From dd416b5e9309b53df108804cd3554e2cb1fd6b5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Tue, 26 Nov 2024 10:48:42 +0100 Subject: [PATCH] Remove patterns-base-fips from SLFO base containers This is pulling crypto-policies and we have base-fips now instead. --- src/bci_build/package/base.py | 3 +-- src/bci_build/package/basecontainers.py | 13 ++++++++----- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/bci_build/package/base.py b/src/bci_build/package/base.py index 6c81c0463..06327193e 100644 --- a/src/bci_build/package/base.py +++ b/src/bci_build/package/base.py @@ -177,13 +177,12 @@ def _get_base_kwargs(os_version: OsVersion) -> dict: "cracklib-dict-small", "filesystem", "jdupes", - "patterns-base-fips", "shadow", "zypper", ] + (["libcurl-mini4"] if os_version.is_slfo else []) + ( - ["kubic-locale-archive", "rpm-ndb"] + ["kubic-locale-archive", "rpm-ndb", "patterns-base-fips"] if os_version.is_sle15 else ["glibc-locale-base"] ) diff --git a/src/bci_build/package/basecontainers.py b/src/bci_build/package/basecontainers.py index a787d2f46..efb3d2fe4 100644 --- a/src/bci_build/package/basecontainers.py +++ b/src/bci_build/package/basecontainers.py @@ -173,11 +173,14 @@ def _get_supported_until_fips(os_version: OsVersion) -> datetime.date: os_version in CAN_BE_LATEST_OS_VERSION or os_version in ALL_OS_LTSS_VERSIONS ), pretty_name=_get_fips_pretty_name(os_version), - package_list=[*os_version.release_package_names, "coreutils"] - + ( - ["fipscheck"] - if os_version == OsVersion.SP3 - else ["crypto-policies-scripts"] + package_list=( + [*os_version.release_package_names, "coreutils"] + + ( + ["fipscheck"] + if os_version == OsVersion.SP3 + else ["crypto-policies-scripts"] + ) + + (["patterns-base-fips"] if os_version.is_slfo else []) ), extra_labels={ "usage": "This container should only be used on a FIPS enabled host (fips=1 on kernel cmdline)."