From 3f6768838f90cf389d55f377179752d714f28dba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Tue, 4 Nov 2025 04:11:13 -0500 Subject: [PATCH] Change wording in Container's READMEs (#88048) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Change wording in Container's READMEs Signed-off-by: Carlos Rodríguez Hernández * Fix linter Signed-off-by: Carlos Rodríguez Hernández --------- Signed-off-by: Carlos Rodríguez Hernández --- README.md | 5 ++- bitnami/acmesolver/README.md | 33 +++++++-------- bitnami/airflow/README.md | 33 +++++++-------- bitnami/alertmanager/README.md | 33 +++++++-------- bitnami/apache-exporter/README.md | 33 +++++++-------- bitnami/apache/README.md | 33 +++++++-------- bitnami/apisix-ingress-controller/README.md | 33 +++++++-------- bitnami/apisix/README.md | 33 +++++++-------- bitnami/appsmith/README.md | 33 +++++++-------- bitnami/arangodb/README.md | 33 +++++++-------- bitnami/argo-cd/README.md | 33 +++++++-------- bitnami/argo-workflow-cli/README.md | 31 ++++++-------- bitnami/argo-workflow-controller/README.md | 31 ++++++-------- bitnami/argo-workflow-exec/README.md | 33 +++++++-------- bitnami/aspnet-core/README.md | 33 +++++++-------- bitnami/attu/README.md | 33 +++++++-------- bitnami/aws-cli/README.md | 33 +++++++-------- bitnami/azure-cli/README.md | 33 +++++++-------- bitnami/blackbox-exporter/README.md | 33 +++++++-------- bitnami/cadvisor/README.md | 33 +++++++-------- bitnami/cainjector/README.md | 33 +++++++-------- bitnami/cassandra-exporter/README.md | 33 +++++++-------- bitnami/cassandra/README.md | 33 +++++++-------- bitnami/cert-manager-webhook/README.md | 33 +++++++-------- bitnami/cert-manager/README.md | 33 +++++++-------- bitnami/chainloop-artifact-cas/README.md | 31 ++++++-------- .../README.md | 31 ++++++-------- bitnami/chainloop-control-plane/README.md | 31 ++++++-------- bitnami/charts-syncer/README.md | 31 ++++++-------- bitnami/cilium-operator/README.md | 33 +++++++-------- bitnami/cilium-proxy/README.md | 33 +++++++-------- bitnami/cilium/README.md | 33 +++++++-------- bitnami/clickhouse-keeper/README.md | 33 +++++++-------- .../README.md | 31 ++++++-------- bitnami/clickhouse-operator/README.md | 31 ++++++-------- bitnami/clickhouse/README.md | 33 +++++++-------- bitnami/cloudnative-pg/README.md | 31 ++++++-------- bitnami/cluster-autoscaler/README.md | 41 ++++++++----------- bitnami/concourse/README.md | 33 +++++++-------- bitnami/configmap-reload/README.md | 33 +++++++-------- bitnami/configurable-http-proxy/README.md | 33 +++++++-------- bitnami/consul-exporter/README.md | 33 +++++++-------- bitnami/consul/README.md | 33 +++++++-------- bitnami/contour/README.md | 33 +++++++-------- bitnami/cosign/README.md | 33 +++++++-------- bitnami/couchdb/README.md | 33 +++++++-------- bitnami/cypress/README.md | 33 +++++++-------- bitnami/deepspeed/README.md | 33 +++++++-------- bitnami/dex/README.md | 33 +++++++-------- bitnami/discourse/README.md | 33 +++++++-------- bitnami/dotnet-sdk/README.md | 33 +++++++-------- bitnami/dotnet/README.md | 33 +++++++-------- bitnami/dremio/README.md | 33 +++++++-------- bitnami/drupal/README.md | 33 +++++++-------- bitnami/ejbca/README.md | 33 +++++++-------- bitnami/elasticsearch-exporter/README.md | 33 +++++++-------- bitnami/elasticsearch/README.md | 33 +++++++-------- bitnami/envoy-gateway/README.md | 33 +++++++-------- bitnami/envoy-ratelimit/README.md | 33 +++++++-------- bitnami/envoy/README.md | 33 +++++++-------- bitnami/etcd/README.md | 33 +++++++-------- bitnami/express/README.md | 33 +++++++-------- bitnami/external-dns/README.md | 33 +++++++-------- bitnami/flink/README.md | 33 +++++++-------- bitnami/fluent-bit/README.md | 33 +++++++-------- bitnami/fluentd/README.md | 33 +++++++-------- bitnami/fluxcd-helm-controller/README.md | 33 +++++++-------- .../README.md | 33 +++++++-------- .../README.md | 33 +++++++-------- bitnami/fluxcd-kustomize-controller/README.md | 33 +++++++-------- .../fluxcd-notification-controller/README.md | 33 +++++++-------- bitnami/fluxcd-source-controller/README.md | 33 +++++++-------- bitnami/fluxcd-source-watcher/README.md | 4 +- bitnami/ghost/README.md | 33 +++++++-------- bitnami/git/README.md | 33 +++++++-------- bitnami/gitea/README.md | 33 +++++++-------- bitnami/gitlab-runner-helper/README.md | 33 +++++++-------- bitnami/gitlab-runner/README.md | 33 +++++++-------- bitnami/golang/README.md | 33 +++++++-------- bitnami/google-cloud-sdk/README.md | 33 +++++++-------- bitnami/gotrue/README.md | 33 +++++++-------- bitnami/gradle/README.md | 33 +++++++-------- bitnami/grafana-alloy/README.md | 33 +++++++-------- bitnami/grafana-image-renderer/README.md | 33 +++++++-------- bitnami/grafana-k6-operator/README.md | 31 ++++++-------- bitnami/grafana-k6/README.md | 33 +++++++-------- bitnami/grafana-loki/README.md | 31 ++++++-------- bitnami/grafana-mimir/README.md | 33 +++++++-------- bitnami/grafana-operator/README.md | 33 +++++++-------- bitnami/grafana-tempo-query/README.md | 33 +++++++-------- bitnami/grafana-tempo-vulture/README.md | 33 +++++++-------- bitnami/grafana-tempo/README.md | 33 +++++++-------- bitnami/grafana/README.md | 33 +++++++-------- bitnami/haproxy/README.md | 33 +++++++-------- bitnami/harbor-adapter-trivy/README.md | 33 +++++++-------- bitnami/harbor-core/README.md | 33 +++++++-------- bitnami/harbor-exporter/README.md | 33 +++++++-------- bitnami/harbor-jobservice/README.md | 33 +++++++-------- bitnami/harbor-portal/README.md | 33 +++++++-------- bitnami/harbor-registry/README.md | 33 +++++++-------- bitnami/harbor-registryctl/README.md | 33 +++++++-------- bitnami/hubble-relay/README.md | 33 +++++++-------- bitnami/hubble-ui-backend/README.md | 33 +++++++-------- bitnami/hubble-ui/README.md | 33 +++++++-------- bitnami/hyperledger-fabric-ca/README.md | 33 +++++++-------- bitnami/hyperledger-fabric-orderer/README.md | 33 +++++++-------- bitnami/hyperledger-fabric-peer/README.md | 33 +++++++-------- bitnami/hyperledger-fabric-tools/README.md | 33 +++++++-------- bitnami/influxdb/README.md | 33 +++++++-------- bitnami/jaeger/README.md | 33 +++++++-------- bitnami/janusgraph/README.md | 33 +++++++-------- bitnami/java/README.md | 33 +++++++-------- bitnami/jax/README.md | 33 +++++++-------- bitnami/jenkins-agent/README.md | 33 +++++++-------- bitnami/jenkins/README.md | 33 +++++++-------- bitnami/jmx-exporter/README.md | 33 +++++++-------- bitnami/jsonnet/README.md | 33 +++++++-------- bitnami/jupyter-base-notebook/README.md | 33 +++++++-------- bitnami/jupyterhub/README.md | 33 +++++++-------- bitnami/jwt-cli/README.md | 33 +++++++-------- bitnami/kafka/README.md | 33 +++++++-------- bitnami/kaniko/README.md | 31 ++++++-------- bitnami/keycloak-config-cli/README.md | 33 +++++++-------- bitnami/keycloak/README.md | 33 +++++++-------- bitnami/keydb/README.md | 33 +++++++-------- bitnami/kiam/README.md | 33 +++++++-------- bitnami/kibana/README.md | 33 +++++++-------- bitnami/kong-ingress-controller/README.md | 33 +++++++-------- bitnami/kong/README.md | 33 +++++++-------- bitnami/kserve-agent/README.md | 31 ++++++-------- bitnami/kserve-controller/README.md | 31 ++++++-------- .../kserve-localmodel-controller/README.md | 31 ++++++-------- bitnami/kserve-localmodelnode-agent/README.md | 31 ++++++-------- bitnami/kserve-router/README.md | 31 ++++++-------- bitnami/kserve-storage-initializer/README.md | 33 +++++++-------- bitnami/ksql/README.md | 33 +++++++-------- bitnami/kube-arangodb/README.md | 33 +++++++-------- bitnami/kube-rbac-proxy/README.md | 31 ++++++-------- bitnami/kube-state-metrics/README.md | 33 +++++++-------- bitnami/kubectl/README.md | 33 +++++++-------- bitnami/kuberay-apiserver/README.md | 33 +++++++-------- bitnami/kuberay-operator/README.md | 33 +++++++-------- bitnami/kubernetes-event-exporter/README.md | 33 +++++++-------- bitnami/kubescape/README.md | 33 +++++++-------- bitnami/laravel/README.md | 33 +++++++-------- bitnami/logstash/README.md | 33 +++++++-------- bitnami/mariadb-galera/README.md | 33 +++++++-------- bitnami/mariadb/README.md | 31 ++++++-------- bitnami/mastodon/README.md | 33 +++++++-------- bitnami/matomo/README.md | 33 +++++++-------- bitnami/memcached-exporter/README.md | 31 ++++++-------- bitnami/memcached/README.md | 33 +++++++-------- bitnami/metallb-controller/README.md | 33 +++++++-------- bitnami/metallb-speaker/README.md | 33 +++++++-------- bitnami/metrics-server/README.md | 33 +++++++-------- bitnami/milvus/README.md | 33 +++++++-------- bitnami/minio-client/README.md | 33 +++++++-------- bitnami/minio-object-browser/README.md | 31 ++++++-------- bitnami/minio-operator-sidecar/README.md | 31 ++++++-------- bitnami/minio-operator/README.md | 31 ++++++-------- bitnami/minio/README.md | 33 +++++++-------- bitnami/mlflow/README.md | 33 +++++++-------- bitnami/mongodb-exporter/README.md | 33 +++++++-------- bitnami/mongodb-sharded/README.md | 33 +++++++-------- bitnami/mongodb/README.md | 33 +++++++-------- bitnami/moodle/README.md | 33 +++++++-------- bitnami/multus-cni/README.md | 33 +++++++-------- bitnami/mysql/README.md | 33 +++++++-------- bitnami/mysqld-exporter/README.md | 33 +++++++-------- bitnami/nats-exporter/README.md | 33 +++++++-------- bitnami/nats/README.md | 31 ++++++-------- bitnami/natscli/README.md | 33 +++++++-------- bitnami/neo4j/README.md | 33 +++++++-------- bitnami/nessie-utils/README.md | 33 +++++++-------- bitnami/nessie/README.md | 33 +++++++-------- bitnami/nginx-exporter/README.md | 33 +++++++-------- bitnami/nginx-ingress-controller/README.md | 33 +++++++-------- bitnami/nginx/README.md | 33 +++++++-------- bitnami/node-exporter/README.md | 33 +++++++-------- bitnami/node/README.md | 33 +++++++-------- bitnami/notation/README.md | 33 +++++++-------- bitnami/oauth2-proxy/README.md | 33 +++++++-------- bitnami/odoo/README.md | 33 +++++++-------- bitnami/openldap/README.md | 33 +++++++-------- bitnami/openresty/README.md | 33 +++++++-------- bitnami/opensearch-dashboards/README.md | 33 +++++++-------- bitnami/opensearch/README.md | 33 +++++++-------- bitnami/oras/README.md | 31 ++++++-------- bitnami/os-shell/README.md | 33 +++++++-------- bitnami/parse-dashboard/README.md | 33 +++++++-------- bitnami/parse/README.md | 33 +++++++-------- bitnami/percona-mysql/README.md | 33 +++++++-------- bitnami/pgbouncer/README.md | 33 +++++++-------- bitnami/pgpool/README.md | 33 +++++++-------- bitnami/php-fpm/README.md | 33 +++++++-------- bitnami/phpmyadmin/README.md | 33 +++++++-------- bitnami/pinniped-cli/README.md | 33 +++++++-------- bitnami/pinniped/README.md | 31 ++++++-------- bitnami/plugin-barman-cloud-sidecar/README.md | 33 +++++++-------- bitnami/plugin-barman-cloud/README.md | 31 ++++++-------- bitnami/postgres-exporter/README.md | 33 +++++++-------- bitnami/postgresql-repmgr/README.md | 33 +++++++-------- bitnami/postgresql/README.md | 33 +++++++-------- bitnami/postgrest/README.md | 33 +++++++-------- bitnami/prometheus-operator/README.md | 33 +++++++-------- bitnami/prometheus-rsocket-proxy/README.md | 33 +++++++-------- bitnami/prometheus/README.md | 33 +++++++-------- bitnami/pushgateway/README.md | 33 +++++++-------- bitnami/pymilvus/README.md | 33 +++++++-------- bitnami/python/README.md | 33 +++++++-------- bitnami/pytorch/README.md | 33 +++++++-------- bitnami/rabbitmq-cluster-operator/README.md | 31 ++++++-------- bitnami/rabbitmq/README.md | 33 +++++++-------- bitnami/rails/README.md | 33 +++++++-------- bitnami/ray/README.md | 33 +++++++-------- bitnami/rclone/README.md | 33 +++++++-------- bitnami/redis-cluster/README.md | 33 +++++++-------- bitnami/redis-exporter/README.md | 33 +++++++-------- bitnami/redis-sentinel/README.md | 33 +++++++-------- bitnami/redis/README.md | 33 +++++++-------- bitnami/redmine/README.md | 33 +++++++-------- .../rmq-default-credential-updater/README.md | 31 ++++++-------- .../rmq-messaging-topology-operator/README.md | 31 ++++++-------- bitnami/ruby/README.md | 33 +++++++-------- bitnami/rust/README.md | 33 +++++++-------- bitnami/schema-registry/README.md | 33 +++++++-------- bitnami/scylladb/README.md | 33 +++++++-------- bitnami/sealed-secrets-controller/README.md | 31 ++++++-------- bitnami/sealed-secrets-kubeseal/README.md | 31 ++++++-------- bitnami/seaweedfs/README.md | 33 +++++++-------- bitnami/solr/README.md | 33 +++++++-------- bitnami/sonarqube/README.md | 33 +++++++-------- bitnami/spark/README.md | 33 +++++++-------- bitnami/statsd-exporter/README.md | 33 +++++++-------- bitnami/suitecrm/README.md | 33 +++++++-------- bitnami/superset/README.md | 33 +++++++-------- bitnami/telegraf/README.md | 33 +++++++-------- bitnami/tensorflow-resnet/README.md | 33 +++++++-------- bitnami/tensorflow-serving/README.md | 33 +++++++-------- bitnami/tensorflow/README.md | 33 +++++++-------- bitnami/thanos/README.md | 31 ++++++-------- bitnami/tomcat/README.md | 33 +++++++-------- bitnami/trivy/README.md | 31 ++++++-------- bitnami/valkey-cluster/README.md | 33 +++++++-------- bitnami/valkey-sentinel/README.md | 33 +++++++-------- bitnami/valkey/README.md | 33 +++++++-------- bitnami/vault-csi-provider/README.md | 33 +++++++-------- bitnami/vault-k8s/README.md | 33 +++++++-------- bitnami/vault/README.md | 33 +++++++-------- bitnami/victoriametrics-vmagent/README.md | 31 ++++++-------- bitnami/victoriametrics-vmalert/README.md | 31 ++++++-------- bitnami/victoriametrics-vmauth/README.md | 31 ++++++-------- bitnami/victoriametrics-vminsert/README.md | 31 ++++++-------- bitnami/victoriametrics-vmselect/README.md | 31 ++++++-------- bitnami/victoriametrics-vmstorage/README.md | 31 ++++++-------- bitnami/volsync/README.md | 33 +++++++-------- bitnami/whereabouts/README.md | 33 +++++++-------- bitnami/wildfly/README.md | 33 +++++++-------- bitnami/wordpress-nginx/README.md | 33 +++++++-------- bitnami/wordpress/README.md | 33 +++++++-------- bitnami/zipkin/README.md | 33 +++++++-------- bitnami/zookeeper/README.md | 33 +++++++-------- 262 files changed, 3609 insertions(+), 4908 deletions(-) diff --git a/README.md b/README.md index d9cac4daac79..a8c01f4b404e 100644 --- a/README.md +++ b/README.md @@ -14,9 +14,10 @@ Popular applications, provided by [Bitnami](https://bitnami.com), containerized and ready to launch. -## Why choose BSI images? +## Why use Bitnami Secure Images? + +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -- Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/) - Hardened secure images of popular open source software with Near-Zero Vulnerabilities - Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores - Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) diff --git a/bitnami/acmesolver/README.md b/bitnami/acmesolver/README.md index a0913934eb81..f73688e67af8 100644 --- a/bitnami/acmesolver/README.md +++ b/bitnami/acmesolver/README.md @@ -20,27 +20,22 @@ docker run --name redis -e ALLOW_EMPTY_PASSWORD=yes bitnami/acmesolver:latest Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -62,7 +57,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### FIPS configuration in Bitnami Secure Images -The Bitnami ACME Solver Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ACME Solver Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/airflow/README.md b/bitnami/airflow/README.md index ae866ac43e80..3f360ab5e194 100644 --- a/bitnami/airflow/README.md +++ b/bitnami/airflow/README.md @@ -16,27 +16,22 @@ docker run --name airflow bitnami/airflow:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -480,7 +475,7 @@ docker run -d --name airflow -p 8080:8080 \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Airflow Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Airflow Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/alertmanager/README.md b/bitnami/alertmanager/README.md index 777627184eb2..2618e38b66c6 100644 --- a/bitnami/alertmanager/README.md +++ b/bitnami/alertmanager/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name alertmanager bitnami/alertmanager:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -139,7 +134,7 @@ Configuration is yaml based. The full documentation of the configuration can be ### FIPS configuration in Bitnami Secure Images -The Bitnami AlertManager Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami AlertManager Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/apache-exporter/README.md b/bitnami/apache-exporter/README.md index 1164d4c53a8a..c4321d48d111 100644 --- a/bitnami/apache-exporter/README.md +++ b/bitnami/apache-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name apache-exporter bitnami/apache-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration flags in [the Apache Exporter official documentation] ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/apache/README.md b/bitnami/apache/README.md index c3b18b63b634..266965e79fa2 100644 --- a/bitnami/apache/README.md +++ b/bitnami/apache/README.md @@ -15,27 +15,22 @@ docker run --name apache bitnami/apache:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Apache in Kubernetes? @@ -294,7 +289,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/apisix-ingress-controller/README.md b/bitnami/apisix-ingress-controller/README.md index a81d81737307..e52412c5af6a 100644 --- a/bitnami/apisix-ingress-controller/README.md +++ b/bitnami/apisix-ingress-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name apisix-ingress-controller bitnami/apisix-ingress-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Apache APISIX Ingress Controller documentation](https://gith ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache APISIX Ingress Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache APISIX Ingress Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/apisix/README.md b/bitnami/apisix/README.md index f8a9da6a4d95..641df8758929 100644 --- a/bitnami/apisix/README.md +++ b/bitnami/apisix/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name apisix bitnami/apisix:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Apache APISIX documentation](https://apisix.apache.org/docs/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache APISIX Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache APISIX Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/appsmith/README.md b/bitnami/appsmith/README.md index 5b1ab53513b8..d9fca4d45f99 100644 --- a/bitnami/appsmith/README.md +++ b/bitnami/appsmith/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name appsmith bitnami/appsmith:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -228,7 +223,7 @@ The Bitnami Appsmith container supports connecting the Appsmith application to a ### FIPS configuration in Bitnami Secure Images -The Bitnami Appsmith Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Appsmith Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/arangodb/README.md b/bitnami/arangodb/README.md index f3cd25df4ebd..f6b0709c8d35 100644 --- a/bitnami/arangodb/README.md +++ b/bitnami/arangodb/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name arangodb bitnami/arangodb:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official ArangoDB documentation](https://docs.arangodb.com) for more ### FIPS configuration in Bitnami Secure Images -The Bitnami ArangoDB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ArangoDB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/argo-cd/README.md b/bitnami/argo-cd/README.md index 77335f37e11d..ab5a2e4d4493 100644 --- a/bitnami/argo-cd/README.md +++ b/bitnami/argo-cd/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-cd bitnami/argo-cd:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Argo CD documentation](https://argo-cd.readthedocs.io/en/sta ### FIPS configuration in Bitnami Secure Images -The Bitnami Argo CD Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Argo CD Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/argo-workflow-cli/README.md b/bitnami/argo-workflow-cli/README.md index 0a669f55c8c4..1cac927ec920 100644 --- a/bitnami/argo-workflow-cli/README.md +++ b/bitnami/argo-workflow-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-cli bitnami/argo-workflow-cli ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Argo Workflows CLI in Kubernetes? diff --git a/bitnami/argo-workflow-controller/README.md b/bitnami/argo-workflow-controller/README.md index cfc9bae5c3d1..4dea22d1f334 100644 --- a/bitnami/argo-workflow-controller/README.md +++ b/bitnami/argo-workflow-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-controller bitnami/argo-workflow-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Argo Workflows Controller in Kubernetes? diff --git a/bitnami/argo-workflow-exec/README.md b/bitnami/argo-workflow-exec/README.md index 7d9dc3985fdc..9c511d99d71f 100644 --- a/bitnami/argo-workflow-exec/README.md +++ b/bitnami/argo-workflow-exec/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name argo-workflow-exec bitnami/argo-workflow-exec:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Argo Workflows Executor in Kubernetes? @@ -109,7 +104,7 @@ Check the [official Argo Workflows Executor documentation](https://argoproj.gith ### FIPS configuration in Bitnami Secure Images -The Bitnami Argo Workflow Executor Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Argo Workflow Executor Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/aspnet-core/README.md b/bitnami/aspnet-core/README.md index 2edee2fe87d0..6a1eba699f4e 100644 --- a/bitnami/aspnet-core/README.md +++ b/bitnami/aspnet-core/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name aspnet-core bitnami/aspnet-core:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -117,7 +112,7 @@ We can launch another containers using the same flag (`--network NETWORK`) in th ### FIPS configuration in Bitnami Secure Images -The Bitnami ASP.NET Core Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ASP.NET Core Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/attu/README.md b/bitnami/attu/README.md index 34e36d1cbedf..f48c5f89747e 100644 --- a/bitnami/attu/README.md +++ b/bitnami/attu/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name attu bitnami/attu ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Attu documentation](https://github.com/zilliztech/attudocs/) ### FIPS configuration in Bitnami Secure Images -The Bitnami Attu Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Attu Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/aws-cli/README.md b/bitnami/aws-cli/README.md index 2bc1918f3a44..19b67a9f1b16 100644 --- a/bitnami/aws-cli/README.md +++ b/bitnami/aws-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name aws-cli bitnami/aws-cli:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -87,7 +82,7 @@ docker run --rm --name aws-cli -v /path/to/your/aws/config:/.aws/config bitnami/ ### FIPS configuration in Bitnami Secure Images -The Bitnami AWS CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami AWS CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/azure-cli/README.md b/bitnami/azure-cli/README.md index 50271e840bcc..ee40a9e48be4 100644 --- a/bitnami/azure-cli/README.md +++ b/bitnami/azure-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name azure-cli bitnami/azure-cli:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -87,7 +82,7 @@ docker run --rm --name azure-cli -v /path/to/your/az/config:/.azure/config bitna ### FIPS configuration in Bitnami Secure Images -The Bitnami Azure CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Azure CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/blackbox-exporter/README.md b/bitnami/blackbox-exporter/README.md index 8cae8bd119e4..06e6fd24f4d0 100644 --- a/bitnami/blackbox-exporter/README.md +++ b/bitnami/blackbox-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name blackbox-exporter bitnami/blackbox-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -140,7 +135,7 @@ scrape_configs: ### FIPS configuration in Bitnami Secure Images -The Bitnami Blackbox Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Blackbox Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cadvisor/README.md b/bitnami/cadvisor/README.md index 480067e6ac57..b275074bdd6b 100644 --- a/bitnami/cadvisor/README.md +++ b/bitnami/cadvisor/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cadvisor bitnami/cadvisor:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official cAdvisor documentation](https://github.com/google/cadvisor) ### FIPS configuration in Bitnami Secure Images -The Bitnami cAdvisor Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami cAdvisor Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cainjector/README.md b/bitnami/cainjector/README.md index 022ddfd45edc..e0a828f11d08 100644 --- a/bitnami/cainjector/README.md +++ b/bitnami/cainjector/README.md @@ -20,27 +20,22 @@ docker run --name cainjector -e ALLOW_EMPTY_PASSWORD=yes bitnami/cainjector:late Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -62,7 +57,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### FIPS configuration in Bitnami Secure Images -The Bitnami CA Injector Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami CA Injector Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cassandra-exporter/README.md b/bitnami/cassandra-exporter/README.md index 4ba1bbdf47e7..9c173a97bf5d 100644 --- a/bitnami/cassandra-exporter/README.md +++ b/bitnami/cassandra-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cassandra-exporter bitnami/cassandra-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration options in the [Cassandra Prometheus Exporter documen ### FIPS configuration in Bitnami Secure Images -The Bitnami Cassandra Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cassandra Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cassandra/README.md b/bitnami/cassandra/README.md index 85cd8c48afa8..f43b63310fb9 100644 --- a/bitnami/cassandra/README.md +++ b/bitnami/cassandra/README.md @@ -15,27 +15,22 @@ docker run --name cassandra bitnami/cassandra:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -440,7 +435,7 @@ Refer to the [configuration](http://docs.datastax.com/en/cassandra/3.x/cassandra ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Cassandra Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Cassandra Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cert-manager-webhook/README.md b/bitnami/cert-manager-webhook/README.md index 8c22beaf996b..f8ea9b130225 100644 --- a/bitnami/cert-manager-webhook/README.md +++ b/bitnami/cert-manager-webhook/README.md @@ -20,27 +20,22 @@ docker run --name cert-manager-webhook -e ALLOW_EMPTY_PASSWORD=yes bitnami/cert- Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -62,7 +57,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### FIPS configuration in Bitnami Secure Images -The Bitnami cert-manager Webhook Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami cert-manager Webhook Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cert-manager/README.md b/bitnami/cert-manager/README.md index 3355ea17db0c..469475d8ddf4 100644 --- a/bitnami/cert-manager/README.md +++ b/bitnami/cert-manager/README.md @@ -20,27 +20,22 @@ docker run --name cert-manager -e ALLOW_EMPTY_PASSWORD=yes bitnami/cert-manager: Kubernetes cluster with `CustomResourceDefinition` or `ThirdPartyResource support` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -62,7 +57,7 @@ For further documentation, please check [here](https://github.com/jetstack/cert- ### FIPS configuration in Bitnami Secure Images -The Bitnami cert-manager Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami cert-manager Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/chainloop-artifact-cas/README.md b/bitnami/chainloop-artifact-cas/README.md index 90f3a8c1094c..55858dc76ec5 100644 --- a/bitnami/chainloop-artifact-cas/README.md +++ b/bitnami/chainloop-artifact-cas/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-artifact-cas bitnami/chainloop-artifact-cas:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/chainloop-control-plane-migrations/README.md b/bitnami/chainloop-control-plane-migrations/README.md index bb0b7168703a..908adc294074 100644 --- a/bitnami/chainloop-control-plane-migrations/README.md +++ b/bitnami/chainloop-control-plane-migrations/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-control-plane-migrations bitnami/chainloop-control-plane-migrations:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/chainloop-control-plane/README.md b/bitnami/chainloop-control-plane/README.md index 14773c52fd0b..0891639cfd23 100644 --- a/bitnami/chainloop-control-plane/README.md +++ b/bitnami/chainloop-control-plane/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name chainloop-control-plane bitnami/chainloop-control-plane:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/charts-syncer/README.md b/bitnami/charts-syncer/README.md index eb4b45f1a094..82a1ab6a199c 100644 --- a/bitnami/charts-syncer/README.md +++ b/bitnami/charts-syncer/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name charts-syncer bitnami/charts-syncer:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/cilium-operator/README.md b/bitnami/cilium-operator/README.md index e30d9994a4a4..ff1dd20f1a4e 100644 --- a/bitnami/cilium-operator/README.md +++ b/bitnami/cilium-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium-operator bitnami/cilium-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Check the [official Cilium Operator documentation](https://docs.cilium.io/en/sta ### FIPS configuration in Bitnami Secure Images -The Bitnami Cilium Operator Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cilium Operator Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cilium-proxy/README.md b/bitnami/cilium-proxy/README.md index 27f5ac606d68..277ef800697b 100644 --- a/bitnami/cilium-proxy/README.md +++ b/bitnami/cilium-proxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium-proxy bitnami/cilium-proxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Cilium Proxy in Kubernetes? @@ -87,7 +82,7 @@ Check the [official Cilium Proxy documentation](https://docs.cilium.io/en/stable ### FIPS configuration in Bitnami Secure Images -The Bitnami Cilium Proxy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cilium Proxy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cilium/README.md b/bitnami/cilium/README.md index 6275d1e28a87..e8bea8a791a3 100644 --- a/bitnami/cilium/README.md +++ b/bitnami/cilium/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cilium bitnami/cilium:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Check the [official Cilium documentation](https://docs.cilium.io/en/latest/cheat ### FIPS configuration in Bitnami Secure Images -The Bitnami Cilium Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cilium Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/clickhouse-keeper/README.md b/bitnami/clickhouse-keeper/README.md index be06f2ce5a3e..ffc7d68c50ff 100644 --- a/bitnami/clickhouse-keeper/README.md +++ b/bitnami/clickhouse-keeper/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-keeper bitnami/clickhouse-keeper:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -221,7 +216,7 @@ Check the [official ClickHouse Keeper configuration documentation](https://click ### FIPS configuration in Bitnami Secure Images -The Bitnami ClickHouse Keeper Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ClickHouse Keeper Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/clickhouse-operator-metrics-exporter/README.md b/bitnami/clickhouse-operator-metrics-exporter/README.md index 482243da4a3b..8b8e5a92572d 100644 --- a/bitnami/clickhouse-operator-metrics-exporter/README.md +++ b/bitnami/clickhouse-operator-metrics-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-operator-metrics-exporter bitnami/clickhouse-operator-metrics-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/clickhouse-operator/README.md b/bitnami/clickhouse-operator/README.md index 9afbe0e2250e..6210ae28d7c8 100644 --- a/bitnami/clickhouse-operator/README.md +++ b/bitnami/clickhouse-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse-operator bitnami/clickhouse-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/clickhouse/README.md b/bitnami/clickhouse/README.md index 1680c9add034..bd95e0188f0a 100644 --- a/bitnami/clickhouse/README.md +++ b/bitnami/clickhouse/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name clickhouse bitnami/clickhouse:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy ClickHouse in Kubernetes? @@ -276,7 +271,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami ClickHouse Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ClickHouse Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cloudnative-pg/README.md b/bitnami/cloudnative-pg/README.md index 152f7d97ef05..0167683ef698 100644 --- a/bitnami/cloudnative-pg/README.md +++ b/bitnami/cloudnative-pg/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name cloudnative-pg bitnami/cloudnative-pg:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/cluster-autoscaler/README.md b/bitnami/cluster-autoscaler/README.md index f424dd38aafc..50ba77f59dd0 100644 --- a/bitnami/cluster-autoscaler/README.md +++ b/bitnami/cluster-autoscaler/README.md @@ -15,6 +15,23 @@ docker run --name cluster-autoscaler -e ALLOW_EMPTY_PASSWORD=yes bitnami/cluster **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. +## Why use Bitnami Secure Images? + +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? + +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). + ## How to deploy Cluster Autoscaler in Kubernetes? Cluster Autoscaler runs on the Kubernetes master node on most K8s cloud offerings. @@ -36,28 +53,6 @@ Please note that Cluster Autoscaler a series of permissions/privileges to adjust > NOTE: Find resources to deploy Cluster Autoscaler on AWS in the [aws-examples](https://github.com/bitnami/containers/tree/main/bitnami/cluster-autoscaler/aws-examples) directory. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -* Granting community users access for the first time to security-optimized versions of popular container images. -* Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -* Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -* For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - -## Why use Bitnami Secure Images? - -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. - -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). - ## Why use a non-root container? Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-work-with-non-root-containers-index.html). @@ -132,7 +127,7 @@ For example, for a node label of foo=bar, you would tag the ASG with: ### FIPS configuration in Bitnami Secure Images -The Bitnami Cluster Autoscaler Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cluster Autoscaler Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/concourse/README.md b/bitnami/concourse/README.md index b70df19b0060..952c6ea04ae9 100644 --- a/bitnami/concourse/README.md +++ b/bitnami/concourse/README.md @@ -14,27 +14,22 @@ docker run --name concourse bitnami/concourse:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [PostgreSQL container](https://github.com/bitnami/containers/tree/main/bitnami/postgresql#readme) for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -130,7 +125,7 @@ Find how to configure Concourse in its [official documentation](https://concours ### FIPS configuration in Bitnami Secure Images -The Bitnami Concourse Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Concourse Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/configmap-reload/README.md b/bitnami/configmap-reload/README.md index 5b2213a49eb4..adaca88ee0c3 100644 --- a/bitnami/configmap-reload/README.md +++ b/bitnami/configmap-reload/README.md @@ -11,27 +11,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [ConfigMap Reload](https://github.com/jimmidyson/configmap-reload/blob/master/README.md) on your Kubernetes cluster. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -79,7 +74,7 @@ Find how to configure ConfigMap Reload in its [official documentation](https://g ### FIPS configuration in Bitnami Secure Images -The Bitnami ConfigMap Reload Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ConfigMap Reload Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/configurable-http-proxy/README.md b/bitnami/configurable-http-proxy/README.md index 19d3a8b96626..3a2d46925912 100644 --- a/bitnami/configurable-http-proxy/README.md +++ b/bitnami/configurable-http-proxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name configurable-http-proxy bitnami/configurable-http-proxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Configurable HTTP Proxy documentation](https://github.com/ju ### FIPS configuration in Bitnami Secure Images -The Bitnami Configurable HTTP Proxy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Configurable HTTP Proxy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/consul-exporter/README.md b/bitnami/consul-exporter/README.md index 18cc150a37de..cd3862f1ca5d 100644 --- a/bitnami/consul-exporter/README.md +++ b/bitnami/consul-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name consul-exporter bitnami/consul-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration options in the [Consul Prometheus Exporter documentat ### FIPS configuration in Bitnami Secure Images -The Bitnami Consul Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Consul Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/consul/README.md b/bitnami/consul/README.md index 49610a91d822..78c07f18f49b 100644 --- a/bitnami/consul/README.md +++ b/bitnami/consul/README.md @@ -15,27 +15,22 @@ docker run --name consul bitnami/consul:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy HashiCorp Consul in Kubernetes? @@ -430,7 +425,7 @@ The container has a HashiCorp Consul configuration directory set up at /consul/c ### FIPS configuration in Bitnami Secure Images -The Bitnami HashiCorp Consul Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami HashiCorp Consul Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/contour/README.md b/bitnami/contour/README.md index 31333df44077..356d0155c5f3 100644 --- a/bitnami/contour/README.md +++ b/bitnami/contour/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name contour bitnami/contour:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -113,7 +108,7 @@ Find how to configure Contour in its [official documentation](https://projectcon ### FIPS configuration in Bitnami Secure Images -The Bitnami Contour Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Contour Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cosign/README.md b/bitnami/cosign/README.md index 2a512b780775..e8c62bcc31cd 100644 --- a/bitnami/cosign/README.md +++ b/bitnami/cosign/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name cosign bitnami/cosign ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Cosign documentation](https://github.com/sigstore/cosign/tre ### FIPS configuration in Bitnami Secure Images -The Bitnami Cosign Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cosign Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/couchdb/README.md b/bitnami/couchdb/README.md index 960b58566dc9..f81eb1bec007 100644 --- a/bitnami/couchdb/README.md +++ b/bitnami/couchdb/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name couchdb bitnami/couchdb:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -223,7 +218,7 @@ In order to configure CouchDB as a cluster of nodes, please make sure you set pr ### FIPS configuration in Bitnami Secure Images -The Bitnami CouchDB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami CouchDB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/cypress/README.md b/bitnami/cypress/README.md index d31b6586b44f..9c2110d63145 100644 --- a/bitnami/cypress/README.md +++ b/bitnami/cypress/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name cypress bitnami/cypress ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -102,7 +97,7 @@ USER 1001 ### FIPS configuration in Bitnami Secure Images -The Bitnami Cypress Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Cypress Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/deepspeed/README.md b/bitnami/deepspeed/README.md index ca475e36573f..c276f9100ee8 100644 --- a/bitnami/deepspeed/README.md +++ b/bitnami/deepspeed/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name deepspeed bitnami/deepspeed:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official DeepSpeed documentation](https://www.deepspeed.ai/docs/) for ### FIPS configuration in Bitnami Secure Images -The Bitnami DeepSpeed Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami DeepSpeed Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/dex/README.md b/bitnami/dex/README.md index cf3c4ffdaab8..0a9819f6d98e 100644 --- a/bitnami/dex/README.md +++ b/bitnami/dex/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name dex bitnami/dex ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Dex documentation](https://dexidp.io/docs/) for more informa ### FIPS configuration in Bitnami Secure Images -The Bitnami Dex Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Dex Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/discourse/README.md b/bitnami/discourse/README.md index 7048cd82132d..c39a289bb3b8 100644 --- a/bitnami/discourse/README.md +++ b/bitnami/discourse/README.md @@ -16,27 +16,22 @@ docker run --name discourse bitnami/discourse:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -462,7 +457,7 @@ In case the database already contains data from a previous Discourse installatio ### FIPS configuration in Bitnami Secure Images -The Bitnami Discourse® Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Discourse® Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/dotnet-sdk/README.md b/bitnami/dotnet-sdk/README.md index e0b870ceeb41..8117a325b7be 100644 --- a/bitnami/dotnet-sdk/README.md +++ b/bitnami/dotnet-sdk/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name dotnet-sdk bitnami/dotnet-sdk:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -167,7 +162,7 @@ If you detect any issue in the `docker-compose.yaml` file, feel free to report i ### FIPS configuration in Bitnami Secure Images -The Bitnami .NET SDK Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami .NET SDK Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/dotnet/README.md b/bitnami/dotnet/README.md index e2fdbc49f89e..275149e849bc 100644 --- a/bitnami/dotnet/README.md +++ b/bitnami/dotnet/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name dotnet bitnami/dotnet:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -117,7 +112,7 @@ We can launch another containers using the same flag (`--network.NETWORK`) in th ### FIPS configuration in Bitnami Secure Images -The Bitnami .NET Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami .NET Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/dremio/README.md b/bitnami/dremio/README.md index 6b9c41cb798e..0298b0b88d92 100644 --- a/bitnami/dremio/README.md +++ b/bitnami/dremio/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name dremio bitnami/dremio ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -101,7 +96,7 @@ This container supports the upstream Dremio environment variables. Check the [of ### FIPS configuration in Bitnami Secure Images -The Bitnami Dremio Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Dremio Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/drupal/README.md b/bitnami/drupal/README.md index 21ac9da5885c..4d6e27222161 100644 --- a/bitnami/drupal/README.md +++ b/bitnami/drupal/README.md @@ -16,27 +16,22 @@ docker run --name drupal bitnami/drupal:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -304,7 +299,7 @@ This would be an example of SMTP configuration using a Gmail account: ### FIPS configuration in Bitnami Secure Images -The Bitnami Drupal Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Drupal Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/ejbca/README.md b/bitnami/ejbca/README.md index feafef4e3bee..8188bbe1a88d 100644 --- a/bitnami/ejbca/README.md +++ b/bitnami/ejbca/README.md @@ -15,27 +15,22 @@ docker run --name ejbca bitnami/ejbca:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -232,7 +227,7 @@ You can also do this with a minor change to the [`docker-compose.yml`](https://g ### FIPS configuration in Bitnami Secure Images -The Bitnami EJBCA Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami EJBCA Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/elasticsearch-exporter/README.md b/bitnami/elasticsearch-exporter/README.md index e984115752da..8b4e1763341d 100644 --- a/bitnami/elasticsearch-exporter/README.md +++ b/bitnami/elasticsearch-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name elasticsearch-exporter bitnami/elasticsearch-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -107,7 +102,7 @@ In `/metrics` you can find the exported metrics. ### FIPS configuration in Bitnami Secure Images -The Bitnami Elasticsearch Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Elasticsearch Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/elasticsearch/README.md b/bitnami/elasticsearch/README.md index b3677e2c3708..a65e381478b3 100644 --- a/bitnami/elasticsearch/README.md +++ b/bitnami/elasticsearch/README.md @@ -15,27 +15,22 @@ docker run --name elasticsearch bitnami/elasticsearch:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Elasticsearch in Kubernetes? @@ -418,7 +413,7 @@ In order to have your custom files inside the Docker image, you can mount them a ### FIPS configuration in Bitnami Secure Images -The Bitnami Elasticsearch Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Elasticsearch Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/envoy-gateway/README.md b/bitnami/envoy-gateway/README.md index e7909de6ab9f..776014612c33 100644 --- a/bitnami/envoy-gateway/README.md +++ b/bitnami/envoy-gateway/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy-gateway bitnami/envoy-gateway:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Envoy Gateway documentation](https://gateway.envoyproxy.io/) ### FIPS configuration in Bitnami Secure Images -The Bitnami Envoy Gateway Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Envoy Gateway Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/envoy-ratelimit/README.md b/bitnami/envoy-ratelimit/README.md index a69b7cb3e913..c45a8d9ed63e 100644 --- a/bitnami/envoy-ratelimit/README.md +++ b/bitnami/envoy-ratelimit/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy-ratelimit bitnami/envoy-ratelimit:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Envoy Rate Limit documentation](https://github.com/envoyprox ### FIPS configuration in Bitnami Secure Images -The Bitnami Envoy Rate Limit Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Envoy Rate Limit Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/envoy/README.md b/bitnami/envoy/README.md index 0b3ae2bed5f7..f54726f509b9 100644 --- a/bitnami/envoy/README.md +++ b/bitnami/envoy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name envoy bitnami/envoy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -89,7 +84,7 @@ Visit the [official envoy documentation](https://www.envoyproxy.io/docs/envoy/la ### FIPS configuration in Bitnami Secure Images -The Bitnami Envoy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Envoy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/etcd/README.md b/bitnami/etcd/README.md index fda859aff57d..051d96beef63 100644 --- a/bitnami/etcd/README.md +++ b/bitnami/etcd/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name etcd bitnami/etcd:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Etcd in Kubernetes? @@ -238,7 +233,7 @@ Additionally, you can configure etcd using the upstream env variables [here](htt ### FIPS configuration in Bitnami Secure Images -The Bitnami Etcd Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Etcd Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/express/README.md b/bitnami/express/README.md index 2f81f1782abf..61809c972f21 100644 --- a/bitnami/express/README.md +++ b/bitnami/express/README.md @@ -18,27 +18,22 @@ docker run --name express -v ${PWD}/my-project:/app bitnami/express:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [MongoDB® container](https://github.com/bitnami/containers/blob/main/bitnami/mongodb#readme) for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -112,7 +107,7 @@ In addition to the Express Development Container, the [docker-compose.yml](https ### FIPS configuration in Bitnami Secure Images -The Bitnami Express Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Express Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/external-dns/README.md b/bitnami/external-dns/README.md index 0304163b766d..6d09f1b3bc69 100644 --- a/bitnami/external-dns/README.md +++ b/bitnami/external-dns/README.md @@ -15,27 +15,22 @@ Deploy ExternalDNS on your [GKE cluster](https://github.com/kubernetes-incubator docker run --name external-dns bitnami/external-dns:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy ExternalDNS in Kubernetes? @@ -59,7 +54,7 @@ For further documentation, please check [here](https://github.com/kubernetes-inc ### FIPS configuration in Bitnami Secure Images -The Bitnami ExternalDNS Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ExternalDNS Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/flink/README.md b/bitnami/flink/README.md index 5c79831a0e44..8563e87ef04f 100644 --- a/bitnami/flink/README.md +++ b/bitnami/flink/README.md @@ -14,27 +14,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name flink bitnami/flink:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -121,7 +116,7 @@ Check the [official Apache Flink documentation](https://flink.apache.org//docs) ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Flink Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Flink Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluent-bit/README.md b/bitnami/fluent-bit/README.md index 2fb654053d5a..bf136e5b1b7a 100644 --- a/bitnami/fluent-bit/README.md +++ b/bitnami/fluent-bit/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name fluent-bit bitnami/fluent-bit:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -136,7 +131,7 @@ Fluent Bit is flexible enough to be configured either from the command line or t ### FIPS configuration in Bitnami Secure Images -The Bitnami Fluent Bit Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Fluent Bit Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluentd/README.md b/bitnami/fluentd/README.md index 87ccb6719dcd..ec0c6996cdca 100644 --- a/bitnami/fluentd/README.md +++ b/bitnami/fluentd/README.md @@ -15,27 +15,22 @@ docker run --name fluentd bitnami/fluentd:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -143,7 +138,7 @@ Environment variable below are configurable to control how to execute fluentd pr ### FIPS configuration in Bitnami Secure Images -The Bitnami Fluentd Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Fluentd Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-helm-controller/README.md b/bitnami/fluxcd-helm-controller/README.md index 0ef822fed569..1f888621c156 100644 --- a/bitnami/fluxcd-helm-controller/README.md +++ b/bitnami/fluxcd-helm-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-helm-controller bitnami/fluxcd-helm-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Flux Helm Controller documentation](https://github.com/fluxc ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Helm Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Helm Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-image-automation-controller/README.md b/bitnami/fluxcd-image-automation-controller/README.md index 1e9be9932a23..b338594ab214 100644 --- a/bitnami/fluxcd-image-automation-controller/README.md +++ b/bitnami/fluxcd-image-automation-controller/README.md @@ -14,27 +14,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-image-automation-controller bitnami/fluxcd-image-automation-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -106,7 +101,7 @@ Check the [official Flux Image Automation Controller documentation](https://gith ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Image Automation Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Image Automation Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-image-reflector-controller/README.md b/bitnami/fluxcd-image-reflector-controller/README.md index 595efcb5df1b..a2277f885252 100644 --- a/bitnami/fluxcd-image-reflector-controller/README.md +++ b/bitnami/fluxcd-image-reflector-controller/README.md @@ -14,27 +14,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-image-reflector-controller bitnami/fluxcd-image-reflector-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -106,7 +101,7 @@ Check the [official Flux Image Reflector Controller documentation](https://githu ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Image Reflector Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Image Reflector Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-kustomize-controller/README.md b/bitnami/fluxcd-kustomize-controller/README.md index 2b3eb934671f..ba9799e6925a 100644 --- a/bitnami/fluxcd-kustomize-controller/README.md +++ b/bitnami/fluxcd-kustomize-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-kustomize-controller bitnami/fluxcd-kustomize-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Flux Kustomize Controller documentation](https://github.com/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Kustomize Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Kustomize Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-notification-controller/README.md b/bitnami/fluxcd-notification-controller/README.md index 6104ca7d140f..fc17dc65bbc0 100644 --- a/bitnami/fluxcd-notification-controller/README.md +++ b/bitnami/fluxcd-notification-controller/README.md @@ -14,27 +14,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name fluxcd-notification-controller bitnami/fluxcd-notification-controller ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -106,7 +101,7 @@ Check the [official Flux Notification Controller documentation](https://github.c ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Notification Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Notification Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-source-controller/README.md b/bitnami/fluxcd-source-controller/README.md index d8bc5ca48263..817689f95506 100644 --- a/bitnami/fluxcd-source-controller/README.md +++ b/bitnami/fluxcd-source-controller/README.md @@ -20,27 +20,22 @@ curl -sSL https://raw.githubusercontent.com/bitnami/containers/main/bitnami/flux docker-compose up -d ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -126,7 +121,7 @@ Check the [official Flux documentation](https://github.com/fluxcd/source-control ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/fluxcd-source-watcher/README.md b/bitnami/fluxcd-source-watcher/README.md index cf24e2e2e422..a71cb88b12c7 100644 --- a/bitnami/fluxcd-source-watcher/README.md +++ b/bitnami/fluxcd-source-watcher/README.md @@ -22,7 +22,7 @@ docker run --name bitnami/:latest - Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. - Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://go-vmware.broadcom.com/contact-us). ## Supported tags and respective `Dockerfile` links @@ -72,7 +72,7 @@ Check the [official Flux Source Watcher documentation](https://github.com/fluxcd ### FIPS configuration in Bitnami Secure Images -The Bitnami Flux Source Watcher Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Flux Source Watcher Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/ghost/README.md b/bitnami/ghost/README.md index 2be1ccbbfd63..d60e5a4d39b0 100644 --- a/bitnami/ghost/README.md +++ b/bitnami/ghost/README.md @@ -16,27 +16,22 @@ docker run --name ghost bitnami/ghost:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Ghost in Kubernetes? @@ -349,7 +344,7 @@ In case the database already contains data from a previous Ghost installation, y ### FIPS configuration in Bitnami Secure Images -The Bitnami Ghost Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Ghost Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/git/README.md b/bitnami/git/README.md index b292570855b9..2371cdc87305 100644 --- a/bitnami/git/README.md +++ b/bitnami/git/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name git bitnami/git:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -77,7 +72,7 @@ docker run --name git bitnami/git:latest git --version ### FIPS configuration in Bitnami Secure Images -The Bitnami Git Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Git Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/gitea/README.md b/bitnami/gitea/README.md index f5d56c223f9c..8f22424d4345 100644 --- a/bitnami/gitea/README.md +++ b/bitnami/gitea/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name gitea bitnami/gitea:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Gitea in Kubernetes? @@ -279,7 +274,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami Gitea Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Gitea Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/gitlab-runner-helper/README.md b/bitnami/gitlab-runner-helper/README.md index 78be3e7c2022..62a31e408d5c 100644 --- a/bitnami/gitlab-runner-helper/README.md +++ b/bitnami/gitlab-runner-helper/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gitlab-runner-helper bitnami/gitlab-runner-helper ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -107,7 +102,7 @@ Check the [official Gitlab Runner Helper documentation](https://docs.gitlab.com/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Gitlab Runner Helper Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Gitlab Runner Helper Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/gitlab-runner/README.md b/bitnami/gitlab-runner/README.md index 11bd3e0f2def..cf7f54c1aefd 100644 --- a/bitnami/gitlab-runner/README.md +++ b/bitnami/gitlab-runner/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gitlab-runner bitnami/gitlab-runner ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Gitlab Runner documentation](https://docs.gitlab.com/runner/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Gitlab Runner Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Gitlab Runner Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/golang/README.md b/bitnami/golang/README.md index b5df05f4182b..a1230529c41d 100644 --- a/bitnami/golang/README.md +++ b/bitnami/golang/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name golang bitnami/golang:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -126,7 +121,7 @@ $ docker -it --name golang run \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Golang Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Golang Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/google-cloud-sdk/README.md b/bitnami/google-cloud-sdk/README.md index 0422ebb4a7fe..76397321a844 100644 --- a/bitnami/google-cloud-sdk/README.md +++ b/bitnami/google-cloud-sdk/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name google-cloud-sdk bitnami/google-cloud-sdk:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -87,7 +82,7 @@ docker run --rm --name google-cloud-sdk -v /path/to/your/gcloud/config:/.config/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Google Cloud SDK Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Google Cloud SDK Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/gotrue/README.md b/bitnami/gotrue/README.md index 3e9e608e0fc4..578b9756fa4e 100644 --- a/bitnami/gotrue/README.md +++ b/bitnami/gotrue/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gotrue bitnami/gotrue ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -156,7 +151,7 @@ Check the [official GoTrue documentation](https://github.com/netlify/gotrue) for ### FIPS configuration in Bitnami Secure Images -The Bitnami