OCI Image: Fedora 40, Integration Test Target (ITT)

Fedora 40 (Linux) for integration testing.

Main features of the OCI image:

• Fully functional systemd (not a shim)
• Unprivileged execution support

The image aims to replicate a "VM-like" operating system environment while maintaining container portability, making it ideal for:

• DevOps validation (like testing Ansible collections, roles, and playbooks)
• CI pipeline testing for quick smoke tests (e.g. before running full VM integration test)
• Development environments requiring systemd
• Testing system services and daemons

Table of contents

• Tags
• How to build
• How to use
• Non-goals / Limitations
• Licensing, copyright
  • Container configuration, repository
  • Container image
• Author information

Tags

• latest: Latest release of this image.

Images are typically rebuilt approximately every four weeks to include updates and security patches.

How to build

To build the image locally, do the following:

1. Install Podman.
2. Clone or pull the latest changes from the foundata/oci-fedora40-itt git repository repository.
3. Change into the directory and execute the build command:

   podman build -t fedora40-itt .

How to use

1. Install Podman.
2. Use the image you built earlier or pull the image from a registry:
   • Quay:

     podman pull quay.io/foundata/fedora40-itt:latest

3. Run a container from the image:

   podman run --detach fedora40-itt:latest

   Note: On SELinux-enabled systems, systemd attempts to write to the cgroup filesystem, which might be denied by default security policies. To allow this operation, you must enable the container_manage_cgroup boolean on the host system: sudo setsebool -P container_manage_cgroup 1
4. You can now work with the container, e.g. open a Bash terminal:

   podman ps
   podman exec -it "<container-id-or-name>" "/bin/bash"

   Look around and check if systemd is really working:

   cat /etc/os-release
   systemctl status

Non-goals / Limitations

This image is intentionally scoped for integration testing and development scenarios. It prioritizes compatibility and functionality over security and performance and is for usage in isolated environments only.

Specifically, it does not provide:

• Guaranteed compatibility with container runtimes other than Podman. We do not support Docker (but it might work).
• A production-hardened or security-optimized environment (e.g. CIS hardening, minimal attack surface).
• Support for long-running, multi-tenant, or internet-facing workloads.
• Optimizations for image size, fast startup time, or minimal resource usage.
• High availability, clustering, or orchestration features (e.g. Kubernetes tuning).

Licensing, copyright

Container configuration, repository

Copyright (c) 2025, 2026 foundata GmbH (https://foundata.com)

This project is licensed under the GNU General Public License v3.0 or later (SPDX-License-Identifier: GPL-3.0-or-later), see LICENSES/GPL-3.0-or-later.txt for the full text.

The REUSE.toml file provides detailed licensing and copyright information in a human- and machine-readable format. This includes parts that may be subject to different licensing or usage terms, such as third-party components. The repository conforms to the REUSE specification. You can use reuse spdx to create a SPDX software bill of materials (SBOM).

Container image

The pre-built image itself bundles various software components along with direct and indirect dependencies, which are subject to their respective licenses. When using the pre-built image, you are responsible for ensuring that your usage complies with all relevant licenses for the software contained within the image.

For further licensing information about the software contained in this image, please refer to the following resources:

• https://fedoraproject.org/wiki/Licensing:Main

Author information

This project was created and is maintained by foundata GmbH (https://foundata.com).