search

SUSE / container-suseconnect

Provides access to repositories inside containers using the host entitlements
Apache License 2.0
19 stars 16 forks source link

Extending containers without docker and SLE #52

Closed mwilck closed 1 month ago

mwilck commented 3 years ago

The README.md explains how to extend SLE containers on non-SLE systems using docker. I was wondering if it also works with podman and buildah. The answer is yes, even though buildah bud doesn't support DOCKER_BUILDKIT and RUN --mount type=secret.

Instead, it can be done with buildah as follows. Like with docker, valid SUSEConnect and SCCcredentials files are required and must be accessible locally.

#! /bin/bash
NAME=my-sle15-container
BASE="registry.suse.com/suse/sle15:15.2"
# list of packages to install
PACKAGES="make gcc"
# List of addon modules to activate
ADDONS="sle-module-development-tools,PackageHub"
WORK=$(buildah from "$BASE")
echo working on "$WORK" >&2
buildah config --env "ADDITIONAL_MODULES=$ADDONS" "$WORK"
buildah  run --mount=type=bind,src=$PWD/SUSEConnect,dst=/run/secrets/SUSEConnect \
     --mount=type=bind,src=$PWD/SCCcredentials,dst=/run/secrets/SCCcredentials \
     "$WORK" \
     zypper -n --gpg-auto-import-keys \
     install $PACKAGES
buildah run "$WORK" zypper clean --all
# make sure ADDITIONAL_MODULES isn't set in the built container
buildah config --env "ADDITIONAL_MODULES-" "$WORK"
buildah commit "$WORK" "$NAME"

Unlike docker build, it's actually possible to remove the -n flag from the zypper command line and thus solve possible conflicts during the build.

Perhaps you want to add that to the README?

alexandrevicenzi commented 1 month ago

Something similar is documented here: https://opensource.suse.com/bci-docs/guides/container-suseconnect/

Does that work for you?

mwilck commented 1 month ago

It has been some time :grin: ... Possibly, yes. I can see that the new docs have a podman section now. LGTM.