GoTrue Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami GoTrue Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/gradle/README.md b/bitnami/gradle/README.md index 0c69a97e2943..9d9403954efd 100644 --- a/bitnami/gradle/README.md +++ b/bitnami/gradle/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name gradle bitnami/gradle:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ docker run --name gradle -v /path/to/app:/app bitnami/gradle \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Gradle Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Gradle Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-alloy/README.md b/bitnami/grafana-alloy/README.md index c5f40c777ae0..53446ffd68f5 100644 --- a/bitnami/grafana-alloy/README.md +++ b/bitnami/grafana-alloy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-alloy bitnami/grafana-alloy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Grafana Alloy documentation](https://grafana.com/oss/alloy-o ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Alloy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Alloy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-image-renderer/README.md b/bitnami/grafana-image-renderer/README.md index ea2c4b44b9f6..b97f89191f03 100644 --- a/bitnami/grafana-image-renderer/README.md +++ b/bitnami/grafana-image-renderer/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-image-renderer bitnami/grafana-image-renderer:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Grafana Image Renderer in Kubernetes? @@ -177,7 +172,7 @@ After that, your configuration will be taken into account in the server's behavi ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Image Renderer Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Image Renderer Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-k6-operator/README.md b/bitnami/grafana-k6-operator/README.md index 36c9e27e8917..b1381ca6b383 100644 --- a/bitnami/grafana-k6-operator/README.md +++ b/bitnami/grafana-k6-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-k6-operator bitnami/grafana-k6-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/grafana-k6/README.md b/bitnami/grafana-k6/README.md index 70afa8d84b34..8548f1a820a6 100644 --- a/bitnami/grafana-k6/README.md +++ b/bitnami/grafana-k6/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-k6 bitnami/grafana-k6:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Grafana k6 documentation](https://k6.io/) for more informati ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana k6 Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana k6 Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-loki/README.md b/bitnami/grafana-loki/README.md index e2807687b2ff..bb1f90485a3c 100644 --- a/bitnami/grafana-loki/README.md +++ b/bitnami/grafana-loki/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-loki bitnami/grafana-loki:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/grafana-mimir/README.md b/bitnami/grafana-mimir/README.md index 66f9ce065eb9..d78b15833483 100644 --- a/bitnami/grafana-mimir/README.md +++ b/bitnami/grafana-mimir/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-mimir bitnami/grafana-mimir:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -89,7 +84,7 @@ Check the [official Grafana Mimir documentation](https://grafana.com/docs/mimir/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Mimir Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Mimir Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-operator/README.md b/bitnami/grafana-operator/README.md index e8d82163a20e..02c0ae1b7549 100644 --- a/bitnami/grafana-operator/README.md +++ b/bitnami/grafana-operator/README.md @@ -11,27 +11,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [Grafana Operator](https://github.com/integr8ly/grafana-operator/tree/master/documentation) on your Kubernetes cluster. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Find how to configure Grafana Operator in its [official documentation](https://g ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Operator Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Operator Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-tempo-query/README.md b/bitnami/grafana-tempo-query/README.md index 034610dbc8ee..5160fba99c3c 100644 --- a/bitnami/grafana-tempo-query/README.md +++ b/bitnami/grafana-tempo-query/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo-query bitnami/grafana-tempo-query:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -89,7 +84,7 @@ Check the [official Grafana Tempo Query documentation](https://grafana.com/docs/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Tempo Query Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Tempo Query Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-tempo-vulture/README.md b/bitnami/grafana-tempo-vulture/README.md index ca4e80ebc3aa..4f803aa7ad76 100644 --- a/bitnami/grafana-tempo-vulture/README.md +++ b/bitnami/grafana-tempo-vulture/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo-vulture bitnami/grafana-tempo-vulture:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Grafana Tempo documentation](https://grafana.com/docs/tempo/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Tempo Vulture Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Tempo Vulture Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana-tempo/README.md b/bitnami/grafana-tempo/README.md index af022cc9de4d..e15b81da9560 100644 --- a/bitnami/grafana-tempo/README.md +++ b/bitnami/grafana-tempo/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana-tempo bitnami/grafana-tempo:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -101,7 +96,7 @@ Check the [official Grafana Tempo documentation](https://grafana.com/docs/tempo/ ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Tempo Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Tempo Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/grafana/README.md b/bitnami/grafana/README.md index c4b8afb701f9..79682ad1b25a 100644 --- a/bitnami/grafana/README.md +++ b/bitnami/grafana/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name grafana bitnami/grafana:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Grafana in Kubernetes? @@ -237,7 +232,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami Grafana Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Grafana Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/haproxy/README.md b/bitnami/haproxy/README.md index d941829d5808..9c788122ef59 100644 --- a/bitnami/haproxy/README.md +++ b/bitnami/haproxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name haproxy bitnami/haproxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -101,7 +96,7 @@ Check the [official HAProxy documentation](http://cbonte.github.io/haproxy-dconv ### FIPS configuration in Bitnami Secure Images -The Bitnami HAProxy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami HAProxy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-adapter-trivy/README.md b/bitnami/harbor-adapter-trivy/README.md index 2dac7c48839e..55607ad49b3b 100644 --- a/bitnami/harbor-adapter-trivy/README.md +++ b/bitnami/harbor-adapter-trivy/README.md @@ -15,27 +15,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-adapter-trivy bitnami/harbor-adapter-trivy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -135,7 +130,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Adapter Trivy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Adapter Trivy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-core/README.md b/bitnami/harbor-core/README.md index 8fcbcc9b0754..0c01c4b4175c 100644 --- a/bitnami/harbor-core/README.md +++ b/bitnami/harbor-core/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-core bitnami/harbor-core:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -73,7 +68,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Core Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Core Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-exporter/README.md b/bitnami/harbor-exporter/README.md index 8130e01e10fe..2c9d8eac0374 100644 --- a/bitnami/harbor-exporter/README.md +++ b/bitnami/harbor-exporter/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-exporter bitnami/harbor-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -95,7 +90,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-jobservice/README.md b/bitnami/harbor-jobservice/README.md index 4f82ff16243e..d4ac3fa51fe0 100644 --- a/bitnami/harbor-jobservice/README.md +++ b/bitnami/harbor-jobservice/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-jobservice bitnami/harbor-jobservice:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -72,7 +67,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Job Service Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Job Service Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-portal/README.md b/bitnami/harbor-portal/README.md index f13a6857c50c..2415853969ec 100644 --- a/bitnami/harbor-portal/README.md +++ b/bitnami/harbor-portal/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor bitnami/harbor-portal:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -60,7 +55,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-registry/README.md b/bitnami/harbor-registry/README.md index 3e12329d2488..08e1523b7219 100644 --- a/bitnami/harbor-registry/README.md +++ b/bitnami/harbor-registry/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-registry bitnami/harbor-registry:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -73,7 +68,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Registry Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Registry Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/harbor-registryctl/README.md b/bitnami/harbor-registryctl/README.md index 27690e878a99..ed754f7f863b 100644 --- a/bitnami/harbor-registryctl/README.md +++ b/bitnami/harbor-registryctl/README.md @@ -14,27 +14,22 @@ This container is part of the [Harbor solution](https://github.com/bitnami/chart docker run --name harbor-registryctl bitnami/harbor-registryctl:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Harbor in Kubernetes? @@ -73,7 +68,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Harbor Registryctl Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Harbor Registryctl Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hubble-relay/README.md b/bitnami/hubble-relay/README.md index d73e94f2c7d3..9a6d0546c972 100644 --- a/bitnami/hubble-relay/README.md +++ b/bitnami/hubble-relay/README.md @@ -15,27 +15,22 @@ This container is part of the [Cilium chart](https://github.com/bitnami/charts/t docker run --name hubble-relay bitnami/hubble-relay:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Hubble Relay in Kubernetes? @@ -89,7 +84,7 @@ Check the [official Hubble Relay documentation](https://docs.cilium.io/en/stable ### FIPS configuration in Bitnami Secure Images -The Bitnami Hubble Relay Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hubble Relay Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hubble-ui-backend/README.md b/bitnami/hubble-ui-backend/README.md index 2326b5ef2033..a72aca25e7bc 100644 --- a/bitnami/hubble-ui-backend/README.md +++ b/bitnami/hubble-ui-backend/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hubble-ui-backend bitnami/hubble-ui-backend:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -77,7 +72,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Hubble UI Backend Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hubble UI Backend Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hubble-ui/README.md b/bitnami/hubble-ui/README.md index 9197d5e8e686..1b95c4cb11bc 100644 --- a/bitnami/hubble-ui/README.md +++ b/bitnami/hubble-ui/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hubble-ui bitnami/hubble-ui:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -77,7 +72,7 @@ For further information about the specific component itself, please refer to the ### FIPS configuration in Bitnami Secure Images -The Bitnami Hubble UI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hubble UI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hyperledger-fabric-ca/README.md b/bitnami/hyperledger-fabric-ca/README.md index 35fcdbf79e1f..a0970b2317d8 100644 --- a/bitnami/hyperledger-fabric-ca/README.md +++ b/bitnami/hyperledger-fabric-ca/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-ca bitnami/hyperledger-fabric-ca:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Read the [official Hyperledger Fabric documentation](https://hyperledger-fabric. ### FIPS configuration in Bitnami Secure Images -The Bitnami Hyperledger Fabric CA Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hyperledger Fabric CA Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hyperledger-fabric-orderer/README.md b/bitnami/hyperledger-fabric-orderer/README.md index ac00d2fb299d..0ad2f113fc03 100644 --- a/bitnami/hyperledger-fabric-orderer/README.md +++ b/bitnami/hyperledger-fabric-orderer/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-orderer bitnami/hyperledger-fabric-orderer:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Read the [official Hyperledger Fabric documentation](https://hyperledger-fabric. ### FIPS configuration in Bitnami Secure Images -The Bitnami Hyperledger Fabric Orderer Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hyperledger Fabric Orderer Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hyperledger-fabric-peer/README.md b/bitnami/hyperledger-fabric-peer/README.md index f91454f0ef11..35bd8e502082 100644 --- a/bitnami/hyperledger-fabric-peer/README.md +++ b/bitnami/hyperledger-fabric-peer/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-peer bitnami/hyperledger-fabric-peer:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Read the [official Hyperledger Fabric documentation](https://hyperledger-fabric. ### FIPS configuration in Bitnami Secure Images -The Bitnami Hyperledger Fabric Peer Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hyperledger Fabric Peer Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/hyperledger-fabric-tools/README.md b/bitnami/hyperledger-fabric-tools/README.md index b0aeba4333c6..16205d45a42b 100644 --- a/bitnami/hyperledger-fabric-tools/README.md +++ b/bitnami/hyperledger-fabric-tools/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name hyperledger-fabric-tools bitnami/hyperledger-fabric-tools:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Read the [official Hyperledger Fabric documentation](https://hyperledger-fabric. ### FIPS configuration in Bitnami Secure Images -The Bitnami Hyperledger Fabric Tools Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Hyperledger Fabric Tools Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/influxdb/README.md b/bitnami/influxdb/README.md index 7e0a8414a063..01557551cd2b 100644 --- a/bitnami/influxdb/README.md +++ b/bitnami/influxdb/README.md @@ -13,27 +13,22 @@ InfluxDB(TM) is a trademark owned by InfluxData, which is not affiliated with, a docker run --name influxdb bitnami/influxdb:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy InfluxDB™ Core in Kubernetes? @@ -280,7 +275,7 @@ docker run --name influxdb \ ### FIPS configuration in Bitnami Secure Images -The Bitnami InfluxDB™ Core Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami InfluxDB™ Core Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jaeger/README.md b/bitnami/jaeger/README.md index ad11d48389b8..75b92d6ed8c2 100644 --- a/bitnami/jaeger/README.md +++ b/bitnami/jaeger/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jaeger bitnami/jaeger:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -147,7 +142,7 @@ Check the [official Jaeger documentation](https://jaegertracing.io//docs) for mo ### FIPS configuration in Bitnami Secure Images -The Bitnami Jaeger Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Jaeger Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/janusgraph/README.md b/bitnami/janusgraph/README.md index dbf7c9926e7f..3bf8e2eeae07 100644 --- a/bitnami/janusgraph/README.md +++ b/bitnami/janusgraph/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name janusgraph bitnami/janusgraph:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -113,7 +108,7 @@ docker run --name janusgraph -v /path/to/janusgraph.properties:/bitnami/janusgra ### FIPS configuration in Bitnami Secure Images -The Bitnami JanusGraph Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami JanusGraph Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/java/README.md b/bitnami/java/README.md index 0edf7237ab8e..2c3b8a678a92 100644 --- a/bitnami/java/README.md +++ b/bitnami/java/README.md @@ -19,27 +19,22 @@ docker run -it --name java bitnami/java docker run --name java bitnami/java:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -127,7 +122,7 @@ docker build --build-arg JAVA_EXTRA_SECURITY_DIR=/bitnami/java/extra-security -t ### FIPS configuration in Bitnami Secure Images -The Bitnami Java Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Java Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jax/README.md b/bitnami/jax/README.md index c93ca992fe51..c1434daed017 100644 --- a/bitnami/jax/README.md +++ b/bitnami/jax/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name jax bitnami/jax ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ docker run -it --name jax -v /path/to/app:/app bitnami/jax \ ### FIPS configuration in Bitnami Secure Images -The Bitnami JAX Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami JAX Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jenkins-agent/README.md b/bitnami/jenkins-agent/README.md index 9489a73d40a9..f749db4bd602 100644 --- a/bitnami/jenkins-agent/README.md +++ b/bitnami/jenkins-agent/README.md @@ -15,27 +15,22 @@ docker run --name jenkins-agent --env JENKINS_URL=http://jenkins:port bitnami/je You can find all the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -116,7 +111,7 @@ When you start the Jenkins Agent image, you can adjust the configuration of the ### FIPS configuration in Bitnami Secure Images -The Bitnami Jenkins Agent Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Jenkins Agent Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jenkins/README.md b/bitnami/jenkins/README.md index ff2f3f180ec5..a9d6a9883023 100644 --- a/bitnami/jenkins/README.md +++ b/bitnami/jenkins/README.md @@ -15,27 +15,22 @@ docker run --name jenkins bitnami/jenkins:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Jenkins in Kubernetes? @@ -233,7 +228,7 @@ When you start the Jenkins image, you can adjust the configuration of the instan ### FIPS configuration in Bitnami Secure Images -The Bitnami Jenkins Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Jenkins Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jmx-exporter/README.md b/bitnami/jmx-exporter/README.md index b000cba9fdcf..e446f608c160 100644 --- a/bitnami/jmx-exporter/README.md +++ b/bitnami/jmx-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jmx-exporter bitnami/jmx-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration options in the [JMX Prometheus Exporter documentation ### FIPS configuration in Bitnami Secure Images -The Bitnami JMX Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami JMX Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jsonnet/README.md b/bitnami/jsonnet/README.md index 6a2d266c422d..5734758def7f 100644 --- a/bitnami/jsonnet/README.md +++ b/bitnami/jsonnet/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jsonnet bitnami/jsonnet:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -77,7 +72,7 @@ docker run --name jsonnet bitnami/jsonnet:latest -e "{hello: 'world'}" ### FIPS configuration in Bitnami Secure Images -The Bitnami Jsonnet Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Jsonnet Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jupyter-base-notebook/README.md b/bitnami/jupyter-base-notebook/README.md index e1f2ac41c12b..53257eed6770 100644 --- a/bitnami/jupyter-base-notebook/README.md +++ b/bitnami/jupyter-base-notebook/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name jupyter-base-notebook bitnami/jupyter-base-notebook:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -98,7 +93,7 @@ USER 1001 ### FIPS configuration in Bitnami Secure Images -The Bitnami Jupyter Base Notebook Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Jupyter Base Notebook Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jupyterhub/README.md b/bitnami/jupyterhub/README.md index 275a84e07c61..9d1300d6fb44 100644 --- a/bitnami/jupyterhub/README.md +++ b/bitnami/jupyterhub/README.md @@ -11,27 +11,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema This image is meant to run in a Kubernetes cluster. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -118,7 +113,7 @@ docker run --rm --name jupyterhub bitnami/jupyterhub:latest --help-all ### FIPS configuration in Bitnami Secure Images -The Bitnami JupyterHub Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami JupyterHub Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/jwt-cli/README.md b/bitnami/jwt-cli/README.md index f59b025415ef..326d7cfca6d8 100644 --- a/bitnami/jwt-cli/README.md +++ b/bitnami/jwt-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name jwt-cli bitnami/jwt-cli ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official JWT CLI documentation](https://github.com/mike-engel/jwt-cli ### FIPS configuration in Bitnami Secure Images -The Bitnami JWT CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami JWT CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kafka/README.md b/bitnami/kafka/README.md index 76cdf737c541..68b6699dd799 100644 --- a/bitnami/kafka/README.md +++ b/bitnami/kafka/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kafka bitnami/kafka:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Apache Kafka in Kubernetes? @@ -683,7 +678,7 @@ docker-compose restart kafka ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Kafka Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Kafka Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kaniko/README.md b/bitnami/kaniko/README.md index 37edc2d34890..41a27890eb01 100644 --- a/bitnami/kaniko/README.md +++ b/bitnami/kaniko/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kaniko bitnami/kaniko ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/keycloak-config-cli/README.md b/bitnami/keycloak-config-cli/README.md index 6a338d081d20..f0d7ab70a426 100644 --- a/bitnami/keycloak-config-cli/README.md +++ b/bitnami/keycloak-config-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --rm --name keycloak-config-cli bitnami/keycloak-config-cli:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Keycloak Config CLI in Kubernetes? @@ -79,7 +74,7 @@ Find how to configure Keycloak Config CLI in its [official documentation](https: ### FIPS configuration in Bitnami Secure Images -The Bitnami Keycloak Config CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Keycloak Config CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/keycloak/README.md b/bitnami/keycloak/README.md index e1cabad164d8..a92e5161589d 100644 --- a/bitnami/keycloak/README.md +++ b/bitnami/keycloak/README.md @@ -15,27 +15,22 @@ docker run --name keycloak bitnami/keycloak:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Keycloak in Kubernetes? @@ -264,7 +259,7 @@ After that, your changes will be taken into account in the server's behaviour. ### FIPS configuration in Bitnami Secure Images -The Bitnami Keycloak Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Keycloak Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/keydb/README.md b/bitnami/keydb/README.md index a035e1051900..ec7c46be007a 100644 --- a/bitnami/keydb/README.md +++ b/bitnami/keydb/README.md @@ -15,27 +15,22 @@ docker run --name keydb -e ALLOW_EMPTY_PASSWORD=yes bitnami/keydb:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -609,7 +604,7 @@ When the value of `KEYDB_RDB_POLICY_DISABLED` is `no` (default value) the KeyDB ### FIPS configuration in Bitnami Secure Images -The Bitnami KeyDB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami KeyDB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kiam/README.md b/bitnami/kiam/README.md index 3408ef8ff0f1..dc2e7be214ff 100644 --- a/bitnami/kiam/README.md +++ b/bitnami/kiam/README.md @@ -16,27 +16,22 @@ From Bitnami, we will update the container image and Helm chart, as usual, bundl docker run --name kiam bitnami/kiam:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -82,7 +77,7 @@ Check the [official Kiam documentation](https://github.com/uswitch/kiam/tree/mas ### FIPS configuration in Bitnami Secure Images -The Bitnami Kiam Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kiam Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kibana/README.md b/bitnami/kibana/README.md index 38f03bae378c..b14c50d4da52 100644 --- a/bitnami/kibana/README.md +++ b/bitnami/kibana/README.md @@ -15,27 +15,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kibana bitnami/kibana:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -262,7 +257,7 @@ Refer to the [configuration](https://www.elastic.co/guide/en/kibana/current/sett ### FIPS configuration in Bitnami Secure Images -The Bitnami Kibana Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kibana Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kong-ingress-controller/README.md b/bitnami/kong-ingress-controller/README.md index 5e4f7977aff3..57cab6cd7ab1 100644 --- a/bitnami/kong-ingress-controller/README.md +++ b/bitnami/kong-ingress-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kong-ingress-controller bitnami/kong-ingress-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Consult the [kong-ingress-controller Reference Documentation](https://docs.kongh ### FIPS configuration in Bitnami Secure Images -The Bitnami Kong Ingress Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kong Ingress Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kong/README.md b/bitnami/kong/README.md index 7024594c1f60..3856148e7f19 100644 --- a/bitnami/kong/README.md +++ b/bitnami/kong/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kong bitnami/kong:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -174,7 +169,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami Kong Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kong Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kserve-agent/README.md b/bitnami/kserve-agent/README.md index e74ebf4e480c..83742de8077c 100644 --- a/bitnami/kserve-agent/README.md +++ b/bitnami/kserve-agent/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-agent bitnami/kserve-agent:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kserve-controller/README.md b/bitnami/kserve-controller/README.md index 0f86bd9f8d40..322ef199d2a9 100644 --- a/bitnami/kserve-controller/README.md +++ b/bitnami/kserve-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-controller bitnami/kserve-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kserve-localmodel-controller/README.md b/bitnami/kserve-localmodel-controller/README.md index b3f4048ba808..a4d07c4ef6de 100644 --- a/bitnami/kserve-localmodel-controller/README.md +++ b/bitnami/kserve-localmodel-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-localmodel-controller bitnami/kserve-localmodel-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kserve-localmodelnode-agent/README.md b/bitnami/kserve-localmodelnode-agent/README.md index cd9c8ea2b255..3ee86e662e66 100644 --- a/bitnami/kserve-localmodelnode-agent/README.md +++ b/bitnami/kserve-localmodelnode-agent/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-localmodelnode-agent bitnami/kserve-localmodelnode-agent:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kserve-router/README.md b/bitnami/kserve-router/README.md index c91219b41b33..d73acc6f3772 100644 --- a/bitnami/kserve-router/README.md +++ b/bitnami/kserve-router/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-router bitnami/kserve-router:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kserve-storage-initializer/README.md b/bitnami/kserve-storage-initializer/README.md index 7c54dbecf83d..4be7c6ee316a 100644 --- a/bitnami/kserve-storage-initializer/README.md +++ b/bitnami/kserve-storage-initializer/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kserve-storage-initializer bitnami/kserve-storage-initializer:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official KServe Storage Initializer documentation](https://kserve.git ### FIPS configuration in Bitnami Secure Images -The Bitnami KServe Storage Initializer Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami KServe Storage Initializer Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/ksql/README.md b/bitnami/ksql/README.md index 1988f1faf670..d4fb549e2670 100644 --- a/bitnami/ksql/README.md +++ b/bitnami/ksql/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name ksql bitnami/ksql:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -98,7 +93,7 @@ docker build -t bitnami/APP:latest . ### FIPS configuration in Bitnami Secure Images -The Bitnami Confluent KSQL DB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Confluent KSQL DB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kube-arangodb/README.md b/bitnami/kube-arangodb/README.md index e25c174d446c..13af96693264 100644 --- a/bitnami/kube-arangodb/README.md +++ b/bitnami/kube-arangodb/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kube-arangodb bitnami/kube-arangodb:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official ArangoDB Kubernetes Operator documentation](https://docs.ara ### FIPS configuration in Bitnami Secure Images -The Bitnami ArangoDB Kubernetes Operator Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ArangoDB Kubernetes Operator Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kube-rbac-proxy/README.md b/bitnami/kube-rbac-proxy/README.md index 394d1bb9667e..a5ffec6bf3d9 100644 --- a/bitnami/kube-rbac-proxy/README.md +++ b/bitnami/kube-rbac-proxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kube-rbac-proxy bitnami/kube-rbac-proxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/kube-state-metrics/README.md b/bitnami/kube-state-metrics/README.md index 5f7631551597..b3a5a66aa309 100644 --- a/bitnami/kube-state-metrics/README.md +++ b/bitnami/kube-state-metrics/README.md @@ -11,27 +11,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy Kube-state-metrics on your [Kubernetes cluster](https://github.com/kubernetes/kube-state-metrics/tree/master/docs). -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ For clusters of more than 100 nodes, allocate at least ### FIPS configuration in Bitnami Secure Images -The Bitnami Kube State Metrics Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kube State Metrics Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kubectl/README.md b/bitnami/kubectl/README.md index 54ae89bc3175..a1d5c1a2495e 100644 --- a/bitnami/kubectl/README.md +++ b/bitnami/kubectl/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubectl bitnami/kubectl:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -87,7 +82,7 @@ docker run --rm --name kubectl -v /path/to/your/kube/config:/.kube/config bitnam ### FIPS configuration in Bitnami Secure Images -The Bitnami Kubectl Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kubectl Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kuberay-apiserver/README.md b/bitnami/kuberay-apiserver/README.md index 2b6372e4a28a..805d41d986bb 100644 --- a/bitnami/kuberay-apiserver/README.md +++ b/bitnami/kuberay-apiserver/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kuberay-apiserver bitnami/kuberay-apiserver ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official KubeRay API Server documentation](https://ray.io) for more i ### FIPS configuration in Bitnami Secure Images -The Bitnami KubeRay API Server Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami KubeRay API Server Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kuberay-operator/README.md b/bitnami/kuberay-operator/README.md index 243ecdcefc92..432e1a4247d4 100644 --- a/bitnami/kuberay-operator/README.md +++ b/bitnami/kuberay-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name kuberay-operator bitnami/kuberay-operator ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official KubeRay documentation](https://ray.io) for more information ### FIPS configuration in Bitnami Secure Images -The Bitnami KubeRay Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami KubeRay Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kubernetes-event-exporter/README.md b/bitnami/kubernetes-event-exporter/README.md index 2289d7ddcd7e..8744d1831cef 100644 --- a/bitnami/kubernetes-event-exporter/README.md +++ b/bitnami/kubernetes-event-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubernetes-event-exporter bitnami/kubernetes-event-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Kubernetes Event Exporter in Kubernetes? @@ -67,7 +62,7 @@ For further documentation, please check [Kubernetes Event Exporter documentation ### FIPS configuration in Bitnami Secure Images -The Bitnami Kubernetes Event Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kubernetes Event Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/kubescape/README.md b/bitnami/kubescape/README.md index 7672260bcf31..5e73b146e5fb 100644 --- a/bitnami/kubescape/README.md +++ b/bitnami/kubescape/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name kubescape bitnami/kubescape:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Consult the [Kubescape Reference Documentation](https://github.com/kubescape/kub ### FIPS configuration in Bitnami Secure Images -The Bitnami Kubescape Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Kubescape Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/laravel/README.md b/bitnami/laravel/README.md index 8c8bc75e532e..80f5069fa3eb 100644 --- a/bitnami/laravel/README.md +++ b/bitnami/laravel/README.md @@ -16,27 +16,22 @@ mkdir ~/myapp && cd ~/myapp docker run --name laravel -v ${PWD}/my-project:/app bitnami/laravel:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -139,7 +134,7 @@ where `` is the command you want to launch inside the container. ### FIPS configuration in Bitnami Secure Images -The Bitnami Laravel Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Laravel Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/logstash/README.md b/bitnami/logstash/README.md index 5d428a42e52e..dff9c16b2149 100644 --- a/bitnami/logstash/README.md +++ b/bitnami/logstash/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name logstash bitnami/logstash:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Logstash in Kubernetes? @@ -253,7 +248,7 @@ The command above will build the image providing this GitHub repository as build ### FIPS configuration in Bitnami Secure Images -The Bitnami Logstash Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Logstash Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mariadb-galera/README.md b/bitnami/mariadb-galera/README.md index 26822ff47e87..63866c0e19fc 100644 --- a/bitnami/mariadb-galera/README.md +++ b/bitnami/mariadb-galera/README.md @@ -17,27 +17,22 @@ docker run --name mariadb \ **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MariaDB Galera in Kubernetes? @@ -621,7 +616,7 @@ docker run --name mariadb \ ### FIPS configuration in Bitnami Secure Images -The Bitnami MariaDB Galera Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MariaDB Galera Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mariadb/README.md b/bitnami/mariadb/README.md index 0df2664c094f..8a937023175f 100644 --- a/bitnami/mariadb/README.md +++ b/bitnami/mariadb/README.md @@ -15,27 +15,22 @@ docker run --name mariadb -e ALLOW_EMPTY_PASSWORD=yes bitnami/mariadb:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MariaDB in Kubernetes? diff --git a/bitnami/mastodon/README.md b/bitnami/mastodon/README.md index e7b263b75d0c..a4c0dbf66906 100644 --- a/bitnami/mastodon/README.md +++ b/bitnami/mastodon/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name mastodon bitnami/mastodon ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -253,7 +248,7 @@ The Bitnami Mastodon container supports connecting the Mastodon application to a ### FIPS configuration in Bitnami Secure Images -The Bitnami Mastodon Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Mastodon Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/matomo/README.md b/bitnami/matomo/README.md index d2e36638e632..ba2c79ca1387 100644 --- a/bitnami/matomo/README.md +++ b/bitnami/matomo/README.md @@ -16,27 +16,22 @@ docker run --name matomo bitnami/matomo:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -417,7 +412,7 @@ This would be an example of SMTP configuration using a Gmail account: ### FIPS configuration in Bitnami Secure Images -The Bitnami Matomo Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Matomo Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/memcached-exporter/README.md b/bitnami/memcached-exporter/README.md index 3b6d449c0936..ce899913aa36 100644 --- a/bitnami/memcached-exporter/README.md +++ b/bitnami/memcached-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name memcached-exporter bitnami/memcached-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/memcached/README.md b/bitnami/memcached/README.md index c8078a965c3b..203a08596b79 100644 --- a/bitnami/memcached/README.md +++ b/bitnami/memcached/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name memcached bitnami/memcached:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Memcached in Kubernetes? @@ -319,7 +314,7 @@ The `/opt/bitnami/memcached/conf/memcachedsasldb` is the path to the sasldb file ### FIPS configuration in Bitnami Secure Images -The Bitnami Memcached Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Memcached Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/metallb-controller/README.md b/bitnami/metallb-controller/README.md index b0411c33bd3d..953f7d26c517 100644 --- a/bitnami/metallb-controller/README.md +++ b/bitnami/metallb-controller/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name metallb-controller bitnami/metallb-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Consult the [metallb Reference Documentation](https://metallb.universe.tf/config ### FIPS configuration in Bitnami Secure Images -The Bitnami MetalLB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MetalLB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/metallb-speaker/README.md b/bitnami/metallb-speaker/README.md index 2bfce591eca6..52f9ce95f686 100644 --- a/bitnami/metallb-speaker/README.md +++ b/bitnami/metallb-speaker/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name metallb-speaker bitnami/metallb-speaker:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Consult the [metallb Reference Documentation](https://metallb.universe.tf/config ### FIPS configuration in Bitnami Secure Images -The Bitnami MetalLB Speaker Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MetalLB Speaker Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/metrics-server/README.md b/bitnami/metrics-server/README.md index 5280cff2e9ba..6c6c080fdc57 100644 --- a/bitnami/metrics-server/README.md +++ b/bitnami/metrics-server/README.md @@ -15,27 +15,22 @@ Deploy Metrics Server on your [Kubernetes cluster](https://github.com/kubernetes docker run --name metrics-server bitnami/metrics-server:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Metrics Server in Kubernetes? @@ -61,7 +56,7 @@ For further documentation, please check [here](https://github.com/kubernetes-inc ### FIPS configuration in Bitnami Secure Images -The Bitnami Metrics Server Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Metrics Server Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/milvus/README.md b/bitnami/milvus/README.md index e46443d3168d..e5c2842050e6 100644 --- a/bitnami/milvus/README.md +++ b/bitnami/milvus/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name milvus bitnami/milvus ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Milvus documentation](https://milvus.io/docs/) for more info ### FIPS configuration in Bitnami Secure Images -The Bitnami Milvus Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Milvus Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/minio-client/README.md b/bitnami/minio-client/README.md index 2912eb9c5745..96d180f5825a 100644 --- a/bitnami/minio-client/README.md +++ b/bitnami/minio-client/README.md @@ -13,27 +13,22 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio-client bitnami/minio-client:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -158,7 +153,7 @@ Find more information about the client configuration in the [MinIO(R) Client doc ### FIPS configuration in Bitnami Secure Images -The Bitnami Bitnami Object Storage Client based on MinIO® Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Bitnami Object Storage Client based on MinIO® Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/minio-object-browser/README.md b/bitnami/minio-object-browser/README.md index 385cd588278c..eb695c1c26c3 100644 --- a/bitnami/minio-object-browser/README.md +++ b/bitnami/minio-object-browser/README.md @@ -13,27 +13,22 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio-object-browser bitnami/minio-object-browser:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/minio-operator-sidecar/README.md b/bitnami/minio-operator-sidecar/README.md index fb99f1e5a70c..1c869130af4a 100644 --- a/bitnami/minio-operator-sidecar/README.md +++ b/bitnami/minio-operator-sidecar/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name minio-operator-sidecar bitnami/minio-operator-sidecar:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/minio-operator/README.md b/bitnami/minio-operator/README.md index 4a1d20de5c07..a1ae2c10e83c 100644 --- a/bitnami/minio-operator/README.md +++ b/bitnami/minio-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name minio-operator bitnami/minio-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/minio/README.md b/bitnami/minio/README.md index fe678f3109b0..caf02e820c6b 100644 --- a/bitnami/minio/README.md +++ b/bitnami/minio/README.md @@ -13,27 +13,22 @@ Disclaimer: All software products, projects and company names are trademark(TM) docker run --name minio bitnami/minio:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MinIO(R) in Kubernetes? @@ -427,7 +422,7 @@ docker run --name minio \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Bitnami Object Storage based on MinIO® Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Bitnami Object Storage based on MinIO® Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mlflow/README.md b/bitnami/mlflow/README.md index 8d97ce062d37..0f39510916e7 100644 --- a/bitnami/mlflow/README.md +++ b/bitnami/mlflow/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name mlflow bitnami/mlflow:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ docker run -it --name mlflow -v /path/to/app:/app bitnami/mlflow \ ### FIPS configuration in Bitnami Secure Images -The Bitnami MLflow Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MLflow Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mongodb-exporter/README.md b/bitnami/mongodb-exporter/README.md index ff43e72f4b26..e3834fa947e6 100644 --- a/bitnami/mongodb-exporter/README.md +++ b/bitnami/mongodb-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mongodb-exporter bitnami/mongodb-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration options in the [MongoDB Prometheus Exporter documenta ### FIPS configuration in Bitnami Secure Images -The Bitnami MongoDB Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MongoDB Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mongodb-sharded/README.md b/bitnami/mongodb-sharded/README.md index 10670e4711b5..469964227f49 100644 --- a/bitnami/mongodb-sharded/README.md +++ b/bitnami/mongodb-sharded/README.md @@ -13,27 +13,22 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the docker run --name mongodb bitnami/mongodb-sharded:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MongoDB® Sharded in Kubernetes? @@ -321,7 +316,7 @@ The Bitnami MongoDB® Sharded image contains the [same configuration features ### FIPS configuration in Bitnami Secure Images -The Bitnami MongoDB® Sharded Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MongoDB® Sharded Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mongodb/README.md b/bitnami/mongodb/README.md index c1c409b10af5..75c70ccf41b5 100644 --- a/bitnami/mongodb/README.md +++ b/bitnami/mongodb/README.md @@ -13,27 +13,22 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the docker run --name mongodb bitnami/mongodb:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MongoDB® in Kubernetes? @@ -789,7 +784,7 @@ Refer to the [configuration file options](http://docs.mongodb.org/v2.4/reference ### FIPS configuration in Bitnami Secure Images -The Bitnami MongoDB® Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MongoDB® Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/moodle/README.md b/bitnami/moodle/README.md index 7e3425f2aa74..1470f16c4954 100644 --- a/bitnami/moodle/README.md +++ b/bitnami/moodle/README.md @@ -15,27 +15,22 @@ docker run --name moodle bitnami/moodle:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Moodle™ in Kubernetes? @@ -407,7 +402,7 @@ Bear in mind that in the example above `es_ES.UTF-8 UTF-8` is the locale needed ### FIPS configuration in Bitnami Secure Images -The Bitnami Bitnami LMS powered by Moodle™ LMS Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Bitnami LMS powered by Moodle™ LMS Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/multus-cni/README.md b/bitnami/multus-cni/README.md index 63805083bfbf..034f4952ef90 100644 --- a/bitnami/multus-cni/README.md +++ b/bitnami/multus-cni/README.md @@ -14,27 +14,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name multus-cni bitnami/multus-cni:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -106,7 +101,7 @@ Check the [official Multus CNI documentation](https://github.com/k8snetworkplumb ### FIPS configuration in Bitnami Secure Images -The Bitnami Multus CNI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Multus CNI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mysql/README.md b/bitnami/mysql/README.md index bda9213dfada..23596bd2bd1a 100644 --- a/bitnami/mysql/README.md +++ b/bitnami/mysql/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mysql -e ALLOW_EMPTY_PASSWORD=yes bitnami/mysql:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy MySQL in Kubernetes? @@ -507,7 +502,7 @@ docker run --name mysql -v /path/to/my.cnf:/opt/bitnami/mysql/conf/my.cnf:ro bit ### FIPS configuration in Bitnami Secure Images -The Bitnami MySQL Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MySQL Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/mysqld-exporter/README.md b/bitnami/mysqld-exporter/README.md index b2ccff3a4405..9d2aba974ae3 100644 --- a/bitnami/mysqld-exporter/README.md +++ b/bitnami/mysqld-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name mysqld-exporter bitnami/mysqld-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration flags in [the MySQL Server Exporter official document ### FIPS configuration in Bitnami Secure Images -The Bitnami MySQL Server Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami MySQL Server Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nats-exporter/README.md b/bitnami/nats-exporter/README.md index a3076d8ddbcc..4478d8ddbcc2 100644 --- a/bitnami/nats-exporter/README.md +++ b/bitnami/nats-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nats-exporter bitnami/nats-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration options in the [NATS Prometheus Exporter documentatio ### FIPS configuration in Bitnami Secure Images -The Bitnami NATS Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami NATS Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nats/README.md b/bitnami/nats/README.md index 7e645829be12..97937c380fcf 100644 --- a/bitnami/nats/README.md +++ b/bitnami/nats/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nats bitnami/nats:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy NATS in Kubernetes? diff --git a/bitnami/natscli/README.md b/bitnami/natscli/README.md index e2c2d7e1a283..cfb0b3f67148 100644 --- a/bitnami/natscli/README.md +++ b/bitnami/natscli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name natscli bitnami/natscli ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official NATS CLI documentation](https://nats.io/docs/) for more info ### FIPS configuration in Bitnami Secure Images -The Bitnami NATS CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami NATS CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/neo4j/README.md b/bitnami/neo4j/README.md index dc9131d954a9..67c4064639f5 100644 --- a/bitnami/neo4j/README.md +++ b/bitnami/neo4j/README.md @@ -15,27 +15,22 @@ docker run --name neo4j bitnami/neo4j:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -250,7 +245,7 @@ neo4j: ### FIPS configuration in Bitnami Secure Images -The Bitnami Neo4j Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Neo4j Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nessie-utils/README.md b/bitnami/nessie-utils/README.md index 2cd90dbcb5c4..6d05713239f6 100644 --- a/bitnami/nessie-utils/README.md +++ b/bitnami/nessie-utils/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nessie-utils bitnami/nessie-utils ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -125,7 +120,7 @@ This container supports the upstream Nessie Utils environment variables. Check t ### FIPS configuration in Bitnami Secure Images -The Bitnami Nessie Utils Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Nessie Utils Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nessie/README.md b/bitnami/nessie/README.md index 3200ddc0318c..b4827403251a 100644 --- a/bitnami/nessie/README.md +++ b/bitnami/nessie/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name nessie bitnami/nessie ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -101,7 +96,7 @@ This container supports the upstream Nessie environment variables. Check the [of ### FIPS configuration in Bitnami Secure Images -The Bitnami Nessie Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Nessie Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nginx-exporter/README.md b/bitnami/nginx-exporter/README.md index 5587f0abdeaa..f9fe7157fc97 100644 --- a/bitnami/nginx-exporter/README.md +++ b/bitnami/nginx-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nginx-exporter bitnami/nginx-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration flags in [the NGINX Prometheus Exporter official docu ### FIPS configuration in Bitnami Secure Images -The Bitnami NGINX Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami NGINX Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nginx-ingress-controller/README.md b/bitnami/nginx-ingress-controller/README.md index d6c215dd9e10..5117e5305d70 100644 --- a/bitnami/nginx-ingress-controller/README.md +++ b/bitnami/nginx-ingress-controller/README.md @@ -15,27 +15,22 @@ Deploy NGINX Ingress Controller for Kubernetes on your [Kubernetes cluster](http docker run --name nginx-ingress-controller bitnami/nginx-ingress-controller:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy NGINX Ingress Controller in Kubernetes? @@ -55,7 +50,7 @@ For further documentation, please check [here](https://github.com/kubernetes/ing ### FIPS configuration in Bitnami Secure Images -The Bitnami NGINX Ingress Controller Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami NGINX Ingress Controller Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/nginx/README.md b/bitnami/nginx/README.md index aeedafdfc256..41313ae60a37 100644 --- a/bitnami/nginx/README.md +++ b/bitnami/nginx/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name nginx bitnami/nginx:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy NGINX Open Source in Kubernetes? @@ -416,7 +411,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami NGINX Open Source Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami NGINX Open Source Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/node-exporter/README.md b/bitnami/node-exporter/README.md index e47cc681c495..7cff8942d0bd 100644 --- a/bitnami/node-exporter/README.md +++ b/bitnami/node-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name node-exporter bitnami/node-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -104,7 +99,7 @@ Collectors are enabled by providing a `--collector.` flag. Collectors that ### FIPS configuration in Bitnami Secure Images -The Bitnami Node Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Node Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/node/README.md b/bitnami/node/README.md index ef5da29d7552..613e159a7bd0 100644 --- a/bitnami/node/README.md +++ b/bitnami/node/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name node bitnami/node:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -115,7 +110,7 @@ node: ### FIPS configuration in Bitnami Secure Images -The Bitnami Node.js Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Node.js Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/notation/README.md b/bitnami/notation/README.md index 732a18ebde99..87bfd424d537 100644 --- a/bitnami/notation/README.md +++ b/bitnami/notation/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name notation bitnami/notation ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -212,7 +207,7 @@ Check the [official Notation documentation](https://notaryproject.dev/docs/quick ### FIPS configuration in Bitnami Secure Images -The Bitnami Notation Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Notation Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/oauth2-proxy/README.md b/bitnami/oauth2-proxy/README.md index 7a34de0c2e43..5e9a1a89c735 100644 --- a/bitnami/oauth2-proxy/README.md +++ b/bitnami/oauth2-proxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name oauth2-proxy bitnami/oauth2-proxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -102,7 +97,7 @@ Oauth2-proxy can be configured via config file, command line options or environm ### FIPS configuration in Bitnami Secure Images -The Bitnami OAuth2 Proxy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OAuth2 Proxy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/odoo/README.md b/bitnami/odoo/README.md index 7a87a93ba09f..48ef959d9a0d 100644 --- a/bitnami/odoo/README.md +++ b/bitnami/odoo/README.md @@ -16,27 +16,22 @@ docker run --name odoo bitnami/odoo:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure d eployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Odoo in Kubernetes? @@ -328,7 +323,7 @@ In case the database already contains data from a previous Odoo installation, yo ### FIPS configuration in Bitnami Secure Images -The Bitnami Odoo Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Odoo Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/openldap/README.md b/bitnami/openldap/README.md index 80fe7a500d8f..51265b1354cd 100644 --- a/bitnami/openldap/README.md +++ b/bitnami/openldap/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name openldap bitnami/openldap:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -496,7 +491,7 @@ Scripts are executed are after the initilization and before the startup of the O ### FIPS configuration in Bitnami Secure Images -The Bitnami OpenLDAP Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OpenLDAP Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/openresty/README.md b/bitnami/openresty/README.md index 50a223aca452..7168745a034f 100644 --- a/bitnami/openresty/README.md +++ b/bitnami/openresty/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name openresty bitnami/openresty:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -247,7 +242,7 @@ load_module /opt/bitnami/openresty/nginx/modules/ngx_http_dav_module.so; ### FIPS configuration in Bitnami Secure Images -The Bitnami OpenResty Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OpenResty Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/opensearch-dashboards/README.md b/bitnami/opensearch-dashboards/README.md index 9937cff84eb0..5919a844a359 100644 --- a/bitnami/opensearch-dashboards/README.md +++ b/bitnami/opensearch-dashboards/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name opensearch-dashboards bitnami/opensearch-dashboards:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -159,7 +154,7 @@ Check the [official OpenSearch Dashboards documentation](https://opensearch.org/ ### FIPS configuration in Bitnami Secure Images -The Bitnami OpenSearch Dashboards Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OpenSearch Dashboards Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/opensearch/README.md b/bitnami/opensearch/README.md index a3a864542d2f..e85e85702109 100644 --- a/bitnami/opensearch/README.md +++ b/bitnami/opensearch/README.md @@ -15,27 +15,22 @@ docker run --name opensearch bitnami/opensearch:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy OpenSearch in Kubernetes? @@ -437,7 +432,7 @@ In order to have your custom files inside the Docker image, you can mount them a ### FIPS configuration in Bitnami Secure Images -The Bitnami OpenSearch Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OpenSearch Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/oras/README.md b/bitnami/oras/README.md index 9de6d9db3938..50cf7792b730 100644 --- a/bitnami/oras/README.md +++ b/bitnami/oras/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name oras bitnami/oras:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? diff --git a/bitnami/os-shell/README.md b/bitnami/os-shell/README.md index ab757503e978..174d85414d2f 100644 --- a/bitnami/os-shell/README.md +++ b/bitnami/os-shell/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name os-shell bitnami/os-shell:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -77,7 +72,7 @@ docker run --rm --name os-shell bitnami/os-shell:latest echo hello world ### FIPS configuration in Bitnami Secure Images -The Bitnami OS Shell + Utility Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami OS Shell + Utility Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/parse-dashboard/README.md b/bitnami/parse-dashboard/README.md index 744d6aae2fd0..64263b31c069 100644 --- a/bitnami/parse-dashboard/README.md +++ b/bitnami/parse-dashboard/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name parse-dashboard bitnami/parse-dashboard:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -220,7 +215,7 @@ parse-dashboard: ### FIPS configuration in Bitnami Secure Images -The Bitnami Parse Dashboard Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Parse Dashboard Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/parse/README.md b/bitnami/parse/README.md index 6ffbaf540011..5772c7518c77 100644 --- a/bitnami/parse/README.md +++ b/bitnami/parse/README.md @@ -15,27 +15,22 @@ docker run --name parse bitnami/parse:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Parse Server in Kubernetes? @@ -319,7 +314,7 @@ Find more information about Cloud Code and Cloud functions in the [official docu ### FIPS configuration in Bitnami Secure Images -The Bitnami Parse Server Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Parse Server Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/percona-mysql/README.md b/bitnami/percona-mysql/README.md index 1e7b44ebc5be..2519aa50e504 100644 --- a/bitnami/percona-mysql/README.md +++ b/bitnami/percona-mysql/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name percona-mysql bitnami/percona-mysql:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -132,7 +127,7 @@ docker build -t bitnami/APP:latest . ### FIPS configuration in Bitnami Secure Images -The Bitnami Percona Server for MySQL Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Percona Server for MySQL Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pgbouncer/README.md b/bitnami/pgbouncer/README.md index 094cc1f2bf28..f56217bd401b 100644 --- a/bitnami/pgbouncer/README.md +++ b/bitnami/pgbouncer/README.md @@ -15,27 +15,22 @@ docker run --name pgbouncer bitnami/pgbouncer:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -403,7 +398,7 @@ $ docker exec -it -u root debian-12-pgbouncer-1 psql -p 6432 -U postgres pg2 -c ### FIPS configuration in Bitnami Secure Images -The Bitnami PgBouncer Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PgBouncer Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pgpool/README.md b/bitnami/pgpool/README.md index 6bdd77025281..4a58423f44fc 100644 --- a/bitnami/pgpool/README.md +++ b/bitnami/pgpool/README.md @@ -17,27 +17,22 @@ docker run --name pgpool bitnami/pgpool:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Pgpool-II in Kubernetes? @@ -536,7 +531,7 @@ This command will prompt for a password, this password is the one set in the env ### FIPS configuration in Bitnami Secure Images -The Bitnami Pgpool-II Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Pgpool-II Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/php-fpm/README.md b/bitnami/php-fpm/README.md index ec986e30bbdf..e10b09c2824c 100644 --- a/bitnami/php-fpm/README.md +++ b/bitnami/php-fpm/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name phpfpm -v /path/to/app:/app bitnami/php-fpm ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -317,7 +312,7 @@ In order to override the default `max_file_uploads` settings you can do the foll ### FIPS configuration in Bitnami Secure Images -The Bitnami PHP-FPM Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PHP-FPM Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/phpmyadmin/README.md b/bitnami/phpmyadmin/README.md index 4f9223de7126..0c3e39e1f226 100644 --- a/bitnami/phpmyadmin/README.md +++ b/bitnami/phpmyadmin/README.md @@ -17,27 +17,22 @@ docker run --name phpmyadmin bitnami/phpmyadmin:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy phpMyAdmin in Kubernetes? @@ -256,7 +251,7 @@ docker run -d --name phpmyadmin -p 80:8080 -p 443:8443 \ ### FIPS configuration in Bitnami Secure Images -The Bitnami phpMyAdmin Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami phpMyAdmin Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pinniped-cli/README.md b/bitnami/pinniped-cli/README.md index 8434bff3fcaf..24f26411d569 100644 --- a/bitnami/pinniped-cli/README.md +++ b/bitnami/pinniped-cli/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pinniped-cli bitnami/pinniped-cli ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Pinniped CLI documentation](https://pinniped.dev/docs/) for ### FIPS configuration in Bitnami Secure Images -The Bitnami Pinniped CLI Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Pinniped CLI Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pinniped/README.md b/bitnami/pinniped/README.md index 9385ce823862..9a3bc53b123c 100644 --- a/bitnami/pinniped/README.md +++ b/bitnami/pinniped/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name pinniped bitnami/pinniped:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/plugin-barman-cloud-sidecar/README.md b/bitnami/plugin-barman-cloud-sidecar/README.md index e64b66891e18..8f0cbfa3ca13 100644 --- a/bitnami/plugin-barman-cloud-sidecar/README.md +++ b/bitnami/plugin-barman-cloud-sidecar/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name plugin-barman-cloud-sidecar bitnami/plugin-barman-cloud-sidecar:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official Barman Cloud Plugin Sidecar for CloudNativePG documentation] ### FIPS configuration in Bitnami Secure Images -The Bitnami Barman Cloud Plugin Sidecar for CloudNativePG Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Barman Cloud Plugin Sidecar for CloudNativePG Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/plugin-barman-cloud/README.md b/bitnami/plugin-barman-cloud/README.md index 166e608ff137..d9cb4af5a949 100644 --- a/bitnami/plugin-barman-cloud/README.md +++ b/bitnami/plugin-barman-cloud/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name plugin-barman-cloud bitnami/plugin-barman-cloud:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/postgres-exporter/README.md b/bitnami/postgres-exporter/README.md index e70be737041d..46189f28bda8 100644 --- a/bitnami/postgres-exporter/README.md +++ b/bitnami/postgres-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name postgres-exporter bitnami/postgres-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration flags in [the postgres_exporter official documentatio ### FIPS configuration in Bitnami Secure Images -The Bitnami PostgreSQL Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PostgreSQL Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/postgresql-repmgr/README.md b/bitnami/postgresql-repmgr/README.md index 6fc745a13b33..c10620bbe4ce 100644 --- a/bitnami/postgresql-repmgr/README.md +++ b/bitnami/postgresql-repmgr/README.md @@ -15,27 +15,22 @@ docker run --name postgresql-repmgr bitnami/postgresql-repmgr:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -726,7 +721,7 @@ Refer to [issues/27124](https://github.com/bitnami/containers/issues/27124) for ### FIPS configuration in Bitnami Secure Images -The Bitnami PostgreSQL HA Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PostgreSQL HA Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/postgresql/README.md b/bitnami/postgresql/README.md index 7620699d828c..c48ee1d82be8 100644 --- a/bitnami/postgresql/README.md +++ b/bitnami/postgresql/README.md @@ -15,27 +15,22 @@ docker run --name postgresql bitnami/postgresql:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy PostgreSQL in Kubernetes? @@ -853,7 +848,7 @@ The default toast compression is `pglz`, but you can modify it by setting the en ### FIPS configuration in Bitnami Secure Images -The Bitnami PostgreSQL Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PostgreSQL Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/postgrest/README.md b/bitnami/postgrest/README.md index 32e38d0ae97a..c99479bef1e3 100644 --- a/bitnami/postgrest/README.md +++ b/bitnami/postgrest/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name postgrest bitnami/postgrest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -135,7 +130,7 @@ Check the [official PostgREST documentation](https://postgrest.org/en/stable//co ### FIPS configuration in Bitnami Secure Images -The Bitnami PostgREST Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PostgREST Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/prometheus-operator/README.md b/bitnami/prometheus-operator/README.md index 43541fc4dc66..f86d97a81b43 100644 --- a/bitnami/prometheus-operator/README.md +++ b/bitnami/prometheus-operator/README.md @@ -11,27 +11,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema Deploy [Prometheus Operator](https://github.com/coreos/prometheus-operator/tree/master/Documentation) on your Kubernetes cluster. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Find how to configure Prometheus Operator in its [official documentation](https: ### FIPS configuration in Bitnami Secure Images -The Bitnami Prometheus Operator Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Prometheus Operator Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/prometheus-rsocket-proxy/README.md b/bitnami/prometheus-rsocket-proxy/README.md index 4988690e95f5..1ea3a507a96c 100644 --- a/bitnami/prometheus-rsocket-proxy/README.md +++ b/bitnami/prometheus-rsocket-proxy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name prometheus-rsocket-proxy bitnami/prometheus-rsocket-proxy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -75,7 +70,7 @@ For further documentation, please check [here](https://github.com/micrometer-met ### FIPS configuration in Bitnami Secure Images -The Bitnami Prometheus RSocket Proxy Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Prometheus RSocket Proxy Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/prometheus/README.md b/bitnami/prometheus/README.md index c17998673dc0..d20578803c45 100644 --- a/bitnami/prometheus/README.md +++ b/bitnami/prometheus/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name prometheus bitnami/prometheus:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -135,7 +130,7 @@ docker run --name prometheus \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Prometheus Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Prometheus Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pushgateway/README.md b/bitnami/pushgateway/README.md index eba9307b94d4..f7b83481369b 100644 --- a/bitnami/pushgateway/README.md +++ b/bitnami/pushgateway/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name pushgateway bitnami/pushgateway:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ The Pushgateway has to be configured as a target to scrape by Prometheus, using ### FIPS configuration in Bitnami Secure Images -The Bitnami Push Gateway Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Push Gateway Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pymilvus/README.md b/bitnami/pymilvus/README.md index 642b8a6f9b5f..da01192cd3ac 100644 --- a/bitnami/pymilvus/README.md +++ b/bitnami/pymilvus/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pymilvus bitnami/pymilvus ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ docker run -it --name pymilvus -v /path/to/app:/app bitnami/pymilvus \ ### FIPS configuration in Bitnami Secure Images -The Bitnami PyMilvus Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PyMilvus Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/python/README.md b/bitnami/python/README.md index 5374841c7e60..1a66fd57335b 100644 --- a/bitnami/python/README.md +++ b/bitnami/python/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name python bitnami/python ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -122,7 +117,7 @@ python: ### FIPS configuration in Bitnami Secure Images -The Bitnami Python Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Python Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/pytorch/README.md b/bitnami/pytorch/README.md index 47e1c84b5e79..a33881cb8ff5 100644 --- a/bitnami/pytorch/README.md +++ b/bitnami/pytorch/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name pytorch bitnami/pytorch ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -104,7 +99,7 @@ docker run -it --name pytorch -v /path/to/app:/app bitnami/pytorch \ ### FIPS configuration in Bitnami Secure Images -The Bitnami PyTorch Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami PyTorch Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/rabbitmq-cluster-operator/README.md b/bitnami/rabbitmq-cluster-operator/README.md index aada3ed218e8..dc2b8ad4dd61 100644 --- a/bitnami/rabbitmq-cluster-operator/README.md +++ b/bitnami/rabbitmq-cluster-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rabbitmq-cluster-operator bitnami/rabbitmq-cluster-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index 81e18c7c5389..fda2ea82271f 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -15,27 +15,22 @@ docker run --name rabbitmq bitnami/rabbitmq:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy RabbitMQ in Kubernetes? @@ -390,7 +385,7 @@ After that, your changes will be taken into account in the server's behaviour. ### FIPS configuration in Bitnami Secure Images -The Bitnami RabbitMQ Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami RabbitMQ Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/rails/README.md b/bitnami/rails/README.md index ee7ea998016a..5122c7e34c24 100644 --- a/bitnami/rails/README.md +++ b/bitnami/rails/README.md @@ -17,27 +17,22 @@ docker run --name rails bitnami/rails:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options for the [MariaDB container](https://github.com/bitnami/containers/blob/main/bitnami/mariadb#readme) for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -164,7 +159,7 @@ Following are a few examples of launching some commonly used Rails development c ### FIPS configuration in Bitnami Secure Images -The Bitnami Rails Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Rails Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/ray/README.md b/bitnami/ray/README.md index 6aa7c7e7fcdf..06277a608a95 100644 --- a/bitnami/ray/README.md +++ b/bitnami/ray/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name ray bitnami/ray ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ docker run -it --name ray -v /path/to/app:/app bitnami/ray \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Ray Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Ray Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/rclone/README.md b/bitnami/rclone/README.md index 0f8999a3abc6..e7b199e19382 100644 --- a/bitnami/rclone/README.md +++ b/bitnami/rclone/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rclone bitnami/rclone:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Check the [official rClone documentation](https://rclone.org/docs/) for a list o ### FIPS configuration in Bitnami Secure Images -The Bitnami rClone Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami rClone Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/redis-cluster/README.md b/bitnami/redis-cluster/README.md index 72e77c42d337..ae577c411f24 100644 --- a/bitnami/redis-cluster/README.md +++ b/bitnami/redis-cluster/README.md @@ -13,27 +13,22 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are docker run --name redis-cluster -e ALLOW_EMPTY_PASSWORD=yes bitnami/redis-cluster:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Redis(R) Cluster in Kubernetes? @@ -321,7 +316,7 @@ When the value of `REDIS_RDB_POLICY_DISABLED` is `no` (default value) the Redis( ### FIPS configuration in Bitnami Secure Images -The Bitnami Redis® Cluster Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Redis® Cluster Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/redis-exporter/README.md b/bitnami/redis-exporter/README.md index 01467350fb89..965b97ee9bca 100644 --- a/bitnami/redis-exporter/README.md +++ b/bitnami/redis-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name redis-exporter bitnami/redis-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -101,7 +96,7 @@ Find all the configuration flags in [the redis_exporter official documentation]( ### FIPS configuration in Bitnami Secure Images -The Bitnami Redis Exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Redis Exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/redis-sentinel/README.md b/bitnami/redis-sentinel/README.md index 5908c45e8b75..429cba50bf0b 100644 --- a/bitnami/redis-sentinel/README.md +++ b/bitnami/redis-sentinel/README.md @@ -15,27 +15,22 @@ docker run --name redis-sentinel -e REDIS_MASTER_HOST=redis bitnami/redis-sentin **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -224,7 +219,7 @@ Refer to the [Redis(R) configuration](https://redis.io/topics/config) manual for ### FIPS configuration in Bitnami Secure Images -The Bitnami Redis® Sentinel Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Redis® Sentinel Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/redis/README.md b/bitnami/redis/README.md index 1f0d6348455d..2fbe8483ac55 100644 --- a/bitnami/redis/README.md +++ b/bitnami/redis/README.md @@ -15,27 +15,22 @@ docker run --name redis -e ALLOW_EMPTY_PASSWORD=yes bitnami/redis:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Redis(R) in Kubernetes? @@ -625,7 +620,7 @@ When the value of `REDIS_RDB_POLICY_DISABLED` is `no` (default value) the Redis( ### FIPS configuration in Bitnami Secure Images -The Bitnami Redis® Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Redis® Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/redmine/README.md b/bitnami/redmine/README.md index 7799eb261aab..83eab189b206 100644 --- a/bitnami/redmine/README.md +++ b/bitnami/redmine/README.md @@ -15,27 +15,22 @@ docker run --name redmine bitnami/redmine:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Redmine in Kubernetes? @@ -342,7 +337,7 @@ In case the database already contains data from a previous Redmine installation, ### FIPS configuration in Bitnami Secure Images -The Bitnami Redmine Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Redmine Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/rmq-default-credential-updater/README.md b/bitnami/rmq-default-credential-updater/README.md index 570b13ac3f8f..f645007bafc9 100644 --- a/bitnami/rmq-default-credential-updater/README.md +++ b/bitnami/rmq-default-credential-updater/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rmq-default-credential-updater bitnami/rmq-default-credential-updater:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/rmq-messaging-topology-operator/README.md b/bitnami/rmq-messaging-topology-operator/README.md index 8dbd5ce6ffe6..e7645909f8f8 100644 --- a/bitnami/rmq-messaging-topology-operator/README.md +++ b/bitnami/rmq-messaging-topology-operator/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rmq-default-credential-updater bitnami/rmq-messaging-topology-operator:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/ruby/README.md b/bitnami/ruby/README.md index e27b780029fe..5d2a1d9a0d01 100644 --- a/bitnami/ruby/README.md +++ b/bitnami/ruby/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name ruby bitnami/ruby:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -165,7 +160,7 @@ Access your web server in the browser by navigating to `http://localhost:8080`. ### FIPS configuration in Bitnami Secure Images -The Bitnami Ruby Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Ruby Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/rust/README.md b/bitnami/rust/README.md index 12cb72f8916b..930fe89a0519 100644 --- a/bitnami/rust/README.md +++ b/bitnami/rust/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name rust bitnami/rust:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Check the [official Rust documentation](https://docs.cilium.io/en/stable/securit ### FIPS configuration in Bitnami Secure Images -The Bitnami Rust Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Rust Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/schema-registry/README.md b/bitnami/schema-registry/README.md index 369dc95b2d31..ae39933e3993 100644 --- a/bitnami/schema-registry/README.md +++ b/bitnami/schema-registry/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name schema-registry bitnami/schema-registry:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -169,7 +164,7 @@ schema-registry: ### FIPS configuration in Bitnami Secure Images -The Bitnami Confluent Schema Registry Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Confluent Schema Registry Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/scylladb/README.md b/bitnami/scylladb/README.md index 69d1346b2f59..839f3093ce87 100644 --- a/bitnami/scylladb/README.md +++ b/bitnami/scylladb/README.md @@ -15,27 +15,22 @@ docker run --name scylladb bitnami/scylladb:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -445,7 +440,7 @@ Refer to the [configuration](http://docs.datastax.com/en/scylladb/3.x/scylladb/c ### FIPS configuration in Bitnami Secure Images -The Bitnami ScyllaDB Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami ScyllaDB Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/sealed-secrets-controller/README.md b/bitnami/sealed-secrets-controller/README.md index fabad515d551..d2e89f079dfe 100644 --- a/bitnami/sealed-secrets-controller/README.md +++ b/bitnami/sealed-secrets-controller/README.md @@ -12,27 +12,22 @@ docker run --name sealed-secrets bitnami/sealed-secrets:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/sealed-secrets-kubeseal/README.md b/bitnami/sealed-secrets-kubeseal/README.md index c1b8d3cafc27..084932a1fd11 100644 --- a/bitnami/sealed-secrets-kubeseal/README.md +++ b/bitnami/sealed-secrets-kubeseal/README.md @@ -12,27 +12,22 @@ docker run --name sealed-secrets-kubeseal