diff --git a/.obs/workflows.yml b/.obs/workflows.yml
index 581e55c..7f8d802 100644
--- a/.obs/workflows.yml
+++ b/.obs/workflows.yml
@@ -230,3 +230,7 @@ staging_build:
source_package: ironic-ipa-ramdisk
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
+ - branch_package:
+ source_package: kiwi-builder-image
+ source_project: isv:SUSE:Edge:Factory
+ target_project: isv:SUSE:Edge:Factory:Staging
diff --git a/kiwi-builder-image/Dockerfile b/kiwi-builder-image/Dockerfile
new file mode 100644
index 0000000..cb60b63
--- /dev/null
+++ b/kiwi-builder-image/Dockerfile
@@ -0,0 +1,38 @@
+#!BuildTag: kiwi-builder:10.1
+FROM registry.suse.com/bci/kiwi:10.1.10
+MAINTAINER SUSE LLC (https://www.suse.com/)
+
+# Define labels according to https://en.opensuse.org/Building_derived_containers
+# labelprefix=com.suse.application.akri
+LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
+LABEL org.opencontainers.image.title="SLE Kiwi Builder Container Image"
+LABEL org.opencontainers.image.description="kiwi-builder based on the SLE Base Container Image."
+LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
+LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
+LABEL org.opencontainers.image.created="%BUILDTIME%"
+LABEL org.opencontainers.image.vendor="SUSE LLC"
+LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%kiwi-builder:10.1
+LABEL org.openbuildservice.disturl="%DISTURL%"
+LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
+LABEL com.suse.eula="SUSE Combined EULA February 2024"
+LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
+LABEL com.suse.image-type="application"
+LABEL com.suse.release-stage="released"
+# endlabelprefix
+
+# Install required packages for Kiwi to function as expected
+# Should be provided via https://github.com/SUSE/BCI-dockerfile-generator/pull/1770
+# RUN zypper in -y gawk && zypper clean -a
+
+# Configure Kiwi to use kpartx
+RUN echo -e "mapper:\n - part_mapper: kpartx" > /etc/kiwi.yml
+
+# Copy build script into image and make it executable
+ADD build-image.sh /usr/bin/build-image
+RUN chmod a+x /usr/bin/build-image
+
+# Make a directory for the standard SL Micro Kiwi definition and config file and copy them in
+RUN mkdir -p /micro-sdk/defs
+ADD SL-Micro.kiwi /micro-sdk/defs
+ADD SL-Micro.kiwi.4096 /micro-sdk/defs
+ADD config.sh /micro-sdk/defs
diff --git a/kiwi-builder-image/README b/kiwi-builder-image/README
new file mode 100644
index 0000000..bdfa204
--- /dev/null
+++ b/kiwi-builder-image/README
@@ -0,0 +1,51 @@
+###########################
+Kiwi SDK Image Instructions
+###########################
+
+Please ensure that you're running this on a registered SLE Micro 6.0 system, and make sure that SELinux is disabled:
+
+# setenforce 0
+
+Next, download the podman image:
+
+# podman pull %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10
+
+Make a local output directory (where the images will reside):
+
+# mkdir output
+
+Then, to build a standard "Default" image, run the following in podman:
+
+# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10 build-image
+
+To build a SelfInstall ISO, you can add additional flags, for example:
+
+# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10 build-image -p Default-SelfInstall
+
+To build an image with a RealTime kernel, e.g. a RAW disk image ("Default"), use the following:
+
+# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10 build-image -p Base-RT
+
+To build an image that supports a large block/sectorsize (4096), use the "-b" flag, for example:
+
+# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10 build-image -p Default-SelfInstall -b
+
+# mkdir mydefs/
+# cp /path/to/SL-Micro.kiwi mydefs/
+# cp /path/to/config.sh mydefs/
+# podman run --privileged -v /etc/zypp/repos.d:/micro-sdk/repos/ -v ./output:/tmp/output -v ./mydefs/:/micro-sdk/defs/ -it %%IMG_REPO%%/%%IMG_PREFIXkiwi-builder:10 build-image
+
+All output will be in the local $(pwd)/output directory, for example:
+
+# ls -1 output/
+SLE-Micro.x86_64-6.0.changes
+SLE-Micro.x86_64-6.0.packages
+SLE-Micro.x86_64-6.0.raw
+SLE-Micro.x86_64-6.0.verified
+build
+kiwi.result
+kiwi.result.json
+
+Note, if you want to rebuild the image, you'll need to empty the output directory, or Kiwi will error due to existing output files:
+
+# rm -rf output/*
diff --git a/kiwi-builder-image/SL-Micro.kiwi b/kiwi-builder-image/SL-Micro.kiwi
new file mode 100644
index 0000000..76a4290
--- /dev/null
