@@ -34,6 +34,7 @@ def _get_micro_package_list(os_version: OsVersion) -> list[Package]:
3434 # ca-certificates-mozilla-prebuilt requires /bin/cp, which is otherwise not resolved…
3535 "coreutils" ,
3636 )
37+ + (("patterns-base-fips" ,) if os_version .is_sle15 else ())
3738 + os_version .eula_package_names
3839 + os_version .release_package_names
3940 ]
@@ -63,7 +64,7 @@ def _get_micro_package_list(os_version: OsVersion) -> list[Package]:
6364 build_stage_custom_end = (
6465 (
6566 f"{ DOCKERFILE_RUN }
66- if os_version . is_sle15 or os_version .is_sl16
67+ if not os_version .is_tumbleweed
6768 else ""
6869 )
6970 + textwrap .dedent (f"""
@@ -311,8 +312,10 @@ def _get_fips_base_kwargs(os_version: OsVersion) -> dict:
311312 custom_description = "A micro container in FIPS-140-3 mode for containers {based_on_container}." ,
312313 from_target_image = "scratch" ,
313314 cmd = ["/bin/sh" ],
314- package_list = [pkg .name for pkg in _get_micro_package_list (os_version )]
315- + ["patterns-base-fips" , "libopenssl3" ],
315+ package_list = sorted (
316+ [pkg .name for pkg in _get_micro_package_list (os_version )]
317+ + ["patterns-base-fips" , "libopenssl3" ]
318+ ),
316319 build_stage_custom_end = textwrap .dedent (
317320 f"""
318321 { DOCKERFILE_RUN } \\
@@ -331,7 +334,10 @@ def _get_fips_base_kwargs(os_version: OsVersion) -> dict:
331334def _get_minimal_kwargs (os_version : OsVersion ):
332335 package_list = [
333336 Package (name , pkg_type = PackageType .DELETE )
334- for name in ("grep" , "diffutils" , "info" , "fillup" , "libzio1" )
337+ for name in sorted (
338+ ["grep" , "diffutils" , "info" , "fillup" , "libzio1" ]
339+ + (["patterns-base-fips" ] if os_version .is_sle15 else [])
340+ )
335341 ]
336342 # the last user of libpcre1 on SP6 is grep which we deinstall above
337343 if os_version in (OsVersion .SP6 ,):
0 commit comments