Using SLE BCI
Package manager
The default package manager in SUSE Linux Enterprise is Zypper. Similar to APT in Debian and APK in Alpine Linux, Zypper offers a command-line interface for all package management tasks. Below is brief overview of commonly used container-related Zypper commands.
Install packages
zypper --non-interactive install $PACKAGE_NAME
Add a repository
zypper --non-interactive addrepo $REPOSITORY_URL; zypper --non-interactive refresh
Update all packages
zypper --non-interactive update
Remove a package
zypper --non-interactive remove --clean-deps $PACKAGE_NAME
the --clean-deps
flag ensures that no longer required dependencies are
removed as well
Clean up temporary files
zypper clean
For more information on using Zypper, refer to the zypper documentation.
All the described commands use the --non-interactive
flag to skip
confirmations, since you cannot approve these manually during container
builds. Keep in mind that you must use the flag with any command that
modifies the system. Also note that --non-interactive
is not a "yes to
all" flag. Instead, --non-interactive
confirms what is considered to
be the intention of the user. For example, an installation command with
the --non-interactive
option fails if it needs to import new
repository signing keys, as that is something that the user should
verify themselves.
Common patterns
Here are a few examples that can give you an idea how to accomplish certain tasks in SLE BCI compared to Debian.
Remove orphaned packages
Debian:
apt-get autoremove -y
SLE BCI: Not required as long as you remove installed packages using the
zypper --non-interactive remove --clean-deps $PACKAGE_NAME
Obtain container’s architecture
Debian:
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"
SLE BCI:
arch="$(uname -p|sed 's/x86_64/amd64/')"
Install packages required for compilation
Debian:
apt-get install -y build-essential
SLE BCI:
zypper -n in gcc gcc-c++ make
Verify GnuPG signatures
Debian:
gpg --batch --verify $SIGNATURE_URL $FILE_TO_VERIFY
SLE BCI:
zypper -n in dirmngr; gpg --batch --verify $SIGNATURE_URL $FILE_TO_VERIFY; zypper -n remove --clean-deps dirmngr; zypper -n clean
Package naming conventions
SUSE Linux Enterprise package naming conventions differ from Debian,
Ubuntu, and Alpine, and they are closer to those of Red Hat Enterprise
Linux. The main difference is that development packages of libraries
(that is, packages containing headers and build description files) are
named $PACKAGE-devel
in SUSE Linux Enterprise, as opposed to
$PACKAGE-dev
as they are in Debian and Ubuntu. When in doubt, search
for the package directly using the following command:
docker run --rm registry.suse.com/bci/bci-base:$OS_VERSION zypper search $PACKAGE_NAME
podman run --rm registry.suse.com/bci/bci-base:$OS_VERSION zypper search $PACKAGE_NAME
nerdctl run --rm registry.suse.com/bci/bci-base:$OS_VERSION zypper search $PACKAGE_NAME
(replace OS_VERSION
with the appropriate service version number, for
example: 15.3
or 15.4
).
Adding GPG signing keys
Adding external repositories to a container or container image normally
requires importing the GPG key used for signing the packages. This can
be done with the rpm --import $KEY_URL
command. This adds the key to
the RPM database, and all packages from the repository can be installed
afterwards.