+++ b/kiwi-builder-image/SL-Micro.kiwi
@@ -0,0 +1,777 @@
+
+
+
+
+
+
+ SUSE
+ crc@suse.com
+ SL Micro
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 4
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 32
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 24
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 32
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+ 20
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/kiwi-builder-image/SL-Micro.kiwi.4096 b/kiwi-builder-image/SL-Micro.kiwi.4096
new file mode 100644
index 0000000..33d84b0
--- /dev/null
+++ b/kiwi-builder-image/SL-Micro.kiwi.4096
@@ -0,0 +1,784 @@
+
+
+
+
+
+
+ SUSE
+ crc@suse.com
+ SL Micro
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 4
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 32
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+ 5
+
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 24
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 32
+
+
+
+
+ 6.0
+ zypper
+ SLE
+ SLE
+ true
+ en_US
+
+
+
+
+
+
+
+
+
+
+
+ 20
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/kiwi-builder-image/_service b/kiwi-builder-image/_service
new file mode 100644
index 0000000..0def281
--- /dev/null
+++ b/kiwi-builder-image/_service
@@ -0,0 +1,19 @@
+
+
+
+ README
+ IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)
+ IMG_REPO
+ IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})
+ IMG_PREFIX
+
+
+ Dockerfile
+ IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})
+ IMG_PREFIX
+ IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)
+ IMG_REPO
+ SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level)
+ SUPPORT_LEVEL
+
+
diff --git a/kiwi-builder-image/build-image.sh b/kiwi-builder-image/build-image.sh
new file mode 100644
index 0000000..0725537
--- /dev/null
+++ b/kiwi-builder-image/build-image.sh
@@ -0,0 +1,91 @@
+#!/usr/bin/env bash
+# Copyright (c) 2024 SUSE LLC
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+#
+
+# Set image build defaults, blocksize is an empty string
+PROFILE="Default"
+LARGEBLOCK=false
+
+# Print usage
+usage(){
+ cat <<-EOF
+ ==============================
+ SLE Micro 6.0 Kiwi SDK Builder
+ ==============================
+
+ Usage: ${0} [-p ] [-b]
+
+ Profile Options (-p):
+ * Default: RAW Disk Image with kernel-default
+ * Default-SelfInstall: SelfInstall ISO with kernel-default
+ * Base-RT: RAW Disk Image with kernel-rt
+ * Base-RT-SelfInstall: SelfInstall ISO with kernel-rt
+
+ 4096 Blocksize (-b): If specified, use a 4096 blocksize (rather than 512) when generating the image.
+
+ NOTE: If both options are omitted, the "Default" profile with a standard "512" blocksize is used.
+ EOF
+}
+
+# Grab CLI options and handle
+while getopts 'p:bh' OPTION; do
+ case "${OPTION}" in
+ p)
+ PROFILE="${OPTARG}"
+ ;;
+ b)
+ LARGEBLOCK=true
+ ;;
+ ?)
+ usage && exit 2
+ ;;
+ esac
+done
+
+# To avoid wasting time, perform the loop creation test first, and exit with a warning to re-run.
+# This only happens when the container hasn't been ran on the host before, and is avoided by mounting /dev/ into the image.
+qemu-img create /tmp/output/test.img 1M
+if LOOP=$(losetup -f --show /tmp/output/test.img); then
+ rm -f /tmp/output/test.img
+ losetup -d $LOOP
+else
+ echo -e "\nERROR: Early loop device test failed, please retry the container run."
+ exit 1
+fi
+
+# Grab local SLE Micro repos and create a list to use as part of the image build
+REPOS=`for i in $(cat /micro-sdk/repos/*.repo | awk '/baseurl/ {split($0,string,"="); print string[2]}'); do echo -n "--add-repo $i "; done`
+
+if $LARGEBLOCK; then
+ mv /micro-sdk/defs/SL-Micro.kiwi.4096 /micro-sdk/defs/SL-Micro.kiwi
+fi
+
+# Build the image
+kiwi-ng --debug --profile $PROFILE system build \
+ --description /micro-sdk/defs --target-dir /tmp/output --ignore-repos-used-for-build $REPOS
+
+# Print output
+RESULT=$?
+if [ $RESULT -eq 0 ]; then
+ echo -e "\n\nINFO: Image build successful, generated images are available in the 'output' directory."
+else
+ echo -e "\n\nERROR: Failed to build the image, please see above logs."
+fi
\ No newline at end of file
diff --git a/kiwi-builder-image/config.sh b/kiwi-builder-image/config.sh
new file mode 100644
index 0000000..3214755
--- /dev/null
+++ b/kiwi-builder-image/config.sh
@@ -0,0 +1,317 @@
+#!/bin/bash
+# Copyright (c) 2023 SUSE LLC
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+#
+#======================================
+# Functions...