bitnami/sealed-secrets-kubeseal:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/seaweedfs/README.md b/bitnami/seaweedfs/README.md index d8d6937bf87d..b6255c9b8083 100644 --- a/bitnami/seaweedfs/README.md +++ b/bitnami/seaweedfs/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name seaweedfs bitnami/seaweedfs:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -83,7 +78,7 @@ Check the [official SeaweedFS documentation](https://seaweedfs.github.io) for mo ### FIPS configuration in Bitnami Secure Images -The Bitnami SeaweedFS Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami SeaweedFS Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/solr/README.md b/bitnami/solr/README.md index 874f03339c7a..de8078f500ac 100644 --- a/bitnami/solr/README.md +++ b/bitnami/solr/README.md @@ -15,27 +15,22 @@ docker run --name solr bitnami/solr:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -242,7 +237,7 @@ solr: ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Solr Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Solr Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/sonarqube/README.md b/bitnami/sonarqube/README.md index 26bab9aae7ea..47fc1ee2034c 100644 --- a/bitnami/sonarqube/README.md +++ b/bitnami/sonarqube/README.md @@ -15,27 +15,22 @@ docker run --name sonarqube bitnami/sonarqube:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -350,7 +345,7 @@ In case the database already contains data from a previous SonarQube™ inst ### FIPS configuration in Bitnami Secure Images -The Bitnami SonarQube™ Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami SonarQube™ Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/spark/README.md b/bitnami/spark/README.md index 335a99421726..a5d70c0cd6e7 100644 --- a/bitnami/spark/README.md +++ b/bitnami/spark/README.md @@ -17,27 +17,22 @@ docker run --name spark bitnami/spark:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Apache Spark in Kubernetes? @@ -249,7 +244,7 @@ $ pyspark ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Spark Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Spark Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/statsd-exporter/README.md b/bitnami/statsd-exporter/README.md index 09e25274a12d..3a05b58b6ba9 100644 --- a/bitnami/statsd-exporter/README.md +++ b/bitnami/statsd-exporter/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name statsd-exporter bitnami/statsd-exporter:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -83,7 +78,7 @@ Check the [official StatsD exporter documentation](https://github.com/prometheus ### FIPS configuration in Bitnami Secure Images -The Bitnami StatsD exporter Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami StatsD exporter Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/suitecrm/README.md b/bitnami/suitecrm/README.md index b896d7f8b661..ae68f65dfce4 100644 --- a/bitnami/suitecrm/README.md +++ b/bitnami/suitecrm/README.md @@ -15,27 +15,22 @@ docker run --name suitecrm bitnami/suitecrm:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -301,7 +296,7 @@ This would be an example of SMTP configuration using a Gmail account: ### FIPS configuration in Bitnami Secure Images -The Bitnami SuiteCRM Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami SuiteCRM Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/superset/README.md b/bitnami/superset/README.md index 0e338232122d..b749a76a758a 100644 --- a/bitnami/superset/README.md +++ b/bitnami/superset/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name superset bitnami/superset ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -95,7 +90,7 @@ docker run -it --name superset -v /path/to/app:/app bitnami/superset \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Superset Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Superset Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/telegraf/README.md b/bitnami/telegraf/README.md index 01ad917cf4ae..7561e95da6f5 100644 --- a/bitnami/telegraf/README.md +++ b/bitnami/telegraf/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name telegraf bitnami/telegraf:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Check the [official Telegraf documentation](https://docs.influxdata.com/telegraf ### FIPS configuration in Bitnami Secure Images -The Bitnami Telegraf ™ Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Telegraf ™ Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/tensorflow-resnet/README.md b/bitnami/tensorflow-resnet/README.md index f6d0ecf4b22f..94a020f4d174 100644 --- a/bitnami/tensorflow-resnet/README.md +++ b/bitnami/tensorflow-resnet/README.md @@ -18,27 +18,22 @@ curl -o resnet_50_classification_1.tar.gz https://storage.googleapis.com/tfhub-m tar xzf resnet_50_classification_1.tar.gz -C 1 ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -163,7 +158,7 @@ Tensorflow Resnet can be customized by specifying environment variables on the f ### FIPS configuration in Bitnami Secure Images -The Bitnami TensorFlow ResNet Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami TensorFlow ResNet Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/tensorflow-serving/README.md b/bitnami/tensorflow-serving/README.md index c3f2809354a7..aad4efd8e7d3 100644 --- a/bitnami/tensorflow-serving/README.md +++ b/bitnami/tensorflow-serving/README.md @@ -15,27 +15,22 @@ docker run --name tensorflow-serving bitnami/tensorflow-serving:latest You can find the available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -273,7 +268,7 @@ docker-compose restart tensorflow-serving ### FIPS configuration in Bitnami Secure Images -The Bitnami TensorFlow Serving Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami TensorFlow Serving Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/tensorflow/README.md b/bitnami/tensorflow/README.md index 8cbee74467ee..cd97d1d2a5d3 100644 --- a/bitnami/tensorflow/README.md +++ b/bitnami/tensorflow/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name tensorflow bitnami/tensorflow ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -103,7 +98,7 @@ docker run -it --name tensorflow -v /path/to/app:/app bitnami/tensorflow \ ### FIPS configuration in Bitnami Secure Images -The Bitnami Tensorflow Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Tensorflow Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/thanos/README.md b/bitnami/thanos/README.md index 086c558ff797..980d5e25bfe1 100644 --- a/bitnami/thanos/README.md +++ b/bitnami/thanos/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name thanos bitnami/thanos:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Thanos in Kubernetes? diff --git a/bitnami/tomcat/README.md b/bitnami/tomcat/README.md index 82014cb874c4..6502175de425 100644 --- a/bitnami/tomcat/README.md +++ b/bitnami/tomcat/README.md @@ -15,27 +15,22 @@ docker run --name tomcat bitnami/tomcat:latest You can find the default credentials and available configuration options in the [Environment Variables](#environment-variables) section. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Apache Apache Tomcat in Kubernetes? @@ -241,7 +236,7 @@ Refer to the [Apache Tomcat configuration](https://tomcat.apache.org/tomcat-7.0- ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache Tomcat Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache Tomcat Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/trivy/README.md b/bitnami/trivy/README.md index 15b1a752d08e..87027613730b 100644 --- a/bitnami/trivy/README.md +++ b/bitnami/trivy/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name trivy bitnami/trivy:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/valkey-cluster/README.md b/bitnami/valkey-cluster/README.md index e1032770770c..0a64038d1283 100644 --- a/bitnami/valkey-cluster/README.md +++ b/bitnami/valkey-cluster/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name valkey-cluster -e ALLOW_EMPTY_PASSWORD=yes bitnami/valkey-cluster:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Valkey Cluster in Kubernetes? @@ -321,7 +316,7 @@ When the value of `VALKEY_RDB_POLICY_DISABLED` is `no` (default value) the Valke ### FIPS configuration in Bitnami Secure Images -The Bitnami Valkey Cluster Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Valkey Cluster Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/valkey-sentinel/README.md b/bitnami/valkey-sentinel/README.md index 7c9a86100609..e95ce24c8f1c 100644 --- a/bitnami/valkey-sentinel/README.md +++ b/bitnami/valkey-sentinel/README.md @@ -15,27 +15,22 @@ docker run --name valkey-sentinel -e VALKEY_PRIMARY_HOST=valkey bitnami/valkey-s **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -221,7 +216,7 @@ docker restart valkey ### FIPS configuration in Bitnami Secure Images -The Bitnami Valkey Sentinel Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Valkey Sentinel Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/valkey/README.md b/bitnami/valkey/README.md index 12ef9290070e..4050ef5f630d 100644 --- a/bitnami/valkey/README.md +++ b/bitnami/valkey/README.md @@ -15,27 +15,22 @@ docker run --name valkey -e ALLOW_EMPTY_PASSWORD=yes bitnami/valkey:latest **Warning**: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Configuration](#configuration) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Valkey in Kubernetes? @@ -613,7 +608,7 @@ When the value of `VALKEY_RDB_POLICY_DISABLED` is `no` (default value) the Valke ### FIPS configuration in Bitnami Secure Images -The Bitnami Valkey Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Valkey Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/vault-csi-provider/README.md b/bitnami/vault-csi-provider/README.md index d2e9521a6af8..bed05e3920ff 100644 --- a/bitnami/vault-csi-provider/README.md +++ b/bitnami/vault-csi-provider/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault-csi-provider bitnami/vault-csi-provider ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official HashiCorp Vault CSI Provider documentation](https://github.c ### FIPS configuration in Bitnami Secure Images -The Bitnami HashiCorp Vault CSI Provider Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami HashiCorp Vault CSI Provider Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/vault-k8s/README.md b/bitnami/vault-k8s/README.md index 61b3a064e59c..3041b5eebcff 100644 --- a/bitnami/vault-k8s/README.md +++ b/bitnami/vault-k8s/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault-k8s bitnami/vault-k8s ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official HashiCorp Vault K8s Integration documentation](https://githu ### FIPS configuration in Bitnami Secure Images -The Bitnami HashiCorp Vault K8s Integration Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami HashiCorp Vault K8s Integration Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/vault/README.md b/bitnami/vault/README.md index 1296164c3122..44a2813f1632 100644 --- a/bitnami/vault/README.md +++ b/bitnami/vault/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name vault bitnami/vault ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official HashiCorp Vault documentation](https://www.vaultproject.io/) ### FIPS configuration in Bitnami Secure Images -The Bitnami HashiCorp Vault Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami HashiCorp Vault Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/victoriametrics-vmagent/README.md b/bitnami/victoriametrics-vmagent/README.md index ed01dcd93f47..543da9356cc6 100644 --- a/bitnami/victoriametrics-vmagent/README.md +++ b/bitnami/victoriametrics-vmagent/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmagent bitnami/victoriametrics-vmagent:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/victoriametrics-vmalert/README.md b/bitnami/victoriametrics-vmalert/README.md index 00624e7577bc..8d361111d7cb 100644 --- a/bitnami/victoriametrics-vmalert/README.md +++ b/bitnami/victoriametrics-vmalert/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmalert bitnami/victoriametrics-vmalert:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/victoriametrics-vmauth/README.md b/bitnami/victoriametrics-vmauth/README.md index e68d7bdc8023..615947c88935 100644 --- a/bitnami/victoriametrics-vmauth/README.md +++ b/bitnami/victoriametrics-vmauth/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmauth bitnami/victoriametrics-vmauth:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/victoriametrics-vminsert/README.md b/bitnami/victoriametrics-vminsert/README.md index cb44684d4649..e75960e287b5 100644 --- a/bitnami/victoriametrics-vminsert/README.md +++ b/bitnami/victoriametrics-vminsert/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vminsert bitnami/victoriametrics-vminsert:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/victoriametrics-vmselect/README.md b/bitnami/victoriametrics-vmselect/README.md index 0b52259c5f23..5d2240e5fa4b 100644 --- a/bitnami/victoriametrics-vmselect/README.md +++ b/bitnami/victoriametrics-vmselect/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmselect bitnami/victoriametrics-vmselect:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/victoriametrics-vmstorage/README.md b/bitnami/victoriametrics-vmstorage/README.md index a393d9889538..47e078f52942 100644 --- a/bitnami/victoriametrics-vmstorage/README.md +++ b/bitnami/victoriametrics-vmstorage/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name victoriametrics-vmstorage bitnami/victoriametrics-vmstorage:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links diff --git a/bitnami/volsync/README.md b/bitnami/volsync/README.md index 2b41a8708954..eb6256af51c0 100644 --- a/bitnami/volsync/README.md +++ b/bitnami/volsync/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name volsync bitnami/volsync:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -79,7 +74,7 @@ Read the [official VolSync documentation](https://volsync.readthedocs.io/en/stab ### FIPS configuration in Bitnami Secure Images -The Bitnami VolSync Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami VolSync Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/whereabouts/README.md b/bitnami/whereabouts/README.md index 5042c5b3d893..1995862bf177 100644 --- a/bitnami/whereabouts/README.md +++ b/bitnami/whereabouts/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name whereabouts bitnami/whereabouts ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Supported tags and respective `Dockerfile` links @@ -105,7 +100,7 @@ Check the [official Whereabouts documentation](https://github.com/k8snetworkplum ### FIPS configuration in Bitnami Secure Images -The Bitnami Whereabouts Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Whereabouts Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/wildfly/README.md b/bitnami/wildfly/README.md index cda7f2503422..6fc8d5d8a087 100644 --- a/bitnami/wildfly/README.md +++ b/bitnami/wildfly/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name wildfly bitnami/wildfly:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy WildFly in Kubernetes? @@ -277,7 +272,7 @@ After that, your changes will be taken into account in the server's behaviour. ### FIPS configuration in Bitnami Secure Images -The Bitnami WildFly Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami WildFly Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/wordpress-nginx/README.md b/bitnami/wordpress-nginx/README.md index 9642c64450ac..da3c2dc41921 100644 --- a/bitnami/wordpress-nginx/README.md +++ b/bitnami/wordpress-nginx/README.md @@ -14,27 +14,22 @@ docker run --name wordpress-nginx bitnami/wordpress-nginx:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -378,7 +373,7 @@ In case the database already contains data from a previous WordPress installatio ### FIPS configuration in Bitnami Secure Images -The Bitnami WordPress with NGINX Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami WordPress with NGINX Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/wordpress/README.md b/bitnami/wordpress/README.md index 3b6d857b513d..ed5aba3c8413 100644 --- a/bitnami/wordpress/README.md +++ b/bitnami/wordpress/README.md @@ -14,27 +14,22 @@ docker run --name wordpress bitnami/wordpress:latest **Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment. -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy WordPress in Kubernetes? @@ -382,7 +377,7 @@ In case the database already contains data from a previous WordPress installatio ### FIPS configuration in Bitnami Secure Images -The Bitnami WordPress Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami WordPress Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/zipkin/README.md b/bitnami/zipkin/README.md index a33f1200071d..368d7833c987 100644 --- a/bitnami/zipkin/README.md +++ b/bitnami/zipkin/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run -it --name zipkin bitnami/zipkin ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## Why use a non-root container? @@ -91,7 +86,7 @@ Read the [official Zipkin documentation](https://zipkin.io/pages/quickstart.html ### FIPS configuration in Bitnami Secure Images -The Bitnami Zipkin Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Zipkin Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`. diff --git a/bitnami/zookeeper/README.md b/bitnami/zookeeper/README.md index d90ea9d47cc1..37a925de6965 100644 --- a/bitnami/zookeeper/README.md +++ b/bitnami/zookeeper/README.md @@ -13,27 +13,22 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema docker run --name zookeeper bitnami/zookeeper:latest ``` -## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog - -Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: - -- Granting community users access for the first time to security-optimized versions of popular container images. -- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes -- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. -- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. - -These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). - ## Why use Bitnami Secure Images? -- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. -- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. -- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. -- Stay more secure and compliant with continuously built images updated within hours of upstream patches. -- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. +Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise [OS Photon Linux](https://vmware.github.io/photon/). Why choose BSI images? -Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). +- Hardened secure images of popular open source software with Near-Zero Vulnerabilities +- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores +- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM) +- Software supply chain provenance attestation through in-toto +- First class support for the internet’s favorite Helm charts + +Each image comes with valuable security metadata. You can view the metadata in [our public catalog here](https://app-catalog.vmware.com/bitnami/apps). Note: Some data is only available with [commercial subscriptions to BSI](https://bitnami.com/). + +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%201.png?raw=true "Application details") +![Alt text](https://github.com/bitnami/containers/blob/main/BSI%20UI%202.png?raw=true "Packaging report") + +If you are looking for our previous generation of images based on Debian Linux, please see the [Bitnami Legacy registry](https://hub.docker.com/u/bitnamilegacy). ## How to deploy Apache ZooKeeper in Kubernetes? @@ -484,7 +479,7 @@ services: ### FIPS configuration in Bitnami Secure Images -The Bitnami Apache ZooKeeper Docker image from the [Bitnami Secure Images](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: +The Bitnami Apache ZooKeeper Docker image from the [Bitnami Secure Images](https://go-vmware.broadcom.com/contact-us) catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables: - `OPENSSL_FIPS`: whether OpenSSL runs in FIPS mode or not. `yes` (default), `no`.