Overview

File Dockerfile of Package micro-fips-image

# SPDX-License-Identifier: MIT

#     Copyright (c) 2025 SUSE LLC

# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon.

# The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
# It is maintained by the BCI team and generated by
# https://github.com/SUSE/BCI-dockerfile-generator

# Please submit bugfixes or comments via https://bugs.opensuse.org/
# You can contact the BCI team via https://github.com/SUSE/bci/discussions

#!UseOBSRepositories

#!BuildTag: bci/bci-micro-fips:%OS_VERSION_ID_SP%-%RELEASE%
#!BuildTag: bci/bci-micro-fips:%OS_VERSION_ID_SP%
#!BuildName: bci-bci-micro-fips
#!BuildVersion: 16.0.0
#!BuildRelease: 5
FROM scratch AS target
FROM bci/bci-base:16.0 AS builder
COPY --from=target / /target

RUN set -euo pipefail; \
    export PERMCTL_ALLOW_INSECURE_MODE_IF_NO_PROC=1; \
    zypper -n --installroot /target --gpg-auto-import-keys install --no-recommends bash ca-certificates-mozilla-prebuilt coreutils skelcd-EULA-BCI SLES-release patterns-base-fips libopenssl3

RUN set -euo pipefail; zypper -n install jdupes \
    && jdupes -1 -L -r /target/usr/
RUN set -euo pipefail; zypper -n --installroot /target clean -a; \
    rm -rf {/target,}/var/log/{alternatives.log,lastlog,tallylog,zypper.log,zypp/history,YaST2}; rm -f {/target,}/etc/shadow-
FROM scratch
COPY --from=builder /target /
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.bci.micro-fips
LABEL org.opencontainers.image.authors="https://github.com/SUSE/bci/discussions"
LABEL org.opencontainers.image.title="SLE BCI 16 FIPS-140-3 Micro"
LABEL org.opencontainers.image.description="A FIPS enforcing micro environment for containers based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%OS_VERSION_ID_SP%-%RELEASE%"
LABEL org.opencontainers.image.url="https://www.suse.com/products/base-container-images/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opencontainers.image.source="%SOURCEURL%"
LABEL org.opencontainers.image.ref.name="%OS_VERSION_ID_SP%-%RELEASE%"
LABEL org.opensuse.reference="registry.suse.com/bci/bci-micro-fips:%OS_VERSION_ID_SP%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="sle-bci"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.release-stage="beta"
# endlabelprefix
LABEL io.artifacthub.package.readme-url="%SOURCEURL_WITH(README.md)%"
LABEL io.artifacthub.package.logo-url="https://opensource.suse.com/bci/SLE_BCI_logomark_green.svg"
CMD ["/bin/sh"]

ENV GNUTLS_FORCE_FIPS_MODE=1
ENV LIBGCRYPT_FORCE_FIPS_MODE=1
ENV LIBICA_FIPS_FLAG=1
ENV NSS_FIPS=1
ENV OPENSSL_FIPS=1
ENV OPENSSL_FORCE_FIPS_MODE=1
openSUSE Build Service is sponsored by
Places