+#--------------------------------------
+
+test -f /.kconfig && . /.kconfig
+test -f /.profile && . /.profile
+
+set -euxo pipefail
+
+mkdir /var/lib/misc/reconfig_system
+
+#======================================
+# Greeting...
+#--------------------------------------
+echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."
+
+#======================================
+# This is a workaround - someone,
+# somewhere needs to load the xts crypto
+# module, otherwise luksOpen will fail while
+# creating the image.
+#--------------------------------------
+modprobe xts || true
+
+#======================================
+# add missing fonts
+#--------------------------------------
+CONSOLE_FONT="eurlatgr.psfu"
+
+#======================================
+# prepare for setting root pw, timezone
+#--------------------------------------
+echo ** "reset machine settings"
+sed -i 's/^root:[^:]*:/root:*:/' /etc/shadow
+rm /etc/machine-id
+rm /var/lib/zypp/AnonymousUniqueId
+
+#======================================
+# Setup baseproduct link
+#--------------------------------------
+suseSetupProduct
+
+#======================================
+# Specify default runlevel
+#--------------------------------------
+baseSetRunlevel 3
+
+#======================================
+# Add missing gpg keys to rpm
+#--------------------------------------
+suseImportBuildKey
+
+#======================================
+# If SELinux is installed, configure it like transactional-update setup-selinux
+#--------------------------------------
+if [[ -e /etc/selinux/config ]]; then
+ # Check if we don't have selinux already enabled.
+ grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q security=selinux || \
+ sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "/etc/default/grub"
+
+ # Adjust selinux config
+ sed -i -e 's|^SELINUX=.*|SELINUX=enforcing|g' \
+ -e 's|^SELINUXTYPE=.*|SELINUXTYPE=targeted|g' \
+ "/etc/selinux/config"
+
+ # Move an /.autorelabel file from initial installation to writeable location
+ test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel
+fi
+
+##======================================
+## Enable DHCP on eth0
+##--------------------------------------
+#cat >/etc/sysconfig/network/ifcfg-eth0 <> /etc/vconsole.conf
+
+# fix security level (boo#1171174)
+sed -e '/^PERMISSION_SECURITY=s/easy/paranoid/' /etc/sysconfig/security
+chkstat --set --system
+
+#======================================
+# SSL Certificates Configuration
+#--------------------------------------
+echo '** Rehashing SSL Certificates...'
+update-ca-certificates
+
+#======================================
+# Import trusted rpm keys
+#--------------------------------------
+for i in /usr/lib/rpm/gnupg/keys/gpg-pubkey*asc; do
+ # importing can fail if it already exists
+ rpm --import $i || true
+done
+
+# Temporary workaround for bsc#1212187
+echo "techpreview.ZYPP_MEDIANETWORK=1" >> /etc/zypp/zypp.conf
+
+#======================================
+# Enable kubelet if installed
+#--------------------------------------
+if [ -e /usr/lib/systemd/system/kubelet.service ]; then
+ suseInsertService kubelet
+fi
+
+# Adjust zypp conf
+# https://github.com/openSUSE/libzypp/issues/212
+# in yast that's done in packager/cfa/zypp_conf.rb
+sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf
+sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf
+sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf
+
+#=====================================
+# Configure snapper
+#-------------------------------------
+if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
+ echo "creating initial snapper config ..."
+ cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root
+ baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root
+
+ # Adjust parameters
+ sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root
+ sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root
+ sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
+fi
+
+# Enable jeos-firstboot if installed, disabled by combustion/ignition
+if rpm -q --whatprovides jeos-firstboot >/dev/null; then
+ mkdir -p /var/lib/YaST2
+ touch /var/lib/YaST2/reconfig_system
+ systemctl enable jeos-firstboot.service
+fi
+
+# Enable cloud-init if installed
+if rpm -q --whatprovides cloud-init >/dev/null; then
+ systemctl enable cloud-init
+ systemctl enable cloud-init-local
+fi
+
+# The %post script can't edit /etc/fstab sys due to https://github.com/OSInside/kiwi/issues/945
+# so use the kiwi custom hack
+cat >/etc/fstab.script <<"EOF"
+#!/bin/sh
+set -eux
+
+/usr/sbin/setup-fstab-for-overlayfs
+# If /var is on a different partition than /...
