From 428df8c6d2e941bf19e2bf4f902f087a8d478a7a Mon Sep 17 00:00:00 2001 From: David Gomez Date: Tue, 25 Nov 2025 11:56:55 +0100 Subject: [PATCH] [bitnami/php-fpm] Branch 8.5 is the LTS (#88562) Signed-off-by: David Gomez --- bitnami/php-fpm/8.4/README.md | 10 ++++ bitnami/php-fpm/8.4/debian-12/Dockerfile | 56 ------------------- .../php-fpm/8.4/debian-12/docker-compose.yml | 11 ---- .../opt/bitnami/licenses/licenses.txt | 2 - .../prebuildfs/usr/sbin/install_packages | 27 --------- .../debian-12/prebuildfs/usr/sbin/run-script | 24 -------- .../prebuildfs/usr/sbin/uninstall_packages | 26 --------- 7 files changed, 10 insertions(+), 146 deletions(-) create mode 100644 bitnami/php-fpm/8.4/README.md delete mode 100644 bitnami/php-fpm/8.4/debian-12/Dockerfile delete mode 100644 bitnami/php-fpm/8.4/debian-12/docker-compose.yml delete mode 100644 bitnami/php-fpm/8.4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt delete mode 100755 bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/install_packages delete mode 100755 bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/run-script delete mode 100755 bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/uninstall_packages diff --git a/bitnami/php-fpm/8.4/README.md b/bitnami/php-fpm/8.4/README.md new file mode 100644 index 000000000000..04c96f8c1d98 --- /dev/null +++ b/bitnami/php-fpm/8.4/README.md @@ -0,0 +1,10 @@ +# ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog + +Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition: + +- Granting community users access for the first time to security-optimized versions of popular container images. +- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes +- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates. +- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support. + +These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). diff --git a/bitnami/php-fpm/8.4/debian-12/Dockerfile b/bitnami/php-fpm/8.4/debian-12/Dockerfile deleted file mode 100644 index 90efff3f23f0..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bookworm - -ARG DOWNLOADS_URL="downloads.bitnami.com/files/stacksmith" -ARG TARGETARCH - -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-11-20T20:05:36Z" \ - org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ - org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/php-fpm/README.md" \ - org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/php-fpm" \ - org.opencontainers.image.title="php-fpm" \ - org.opencontainers.image.vendor="Broadcom, Inc." \ - org.opencontainers.image.version="8.4.15" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-12" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcurl4 libexpat1 libffi8 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhashkit2 libhogweed6 libicu72 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.5-0 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpcre2-8-0 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl3 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libwebp7 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 libzstd1 procps zlib1g -RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ - DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ - mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ - COMPONENTS=( \ - "php-8.4.15-2-linux-${OS_ARCH}-debian-12" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://${DOWNLOADS_URL}/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -ENV APP_VERSION="8.4.15" \ - BITNAMI_APP_NAME="php-fpm" \ - IMAGE_REVISION="2" \ - PATH="/opt/bitnami/php/bin:/opt/bitnami/php/sbin:$PATH" - -EXPOSE 9000 - -WORKDIR /app -CMD [ "php-fpm", "-F", "--pid", "/opt/bitnami/php/tmp/php-fpm.pid", "-y", "/opt/bitnami/php/etc/php-fpm.conf" ] diff --git a/bitnami/php-fpm/8.4/debian-12/docker-compose.yml b/bitnami/php-fpm/8.4/debian-12/docker-compose.yml deleted file mode 100644 index 1a27a0b2be58..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/docker-compose.yml +++ /dev/null @@ -1,11 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -services: - php: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/php:8.4 - ports: - - 9000:9000 - volumes: - - .:/app diff --git a/bitnami/php-fpm/8.4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/php-fpm/8.4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/install_packages b/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index ccce248b2d14..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/run-script b/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 0e07c9038dfd..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/uninstall_packages b/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/uninstall_packages deleted file mode 100755 index 615c430e4e68..000000000000 --- a/bitnami/php-fpm/8.4/debian-12/prebuildfs/usr/sbin/uninstall_packages +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get autoremove --purge -y "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives