diff --git a/.obs/workflows.yml b/.obs/workflows.yml
index cc9d1c6cf..fd28e48ca 100644
--- a/.obs/workflows.yml
+++ b/.obs/workflows.yml
@@ -137,6 +137,10 @@ staging_build:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: openjdk-22-devel-image
         target_project: home:defolos:BCI:CR:Tumbleweed:Staging
+    - branch_package:
+        source_project: home:defolos:BCI:CR:Tumbleweed
+        source_package: packaging-image
+        target_project: home:defolos:BCI:CR:Tumbleweed:Staging
     - branch_package:
         source_project: home:defolos:BCI:CR:Tumbleweed
         source_package: pcp-image
@@ -340,6 +344,9 @@ refresh_devel_BCI:
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: openjdk-22-devel-image
+    - trigger_services:
+        project: devel:BCI:Tumbleweed
+        package: packaging-image
     - trigger_services:
         project: devel:BCI:Tumbleweed
         package: pcp-image
diff --git a/packaging-image/Dockerfile b/packaging-image/Dockerfile
new file mode 100644
index 000000000..6f190d609
--- /dev/null
+++ b/packaging-image/Dockerfile
@@ -0,0 +1,50 @@
+# SPDX-License-Identifier: MIT
+
+#     Copyright (c) 2024 SUSE LLC
+
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon.
+
+# The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
+# It is maintained by the BCI team and generated by
+# https://github.com/SUSE/BCI-dockerfile-generator
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# You can contact the BCI team via https://github.com/SUSE/bci/discussions
+
+
+#!BuildTag: opensuse/osc:%%osc_version%%
+#!BuildTag: opensuse/osc:%%osc_version%%-%RELEASE%
+#!BuildTag: opensuse/osc:latest
+
+FROM opensuse/tumbleweed:latest
+
+RUN set -euo pipefail; zypper -n in osc build cpio obs-service-appimage obs-service-cargo obs-service-cdi_containers_meta obs-service-compose_kiwi_description obs-service-docker_label_helper obs-service-download_assets obs-service-download_files obs-service-download_url obs-service-extract_file obs-service-format_spec_file obs-service-go_modules obs-service-kiwi_label_helper obs-service-kiwi_metainfo_helper obs-service-kubevirt_containers_meta obs-service-node_modules obs-service-obs_scm obs-service-product_converter obs-service-recompress obs-service-refresh_patches obs-service-replace_using_env obs-service-replace_using_package_version obs-service-set_version obs-service-snapcraft obs-service-source_validator obs-service-tar obs-service-tar_scm obs-service-verify_file openSUSE-release openSUSE-release-appliance-docker bash-completion git obs-scm-bridge openssh-common openssh-clients; zypper -n clean; rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2}
+
+# Define labels according to https://en.opensuse.org/Building_derived_containers
+# labelprefix=org.opensuse.application.osc
+LABEL org.opencontainers.image.authors="openSUSE (https://www.opensuse.org/)"
+LABEL org.opencontainers.image.title="openSUSE Tumbleweed Packaging"
+LABEL org.opencontainers.image.description="Packaging container based on the openSUSE Tumbleweed Base Container Image."
+LABEL org.opencontainers.image.version="%%osc_version%%"
+LABEL org.opencontainers.image.url="https://www.opensuse.org"
+LABEL org.opencontainers.image.created="%BUILDTIME%"
+LABEL org.opencontainers.image.vendor="openSUSE Project"
+LABEL org.opencontainers.image.source="%SOURCEURL%"
+LABEL org.opencontainers.image.ref.name="%%osc_version%%-%RELEASE%"
+LABEL org.opensuse.reference="registry.opensuse.org/opensuse/osc:%%osc_version%%-%RELEASE%"
+LABEL org.openbuildservice.disturl="%DISTURL%"
+LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI"
+LABEL org.opensuse.release-stage="released"
+# endlabelprefix
+LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/SUSE/BCI-dockerfile-generator/Tumbleweed/packaging-image/README.md"
+LABEL run="podman run --rm -it -v \$HOME/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z -v \$HOME/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z IMAGE"
+LABEL runcwd="podman run --rm -it -v \$HOME/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z -v \$HOME/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z -v .:/root/osc-workdir:z IMAGE"
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+CMD ["/bin/bash"]
+WORKDIR /root/osc-workdir
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+RUN chmod +x /usr/local/bin/entrypoint.sh
+
+VOLUME /var/tmp
diff --git a/packaging-image/README.md b/packaging-image/README.md
new file mode 100644
index 000000000..2bebd251a
--- /dev/null
+++ b/packaging-image/README.md
@@ -0,0 +1,105 @@
+# OSC Packaging Container
+
+![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green)
+
+This is the openSUSE packaging container image that includes all the required
+tools for creating and modifying packages in the [Open Build
+Service](https://build.opensuse.org/) using
+[osc](https://github.com/openSUSE/osc/).
+
+
+## How to use this container image
+
+The container image is intended for interactive usage with a `.oscrc` configuration file and
+the osc cookiejar mounted into the container:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:rw,z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The command launches an interactive shell environment that uses the local osc configuration. You can then check out packages, perform modifications, and
+send submissions to OBS.
+
+To work on an already checked out package, mount the current working directory:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      -v .:/root/osc-workdir:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The container entrypoint recognizes whether you are launching it for interactive
+usage or invoking `osc` directly. You can omit
+the command `osc` in the second case. For example:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%% ls openSUSE:Factory
+```
+
+The command automatically forwards the arguments to `osc` and calls
+`osc ls openSUSE:Factory`.
