I'm not sure which version of Docker and relevant other parts of the system are used for the CI, so I'm writing this just in case.
Tumbleweed has updated glibc to 2.33 now, which makes use of the relatively new faccessat2 syscall, which is only handled properly in newer versions of Docker/podman and libseccomp.
So I suggest to check whether this issue affects the CI as well, before there's a sudden failure on the next image rebuilds.
Some info:
https://github.com/seccomp/libseccomp/issues/314
https://github.com/opencontainers/runc/pull/2750