Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changes: Added support for openSUSE tumbleweed and leap v15.6,v15.5,v… #77

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

sudiptagreenbone
Copy link

…15.4,v15.3

What

This PR adds container images for openSUSE.
Currently it is added for openSUSE Tumbleweed latest, because Tumbleweed is a rolling update hence there are no specific versions of it. However, for openSUSE Leap the following versions support has been added: 15.6,15.5,15.4,15.3

Why

To make them available for testing

References

Checklist

  • Tests

@@ -134,6 +134,24 @@ jobs:
TAG: "24.03-lts"
- CONTEXT: operating_systems/openeuler
TAG: "24.09"
- CONTEXT: operating_systems/opensuse
BASEIMAGE: opensuse/leap
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can drop the BASEIMAGE, because the Dockerfile contains the same value as default

README.md Outdated
@@ -97,6 +97,12 @@ When done, the container can be stopped with `docker stop target`.
- `23.09`
- `24.03-lts`
- `24.09`
- [openSUSE](https://ghcr.io/greenbone/vt-test-environments/opensuse) (`opensuse`)
- `leap:15.6`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't use : in the tag. The full name would then be ...vt-test-environments/opensuse:leap:15.6, which isn't allowed.
What do you think about dropping leap and tumbleweed, so that the tags are only called opensuse:15.6 or openSUSE:tumbleweed?
There's every one one single tumbleweed release and other openSUSE products like Leap Micro and microOS only have very few or no security advisories available anyways. Besides that, only Leap and Tumbleweed are available on Docker Hub, so I the others are lower prio.

Comment on lines 15 to 17
&& [ ! -f /etc/ssh/sshd_config ] && /usr/sbin/sshd -t || true \
&& touch /etc/ssh/sshd_config \
&& echo "PasswordAuthentication yes" >> /etc/ssh/sshd_configc
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is this part for? Isn't this testing the config, if present, but then ignoring the result and creating it and enabling password authentication?
Password authentication seems to be enabled by default, so there's probably no need to enable it manually, right? Currently, that instruction is ignored anyways, because of the typo in sshd_configc and it's still working :)

@@ -0,0 +1,21 @@
ARG BASEIMAGE=opensuse/leap
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
ARG BASEIMAGE=opensuse/leap
ARG BASEIMAGE=docker.io/opensuse/leap

Explicitly naming the registry can avoid issues with Podman in some cases (when Podman doesn't know which registry to use). In this case this is only for conformity sake though.

ARG UPDATED=false

RUN if [ "$UPDATED" = true ]; then zypper refresh && zypper update -y; fi \
&& zypper install -y openssh shadow \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
&& zypper install -y openssh shadow \
&& zypper install -y openssh \

Isn't shadow already pre-installed?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah you are right. This is not required to be installed explicitly.

… opensuse leap as it is the default for the docker file. Changed the openSUSE version tag format on the README. Removed shadow installation and addition of password authentication to the sshd config file.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants