SLE Base Container Images 15 SP5

Share
Share

The SLE BCI team is delighted to share that in conjunction with the launch of SUSE Linux Enterprise Server 15 SP5, the Language and Application containers of SUSE Linux Enterprise Base Container Images (SLE BCI) have been upgraded to take advantage of the enhanced features offered the new product version. This endeavor spanned multiple weeks and has been successfully accomplished today,  thanks to automated building, testing and release pipelines.

What is SLE BCI?

SLE BCIs are popular, trusted, secure and minimal SUSE Linux Enterprise Server 15-based images that you can use to develop, deploy, and freely share (redistribute) your applications. If you are using Rancher or Rancher Prime, you are already relying on them. SLE BCI containers are provided as:

  • General-purpose SLE BCI which can be used for building custom container images and for deploying applications.
  • Language stack SLE BCI containers which provide minimal environments for developing and deploying applications in specific programming languages.

On top of that, Application Container Images based on SLE BCI featuring popular containerized applications are provided as well.

New SLE BCI 15 SP5 release

Starting today, the :latest tags as well as the respective rolling tags will be leveraging the SUSE Linux Enterprise 15 SP5 base containers image. Of course the SLE BCI 15 SP4 base containers continue to be maintained with security and other bugfixes until end of General Support of SP4 (31 December 2023), with even longer periods available for Long Term Service Pack Support subscribers.

Release Highlights

During recent weeks, the SLE BCI team has successfully provided the following enhancements:

New Additions

Improvements to existing containers

  • The fast-rolling languages like Go and Rust are now also providing a :stable (always referring to the newest released stable patchlevel version) and :oldstable tag (always referring to the older, :stable-1 version of the respective language environment).  If you want to roll with these releases, you can change your CI build pipelines to derive from those tags. If you prefer to lock to a specific version in your CI/CD pipelines, we provide timeline in a com.suse.supportlevel.until label (in RFC3339 date format) until when you can expect to continue receiving updates and after which you should switch to a newer release.
  • Upcoming the SLE BCI team is preparing a rollover to use a longer 4096 bit RSA signing key for Cosign / Sigstore.dev container signing key for integrity verification.  This  new signing key will be
    pub   rsa4096/0x100CEB438FD6C337 2023-01-19 [SC] [expires: 2027-01-18]
    
    Key fingerprint = 2BFA 4649 1A1C FFA8 31EF  C4B6 100C EB43 8FD6 C337
    uid                             SUSE Linux Container Signing Key <build-container@suse.de>

    Already today SUSE provides all containers protected with the SUSE Signing keys and we offer documentation on how to harden the supply chain integrity by configuring for automatic verification of containers. This ensures you are protected from any potential tampering in transit. Further guides on how to use SLE BCI can be found in the continuously updated SLE BCI documentation.

  • While not directly apparent, significant effort has been invested into enhancing the stability of our release pipelines, reducing round-trip times and further completing the test coverage. This ensures that you consistently receive the latest updates while maintaining optimal stability. Rest assured that all updates are derived from the certified, supply-chain-secure, adaptable and easy-to-manage Linux server platform.

Other Highlights

Last but not least we extend our gratitude to our dedicated colleagues from the SUSE Customer Center team, who have already made enhancements to the listings of the SUSE maintained container images. Furthermore they will continue to enhance the  SUSE Registry frontend  with usability improvements and continuous feature updates over the next couple of weeks as well.

 

Share
(Visited 33 times, 1 visits today)
Dirk Müller (profile)
3,233 views
Dirk Müller  is a Distinguished Engineer working on SUSE Linux Enterprise, openSUSE, Linux container and other open source technologies.