Test build for #1050

Author: SUSE Update Bot

.obs/workflows.yml

@@ -137,6 +137,10 @@ staging_build:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: openjdk-22-devel-image
         target_project: home:defolos:BCI:CR:Tumbleweed:Staging
+    - branch_package:
+        source_project: home:defolos:BCI:CR:Tumbleweed
+        source_package: packaging-image
+        target_project: home:defolos:BCI:CR:Tumbleweed:Staging
     - branch_package:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: pcp-image
@@ -340,6 +344,9 @@ refresh_devel_BCI:
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: openjdk-22-devel-image
+    - trigger_services:
+        project: devel:BCI:Tumbleweed
+        package: packaging-image
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: pcp-image

packaging-image/Dockerfile

@@ -0,0 +1,51 @@
+# SPDX-License-Identifier: MIT
+
+#     Copyright (c) 2024 SUSE LLC
+
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon.
+
+# The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
+# It is maintained by the BCI team and generated by
+# https://github.com/SUSE/BCI-dockerfile-generator
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# You can contact the BCI team via https://github.com/SUSE/bci/discussions
+
+
+#!BuildTag: opensuse/osc:%%osc_version%%
+#!BuildTag: opensuse/osc:%%osc_version%%-%RELEASE%
+#!BuildTag: opensuse/osc:latest
+
+FROM opensuse/tumbleweed:latest
+
+RUN set -euo pipefail; zypper -n in osc build cpio obs-service-appimage obs-service-cargo obs-service-cdi_containers_meta obs-service-compose_kiwi_description obs-service-docker_label_helper obs-service-download_assets obs-service-download_files obs-service-download_url obs-service-extract_file obs-service-format_spec_file obs-service-go_modules obs-service-kiwi_label_helper obs-service-kiwi_metainfo_helper obs-service-kubevirt_containers_meta obs-service-node_modules obs-service-obs_scm obs-service-product_converter obs-service-recompress obs-service-refresh_patches obs-service-replace_using_env obs-service-replace_using_package_version obs-service-set_version obs-service-snapcraft obs-service-source_validator obs-service-tar obs-service-tar_scm obs-service-verify_file openSUSE-release openSUSE-release-appliance-docker bash-completion git obs-scm-bridge openssh-common openssh-clients podman runc; zypper -n clean; rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2}
+
+# Define labels according to https://en.opensuse.org/Building_derived_containers
+# labelprefix=org.opensuse.application.osc
+LABEL org.opencontainers.image.authors="openSUSE (https://www.opensuse.org/)"
+LABEL org.opencontainers.image.title="openSUSE Tumbleweed Packaging"
+LABEL org.opencontainers.image.description="Packaging container based on the openSUSE Tumbleweed Base Container Image."
+LABEL org.opencontainers.image.version="%%osc_version%%"
+LABEL org.opencontainers.image.url="https://www.opensuse.org"
+LABEL org.opencontainers.image.created="%BUILDTIME%"
+LABEL org.opencontainers.image.vendor="openSUSE Project"
+LABEL org.opencontainers.image.source="%SOURCEURL%"
+LABEL org.opencontainers.image.ref.name="%%osc_version%%-%RELEASE%"
+LABEL org.opensuse.reference="registry.opensuse.org/opensuse/osc:%%osc_version%%-%RELEASE%"
+LABEL org.openbuildservice.disturl="%DISTURL%"
+LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI"
+LABEL org.opensuse.release-stage="released"
+# endlabelprefix
+LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/SUSE/BCI-dockerfile-generator/Tumbleweed/packaging-image/README.md"
+LABEL run="podman run --rm -it --privileged -v \$HOME/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z -v \$HOME/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z IMAGE"
+LABEL runcwd="podman run --rm -it --privileged -v \$HOME/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z -v \$HOME/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z -v .:/root/osc-workdir:z IMAGE"
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+CMD ["/bin/bash"]
+WORKDIR /root/osc-workdir
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+RUN chmod +x /usr/local/bin/entrypoint.sh
+ENV OSC_VM_TYPE=podman
+
+VOLUME /var/tmp

