL org.opencontainers.image.vendor="SUSE LLC" | ||
| LABEL org.opencontainers.image.source="%SOURCEURL%" | ||
| LABEL io.artifacthub.package.readme-url="%SOURCEURL%/README.md" | ||
| LABEL org.opensuse.reference="registry.suse.com/suse/ltss/sle15.3/bci-base-fips:%OS_VERSION_ID_SP%.%RELEASE%" | ||
| LABEL org.openbuildservice.disturl="%DISTURL%" | ||
| LABEL com.suse.supportlevel="l3" | ||
| LABEL com.suse.eula="sle-eula" | ||
| LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle#suse-linux-enterprise-server-15" | ||
| LABEL com.suse.release-stage="released" | ||
| # endlabelprefix | ||
| LABEL usage="This container should only be used on a FIPS enabled host (fips=1 on kernel cmdline)." | ||
|
|
||
| RUN set -euo pipefail; zypper -n in --no-recommends fipscheck sles-ltss-release; zypper -n clean; rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2} | ||
| #!RemoteAssetUrl: https://api.opensuse.org/public/build/SUSE:SLE-15-SP2:Update/pool/x86_64/openssl-1_1.18804/openssl-1_1-1.1.1d-11.20.1.x86_64.rpm | ||
| COPY openssl-1_1-1.1.1d-11.20.1.x86_64.rpm . | ||
| #!RemoteAssetUrl: https://api.opensuse.org/public/build/SUSE:SLE-15-SP2:Update/pool/x86_64/openssl-1_1.18804/libopenssl1_1-1.1.1d-11.20.1.x86_64.rpm | ||
| COPY libopenssl1_1-1.1.1d-11.20.1.x86_64.rpm . | ||
| #!RemoteAssetUrl: https://api.opensuse.org/public/build/SUSE:SLE-15-SP2:Update/pool/x86_64/openssl-1_1.18804/libopenssl1_1-hmac-1.1.1d-11.20.1.x86_64.rpm | ||
| COPY libopenssl1_1-hmac-1.1.1d-11.20.1.x86_64.rpm . | ||
| #!RemoteAssetUrl: https://api.opensuse.org/public/build/SUSE:SLE-15-SP1:Update/pool/x86_64/libgcrypt.15117/libgcrypt20-1.8.2-8.36.1.x86_64.rpm | ||
| COPY libgcrypt20-1.8.2-8.36.1.x86_64.rpm . | ||
| #!RemoteAssetUrl: https://api.opensuse.org/public/build/SUSE:SLE-15-SP1:Update/pool/x86_64/libgcrypt.15117/libgcrypt20-hmac-1.8.2-8.36.1.x86_64.rpm | ||
| COPY libgcrypt20-hmac-1.8.2-8.36.1.x86_64.rpm . | ||
| RUN set -euo pipefail; \ | ||
| [ $(LC_ALL=C rpm --checksig -v *rpm | \ | ||
| grep -c -E "^ *V3.*key ID 39db7c82: OK") = 5 ] \ | ||
| && rpm -Uvh --oldpackage *.rpm \ | ||
| && rm -vf *.rpm \ | ||
| && rpmqpack | grep -E '(openssl|libgcrypt)' | xargs zypper -n addlock | ||
| ENV OPENSSL_FORCE_FIPS_MODE=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| # The SLE LTSS BCI 15 SP3 FIPS-140-2 Container image | ||
|
|
||
| 15 SP3 FIPS-140-2 container based on the SLE LTSS Base Container Image. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| <services> | ||
| <service mode="buildtime" name="docker_label_helper"/> | ||
| <service mode="buildtime" name="kiwi_metainfo_helper"/> | ||
| <service mode="buildtime" name="kiwi_label_helper"/> | ||
| </services> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| ------------------------------------------------------------------- | ||
| Tue May 07 12:40:20 UTC 2024 - SUSE Update Bot <[email protected]> | ||
|
|
||
| - First version of the 15 SP3 FIPS-140-2 BCI |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.