+
+
+### Using the image labels
+
+The image provides two labels: `run` and `runcwd`. The first includes the full command, to run the `osc` container, while the second to run the container with the local working directory mounted.
+
+To view the labels, use the following command:
+
+```ShellSession
+# podman container runlabel run --display registry.opensuse.org/opensuse/osc:%%osc_version%%
+# podman container runlabel runcwd --display registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+The labels can be used to run the container with Podman version 5.1.0 or later:
+```ShellSession
+# podman container runlabel run registry.opensuse.org/opensuse/osc:%%osc_version%% \
+      ls openSUSE:Factory
+```
+
+
+### Connecting to build.suse.de
+
+build.suse.de uses an SSH-based authentication, which requires additional
+resources to be available in the container. You also must provide the internal certificate to the container:
+
+```ShellSession
+# podman run --rm -it \
+      -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \
+      -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \
+      -v /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro,z \
+      -v $SSH_AUTH_SOCK:/run/user/0/ssh-agent.socket:z \
+      -e SSH_AUTH_SOCK=/var/run/user/0/ssh-agent.socket:z \
+      -v "$PWD":/root/osc-workdir:z \
+      registry.opensuse.org/opensuse/osc:%%osc_version%%
+```
+
+
+## Limitations
+
+- Currently, it is not possible to build packages in a container.
+- The `runlabel run` command only works with Podman 5.1.0 and newer.
+
+
+## Volumes
+
+The container image is preconfigured to put `/var/tmp` into a volume. This
+directory is used by `osc` to store the buildroot and the package cache.
+
+## Licensing
+
+`SPDX-License-Identifier: MIT`
+
+This documentation and the build recipe are licensed as MIT.
+The container itself contains various software components under various open source licenses listed in the associated
+Software Bill of Materials (SBOM).
+
+This image is based on [openSUSE Tumbleweed](https://get.opensuse.org/tumbleweed/).
diff --git a/packaging-image/_service b/packaging-image/_service
new file mode 100644
index 000000000..37cff407b
--- /dev/null
+++ b/packaging-image/_service
@@ -0,0 +1,9 @@
+<services>
+  <service mode="buildtime" name="docker_label_helper"/>
+  <service mode="buildtime" name="kiwi_metainfo_helper"/>
+  <service name="replace_using_package_version" mode="buildtime">
+    <param name="file">Dockerfile</param>
+    <param name="regex">%%osc_version%%</param>
+    <param name="package">osc</param>
+  </service>
+</services>
\ No newline at end of file
diff --git a/packaging-image/entrypoint.sh b/packaging-image/entrypoint.sh
new file mode 100644
index 000000000..07e7bbf55
--- /dev/null
+++ b/packaging-image/entrypoint.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+if [[ ! -e /root/.config/osc/oscrc ]]; then
+    cat << EOF
+This container is expected to be launched with your oscrc mounted to
+/root/.config/osc/oscrc
+
+Please consult the README or the label 'run' for the full invocation.
+EOF
+fi
+
+if [[ "-h --help -v --verbose -q --quiet --debug --debugger --post-mortem --traceback -H --http-debug --http-full-debug -A --apiurl --config --setopt --no-keyring add addchannels addcontainers addremove ar aggregatepac api branch getpac bco branchco browse build wipe shell chroot buildconfig buildhistory buildhist buildinfo buildlog buildlogtail blt bl cat less blame changedevelrequest changedevelreq cr checkconstraints checkout co clean cleanassets ca clone comment commit checkin ci config copypac create-pbuild-config cpc createincident createrequest creq delete remove del rm deleterequest deletereq droprequest dropreq dr dependson detachbranch develproject dp bsdevelproject diff di ldiff linkdiff distributions dists downloadassets da enablechannels enablechannel fork getbinaries help importsrcpkg info init jobhistory jobhist linkpac linktobranch list LL lL ll ls localbuildlog lbl lock log maintainer bugowner maintenancerequest mr mbranch maintained sm meta mkpac mv my patchinfo pdiff prdiff projdiff projectdiff prjresults pr pull pull_request rdelete rdiff rebuild rebuildpac release releaserequest remotebuildlog remotebuildlogtail rbuildlogtail rblt rbuildlog rbl repairlink repairwc repo repositories platforms repos repourls request review rq requestmaintainership reqbs reqms reqmaintainership requestbugownership reqbugownership resolved restartbuild abortbuild results r revert rpmlintlog lint rpmlint rremove search bse se sendsysrq service setdevelproject sdp setlinkrev showlinked signkey staging status st submitrequest submitpac submitreq sr token triggerreason tr undelete unlock update up updatepacmetafromspec updatepkgmetafromspec metafromspec vc version whatdependson whois user who wipebinaries unpublish workerinfo" =~ (^|[[:space:]])$1($|[[:space:]]) ]]; then
+    # looks like the user is executing the container as the osc command
+    osc "$@"
+else
+    exec "$@"
+fi
diff --git a/packaging-image/packaging-image.changes b/packaging-image/packaging-image.changes
new file mode 100644
index 000000000..a58222e34
--- /dev/null
+++ b/packaging-image/packaging-image.changes
@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Thu Sep 05 11:32:35 UTC 2024 - SUSE Update Bot <bci-internal@suse.de>
+
+- First version of the Packaging BCI