packaging-image/README.md

@@ -0,0 +1,116 @@
+# OSC Packaging Container
+
+![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green)
+
+This is the openSUSE packaging container image that includes all the required
+tools for creating and modifying packages in the [Open Build
+Service](https://build.opensuse.org/) using
+[osc](https://github.com/openSUSE/osc/).
+
+
+## How to use this container image
+
+The container image is intended for interactive usage with a `.oscrc` configuration file and
+the osc cookiejar mounted into the container:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:rw,z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The command launches an interactive shell environment that uses the local osc
+configuration. You can then check out packages, perform modifications, and send
+submissions to OBS.
+
+To work on an already checked out package, mount the current working directory:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      -v .:/root/osc-workdir:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The container entrypoint recognizes whether you are launching it for interactive
+usage or invoking `osc` directly. You can omit the command `osc` in the second
+case. For example:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%% \
+          ls openSUSE:Factory
+```
+
+The command automatically forwards the arguments to `osc` and calls
+`osc ls openSUSE:Factory`.
+
+
+### Building packages
+
+The container image can be used to build packages using the podman build
+backend. You **must** launch the container in privileged mode for building.
+
+
+### Using the image labels
+
+The image provides two labels: `run` and `runcwd`. The first includes the full
+command, to run the `osc` container, while the second to run the container with
+the local working directory mounted.
+
+To view the labels, use the following command:
+
+```ShellSession
+# podman container runlabel run --display registry.opensuse.org/opensuse/osc:%%osc_version%%
+# podman container runlabel runcwd --display registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The labels can be used to run the container with Podman version 5.1.0 or later:
+```ShellSession
+# podman container runlabel run \
+      registry.opensuse.org/opensuse/osc:%%osc_version%% \
+          ls openSUSE:Factory
+```
+
+
+### Connecting to build.suse.de
+
+build.suse.de uses an SSH-based authentication, which requires additional
+resources to be available in the container. You also must provide the internal certificate to the container:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      -v /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro,z \
+      -v $SSH_AUTH_SOCK:/run/user/0/ssh-agent.socket:z \
+      -e SSH_AUTH_SOCK=/var/run/user/0/ssh-agent.socket:z \
+      -v "$PWD":/root/osc-workdir:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+
+## Limitations
+
+- Currently, it is not possible to build packages in a container.
+- The `runlabel run` command only works with Podman 5.1.0 and newer.
+
+
+## Volumes
+
+The container image is preconfigured to put `/var/tmp` into a volume. This
+directory is used by `osc` to store the buildroot and the package cache.
+
+## Licensing
+
+`SPDX-License-Identifier: MIT`
+
+This documentation and the build recipe are licensed as MIT.
+The container itself contains various software components under various open source licenses listed in the associated
+Software Bill of Materials (SBOM).
+
+This image is based on [openSUSE Tumbleweed](https://get.opensuse.org/tumbleweed/).

packaging-image/_service

@@ -0,0 +1,9 @@
+<services>
+  <service mode="buildtime" name="docker_label_helper"/>
+  <service mode="buildtime" name="kiwi_metainfo_helper"/>
+  <service name="replace_using_package_version" mode="buildtime">
+    <param name="file">Dockerfile</param>
+    <param name="regex">%%osc_version%%</param>
+    <param name="package">osc</param>
+  </service>
+</services>

packaging-image/entrypoint.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+if [[ ! -e /root/.config/osc/oscrc ]]; then
+    cat << EOF
+This container is expected to be launched with your oscrc mounted to
+/root/.config/osc/oscrc
+
+Please consult the README or the label 'run' for the full invocation.
+EOF
+fi
+
+if [[ "-h --help -v --verbose -q --quiet --debug --debugger --post-mortem --traceback -H --http-debug --http-full-debug -A --apiurl --config --setopt --no-keyring add addchannels addcontainers addremove ar aggregatepac api branch getpac bco branchco browse build wipe shell chroot buildconfig buildhistory buildhist buildinfo buildlog buildlogtail blt bl cat less blame changedevelrequest changedevelreq cr checkconstraints checkout co clean cleanassets ca clone comment commit checkin ci config copypac create-pbuild-config cpc createincident createrequest creq delete remove del rm deleterequest deletereq droprequest dropreq dr dependson detachbranch develproject dp bsdevelproject diff di ldiff linkdiff distributions dists downloadassets da enablechannels enablechannel fork getbinaries help importsrcpkg info init jobhistory jobhist linkpac linktobranch list LL lL ll ls localbuildlog lbl lock log maintainer bugowner maintenancerequest mr mbranch maintained sm meta mkpac mv my patchinfo pdiff prdiff projdiff projectdiff prjresults pr pull pull_request rdelete rdiff rebuild rebuildpac release releaserequest remotebuildlog remotebuildlogtail rbuildlogtail rblt rbuildlog rbl repairlink repairwc repo repositories platforms repos repourls request review rq requestmaintainership reqbs reqms reqmaintainership requestbugownership reqbugownership resolved restartbuild abortbuild results r revert rpmlintlog lint rpmlint rremove search bse se sendsysrq service setdevelproject sdp setlinkrev showlinked signkey staging status st submitrequest submitpac submitreq sr token triggerreason tr undelete unlock update up updatepacmetafromspec updatepkgmetafromspec metafromspec vc version whatdependson whois user who wipebinaries unpublish workerinfo" =~ (^|[[:space:]])$1($|[[:space:]]) ]]; then
+    # looks like the user is executing the container as the osc command
+    osc "$@"
+else
+    exec "$@"
+fi

packaging-image/packaging-image.changes

@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Wed Sep 11 07:46:36 UTC 2024 - SUSE Update Bot <bci-internal@suse.de>
+
+- First version of the Packaging BCI