+if [ "$(findmnt -snT / -o SOURCE)" != "$(findmnt -snT /var -o SOURCE)" ]; then
+ # ... set options for autoexpanding /var
+ gawk -i inplace '$2 == "/var" { $4 = $4",x-growpart.grow,x-systemd.growfs" } { print $0 }' /etc/fstab
+fi
+EOF
+chmod a+x /etc/fstab.script
+
+# To make x-systemd.growfs work from inside the initrd
+cat >/etc/dracut.conf.d/50-microos-growfs.conf <<"EOF"
+install_items+=" /usr/lib/systemd/systemd-growfs "
+EOF
+
+#======================================
+# Add repos from control.xml
+#--------------------------------------
+if [ -x /usr/sbin/add-yast-repos ]; then
+ add-yast-repos
+ zypper --non-interactive rm -u live-add-yast-repos
+fi
+
+#======================================
+# Configure SelfInstall specifics
+#--------------------------------------
+if [[ "$kiwi_profiles" == *"SelfInstall"* ]]; then
+ cat > /etc/systemd/system/selfinstallbootloader.service <<-EOF
+ [Unit]
+ Description=
+ After=systemd-machine-id-commit.service
+ Before=jeos-firstboot.service
+
+ [Service]
+ Type=oneshot
+ ExecStart=rm /etc/systemd/system/selfinstallbootloader.service
+ ExecStart=rm /etc/systemd/system/default.target.wants/selfinstallbootloader.service
+ ExecStart=/sbin/transactional-update bootloader
+ ExecStart=/sbin/transactional-update apply
+
+ [Install]
+ WantedBy=default.target
+ EOF
+ ln -s /etc/systemd/system/selfinstallbootloader.service /etc/systemd/system/default.target.wants/selfinstallbootloader.service
+fi
+
+#======================================
+# Boot TimeOut Configuration for iSCSI
+#--------------------------------------
+cat > /etc/systemd/system/iscsi-init-delay.service <<-EOF
+[Unit]
+# Workaround for boo#1198457 delay gen-initiatorname after local-fs
+Description=One time delay for the iscsid.service
+ConditionPathExists=!/etc/iscsi/initiatorname.iscsi
+ConditionPathExists=/sbin/iscsi-gen-initiatorname
+DefaultDependencies=no
+RequiresMountsFor=/etc/iscsi
+After=local-fs.target
+Before=iscsi-init.service
+
+[Install]
+WantedBy=default.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=no
+ExecStart=/sbin/iscsi-gen-initiatorname
+EOF
+ln -s /etc/systemd/system/iscsi-init-delay.service /etc/systemd/system/default.target.wants/iscsi-init-delay.service
+
+#======================================
+# Configure Pine64 specifics
+#--------------------------------------
+if [[ "$kiwi_profiles" == *"Pine64" ]]; then
+ echo 'add_drivers+=" fixed sunxi-mmc axp20x-regulator axp20x-rsb "' > /etc/dracut.conf.d/sunxi_modules.conf
+fi
+
+#======================================
+# Configure Raspberry Pi specifics
+#--------------------------------------
+if [[ "$kiwi_profiles" == *"RaspberryPi"* ]]; then
+ # Add necessary kernel modules to initrd (will disappear with bsc#1084272)
+ echo 'add_drivers+=" bcm2835_dma dwc2 "' > /etc/dracut.conf.d/raspberrypi_modules.conf
+
+ # Add necessary kernel modules to initrd (will disappear with boo#1162669)
+ echo 'add_drivers+=" pcie-brcmstb "' >> /etc/dracut.conf.d/raspberrypi_modules.conf
+
+ # Work around network issues
+ cat > /etc/modprobe.d/50-rpi3.conf <<-EOF
+ # Prevent too many page allocations (bsc#1012449)
+ options smsc95xx turbo_mode=N
+ EOF
+
+ cat > /usr/lib/sysctl.d/50-rpi3.conf <<-EOF
+ # Avoid running out of DMA pages for smsc95xx (bsc#1012449)
+ vm.min_free_kbytes = 2048
+ EOF
+fi
+
+#======================================
+# Configure Vagrant specifics
+#--------------------------------------
+if [[ "$kiwi_profiles" == *"Vagrant"* ]]; then
+ # create vagrant user
+ useradd vagrant
+ # allow password-less sudo
+ echo "vagrant ALL=(ALL)NOPASSWD:ALL" > /etc/sudoers.d/vagrant
+ # add vagrant's insecure key
+ mkdir -p /home/vagrant/.ssh
+ chmod 0700 /home/vagrant/.ssh
+ cat > /home/vagrant/.ssh/authorized_keys << EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+EOF
+ chmod 0600 /home/vagrant/.ssh/authorized_keys
+ chown -R vagrant /home/vagrant
+fi
+
+#======================================
+# cloud-init specific settings
+#--------------------------------------
+# We do not want cloud-init to run in an environment when there is no data
+# source found. bsc#1222113
+if [[ "$kiwi_profiles" =~ ^(x86-qcow|x86-vmware|aarch64-qcow)$ ]]; then
+ echo "policy: search,found=all,maybe=disabled,notfound=disabled" > /etc/cloud/ds-identify.cfg
+fi
+
+exit 0