Remove patterns-base-fips from SLFO base containers

This is pulling crypto-policies and we have base-fips now instead.
SUSE · Nov 26, 2024 · ab10773 · ab10773
1 parent 6e39a80
commit ab10773
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 7 deletions.
diff --git a/src/bci_build/package/base.py b/src/bci_build/package/base.py
@@ -177,13 +177,12 @@ def _get_base_kwargs(os_version: OsVersion) -> dict:
                     "cracklib-dict-small",
                     "filesystem",
                     "jdupes",
-                    "patterns-base-fips",
                     "shadow",
                     "zypper",
                 ]
                 + (["libcurl-mini4"] if os_version.is_slfo else [])
                 + (
-                    ["kubic-locale-archive", "rpm-ndb"]
+                    ["kubic-locale-archive", "rpm-ndb", "patterns-base-fips"]
                     if os_version.is_sle15
                     else ["glibc-locale-base"]
                 )

diff --git a/src/bci_build/package/basecontainers.py b/src/bci_build/package/basecontainers.py
@@ -173,11 +173,14 @@ def _get_supported_until_fips(os_version: OsVersion) -> datetime.date:
             os_version in CAN_BE_LATEST_OS_VERSION or os_version in ALL_OS_LTSS_VERSIONS
         ),
         pretty_name=_get_fips_pretty_name(os_version),
-        package_list=[*os_version.release_package_names, "coreutils"]
-        + (
-            ["fipscheck"]
-            if os_version == OsVersion.SP3
-            else ["crypto-policies-scripts"]
+        package_list=(
+            [*os_version.release_package_names, "coreutils"]
+            + (
+                ["fipscheck"]
+                if os_version == OsVersion.SP3
+                else ["crypto-policies-scripts"]
+            )
+            + (["patterns-base-fips"] if os_version.is_slfo else [])
         ),
         extra_labels={
             "usage": "This container should only be used on a FIPS enabled host (fips=1 on kernel cmdline)."